fix: file uploader not always working (#94)

Author: NiclasNorin

source/php/Submission.php

@@ -270,6 +270,9 @@ public static function uploadFiles($fileslist, $formId)
         $fileslist = self::sanitizeFilesList($fileslist);
 
         foreach ($fileslist as $key => $files) {
+            // Sanitizes the key to the field name (ex. removes id-1-)
+            $sanitizedKey = preg_replace('/id-\d+-/', '', $key);
+
             if (!is_array($files['name'])) {
                 $files = self::convertItemToArray($files);
             }
@@ -278,31 +281,29 @@ public static function uploadFiles($fileslist, $formId)
                 $fileName = pathinfo((string)$files['name'][$i], PATHINFO_FILENAME);
                 $fileext = strtolower(pathinfo((string)$files['name'][$i], PATHINFO_EXTENSION));
 
-
                 //Validate that image is in correct format
-                if (in_array('image/*', $fields[$key]['filetypes'])) {
-                    $fields[$key]['filetypes'] = array_unique(array_merge($fields[$key]['filetypes'], $allowedImageTypes));
+                if (in_array('image/*', $fields[$sanitizedKey]['filetypes'])) {
+                    $fields[$sanitizedKey]['filetypes'] = array_unique(array_merge($fields[$sanitizedKey]['filetypes'], $allowedImageTypes));
                 }
 
                 //Validate that video is in correct format
-                if (in_array('video/*', $fields[$key]['filetypes'])) {
-                    $fields[$key]['filetypes'] = array_unique(array_merge($fields[$key]['filetypes'], $allowedVideoTypes));
+                if (in_array('video/*', $fields[$sanitizedKey]['filetypes'])) {
+                    $fields[$sanitizedKey]['filetypes'] = array_unique(array_merge($fields[$sanitizedKey]['filetypes'], $allowedVideoTypes));
                 }
 
 
                 //Not a valid filetype at all
-                if (!in_array('.' . $fileext, $fields[$key]['filetypes'])) {
+                if (!in_array('.' . $fileext, $fields[$sanitizedKey]['filetypes'])) {
                     error_log('Filetype not allowed');
                     $uploaded['error'] = true;
                     $uploaded['errorData'] = new \WP_Error('filetype-not-allowed', __('Filetype not allowed', 'modularity-form-builder'));
                     continue;
                 }
 
-
                 $encryptionConfigDefined = defined('ENCRYPT_SECRET_VI') && defined('ENCRYPT_SECRET_KEY') && defined('ENCRYPT_METHOD');
 
                 //Encrypt file if encryption is enabled
-                if (get_option('options_mod_form_crypt') && empty($fields[$key]['upload_videos_external']) && $encryptionConfigDefined) {
+                if (get_option('options_mod_form_crypt') && empty($fields[$sanitizedKey]['upload_videos_external']) && $encryptionConfigDefined) {
                     $encrypted = file_put_contents(
                         $files['tmp_name'][$i],
                         \ModularityFormBuilder\App::encryptDecryptFile(
@@ -397,7 +398,7 @@ public static function maybeCreateFolder(string $path): string
     public function getMailDownloadLink($filePath)
     {
         //Check if encrypted
-        if (strpos($filePath, sanitize_file_name("-enc-" . ENCRYPT_METHOD)) !== false) {
+        if (defined('ENCRYPT_METHOD') && strpos($filePath, sanitize_file_name("-enc-" . ENCRYPT_METHOD)) !== false) {
             return home_url("/") . '?modFormDownloadEncFilePublic=' . urlencode(basename($filePath)) . '&token=' . $this->createToken($filePath);
         }