Fixed issue: Downloading a single file from response does not work on…

… Winwdows
LimeSurvey · Feb 1, 2022 · 8cba6b3 · 8cba6b3
1 parent aa8f4df
commit 8cba6b3
Showing 1 changed file with 1 addition and 1 deletion.
diff --git a/application/controllers/ResponsesController.php b/application/controllers/ResponsesController.php
@@ -629,7 +629,7 @@ public function actionDownloadfile(int $surveyId, int $responseId, int $qid, int
             if (isset($aQuestionFiles[$index])) {
                 $aFile = $aQuestionFiles[$index];
                 // Real path check from here: https://stackoverflow.com/questions/4205141/preventing-directory-traversal-in-php-but-allowing-paths
-                $sDir = Yii::app()->getConfig('uploaddir') . "/surveys/" . $surveyId . "/files/";
+                $sDir = Yii::app()->getConfig('uploaddir') . DIRECTORY_SEPARATOR . "surveys" . DIRECTORY_SEPARATOR . $surveyId . DIRECTORY_SEPARATOR."files" . DIRECTORY_SEPARATOR;
                 $sFileRealName = $sDir . $aFile['filename'];
                 $sRealUserPath = realpath($sFileRealName);
                 if ($sRealUserPath === false || strpos($sRealUserPath, $sDir) !== 0) {