From 359fa59fb3449b775112923d69144847450b5c2f Mon Sep 17 00:00:00 2001
From: Ryan Boren <ryan@git.wordpress.org>
Date: Tue, 28 Nov 2006 22:03:19 +0000
Subject: [PATCH] xmlrpc filename sanitation. Props donncha. fixes #3395

git-svn-id: https://develop.svn.wordpress.org/trunk@4537 602fd350-edb4-49c9-b593-d223f7449a82
---
 xmlrpc.php | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/xmlrpc.php b/xmlrpc.php
index 569f9b0c76..a8a7fe4902 100644
--- a/xmlrpc.php
+++ b/xmlrpc.php
@@ -817,7 +817,7 @@ class wp_xmlrpc_server extends IXR_Server {
 		$user_pass   = $wpdb->escape($args[2]);
 		$data        = $args[3];
 
-		$name = $data['name'];
+		$name = sanitize_file( $data['name'] );
 		$type = $data['type'];
 		$bits = $data['bits'];
 
@@ -841,7 +841,7 @@ class wp_xmlrpc_server extends IXR_Server {
 			logIO('O', '(MW) Could not write file '.$name);
 			return new IXR_Error(500, 'Could not write file '.$name);
 		}
-		return apply_filters( 'wp_handle_upload', array( 'file' => $name, 'url' => $upload[ 'url' ], 'type' => $type ) );
+		return apply_filters( 'wp_handle_upload', array( 'file' => $upload[ 'file' ], 'url' => $upload[ 'url' ], 'type' => $type ) );
 	}