From 20ede24957784d0afdd4d6a9a376ca7e53e57d1a Mon Sep 17 00:00:00 2001
From: Ralf Becker <ralfbecker@outdoor-training.de>
Date: Fri, 9 Oct 2015 18:04:40 +0000
Subject: [PATCH] fix CalDAVTester failure: managed-attachments: Simple
 non-recurring, non-scheduled update attachment: Test 4: rename of attachment
 via Content-Disposition:filename=

---
 phpgwapi/inc/class.groupdav.inc.php | 13 +++++++++++++
 1 file changed, 13 insertions(+)

diff --git a/phpgwapi/inc/class.groupdav.inc.php b/phpgwapi/inc/class.groupdav.inc.php
index 84c2040672..445c6a7bea 100644
--- a/phpgwapi/inc/class.groupdav.inc.php
+++ b/phpgwapi/inc/class.groupdav.inc.php
@@ -1304,6 +1304,19 @@ class groupdav extends HTTP_WebDAV_Server
 				}
 				else
 				{
+					// check for rename of attachment via Content-Disposition:filename=
+					if (isset($this->_SERVER['HTTP_CONTENT_DISPOSITION']) &&
+						substr($this->_SERVER['HTTP_CONTENT_DISPOSITION'], 0, 10) === 'attachment' &&
+						preg_match('/filename="?([^";]+)/', $this->_SERVER['HTTP_CONTENT_DISPOSITION'], $matches) &&
+						($filename = egw_vfs::basename($matches[1])) != egw_vfs::basename($path))
+					{
+						$old_path = $path;
+						if (!egw_vfs::rename($old_path, $path = egw_vfs::concat(egw_vfs::dirname($path), $filename)))
+						{
+							self::xml_error(self::mkprop(self::CALDAV, 'valid-managed-id-parameter', ''));
+							return '403 Forbidden';
+						}
+					}
 					if (!($to = egw_vfs::fopen($path, 'w')) ||
 						isset($options['stream']) && ($copied=stream_copy_to_stream($options['stream'], $to)) === false ||
 						isset($options['content']) && ($copied=fwrite($to, $options['content'])) === false)