From a2504882be0d32934ee65536f2d8b6f8df2f72f8 Mon Sep 17 00:00:00 2001
From: phl0 <github@florian-wolters.de>
Date: Mon, 13 May 2024 16:39:31 +0200
Subject: [PATCH] Strip full path from upload filename

---
 application/controllers/Lotw.php | 8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)

diff --git a/application/controllers/Lotw.php b/application/controllers/Lotw.php
index cb30b8ba..64a46544 100644
--- a/application/controllers/Lotw.php
+++ b/application/controllers/Lotw.php
@@ -300,20 +300,22 @@ class Lotw extends CI_Controller {
 				//If the function curl_file_create exists
 				if(function_exists('curl_file_create')){
 					//Use the recommended way, creating a CURLFile object.
-					$filePath = curl_file_create($filePath);
+					$uploadfile = curl_file_create($filePath);
+					$uploadfile->setPostFilename(basename($filePath));
 				} else{
 					//Otherwise, do it the old way.
 					//Get the canonicalized pathname of our file and prepend
 					//the @ character.
-					$filePath = '@' . realpath($filePath);
+					$uploadfile = '@' . realpath($filePath).';filename='.basename($filePath);
 					//Turn off SAFE UPLOAD so that it accepts files
 					//starting with an @
 					curl_setopt($ch, CURLOPT_SAFE_UPLOAD, false);
 				}
 
+
 				//Setup our POST fields
 				$postFields = array(
-					$uploadFieldName => $filePath
+					$uploadFieldName => $uploadfile
 				);
 
 				curl_setopt($ch, CURLOPT_POSTFIELDS, $postFields);