From 08ce435c7cb11060b802e9cb775df323368f4be0 Mon Sep 17 00:00:00 2001
From: Dennis Eichhorn <spl1nnes.com@googlemail.com>
Date: Thu, 25 May 2023 10:21:49 +0000
Subject: [PATCH] imrpove code

---
 Models/UploadFile.php | 19 +++++++++++--------
 1 file changed, 11 insertions(+), 8 deletions(-)

diff --git a/Models/UploadFile.php b/Models/UploadFile.php
index 3a846ca..960f8fb 100755
--- a/Models/UploadFile.php
+++ b/Models/UploadFile.php
@@ -249,18 +249,21 @@ class UploadFile
         $limit    = -1;
         $fileName = '';
 
-        $nameWithoutExtension = empty($tempName) ? '' : \substr($tempName, 0, -\strlen($extension) - 1);
+        $nameWithoutExtension = empty($tempName)
+            ? ''
+            : (empty($extension)
+                ? $tempName
+                : \substr($tempName, 0, -\strlen($extension) - 1)
+            );
 
         do {
             ++$limit;
-            $sha = empty($nameWithoutExtension) ? \sha1($tempName . $rnd) : $nameWithoutExtension . (empty($rnd) ? '' : '_' . $rnd);
+            $tempName = empty($nameWithoutExtension)
+                ? \sha1($tempName . $rnd)
+                : $nameWithoutExtension . (empty($rnd) ? '' : '_' . $rnd);
 
-            if ($sha === false) {
-                throw new \Exception('No file path could be found. Potential attack!');
-            }
-
-            $sha     .= '.' . $extension;
-            $fileName = $sha;
+            $tempName .= !empty($extension) ? '.' . $extension : '';
+            $fileName = $tempName;
             $rnd      = (string) \mt_rand();
         } while (\is_file($path . '/' . $fileName) && $limit < self::PATH_GENERATION_LIMIT);