Index: branches/5.0.x/core/kernel/utility/formatters/upload_formatter.php
===================================================================
diff -u -N -r12202 -r12679
--- branches/5.0.x/core/kernel/utility/formatters/upload_formatter.php	(.../upload_formatter.php)	(revision 12202)
+++ branches/5.0.x/core/kernel/utility/formatters/upload_formatter.php	(.../upload_formatter.php)	(revision 12679)
@@ -1,6 +1,6 @@
 <?php
 /**
-* @version	$Id: upload_formatter.php 12202 2009-08-05 16:52:45Z dmitrya $
+* @version	$Id: upload_formatter.php 12679 2009-10-10 11:36:46Z alex $
 * @package	In-Portal
 * @copyright	Copyright (C) 1997 - 2009 Intechnic. All rights reserved.
 * @license      GNU/GPL
@@ -89,7 +89,7 @@
 
 			for ($i=0; $i<min($max_files, count($swf_uploaded_ids)); $i++) {
 				$real_name = $swf_uploaded_names[$i];
-				$real_name = $this->ValidateFileName($this->FullPath, $real_name, $files2delete);
+				$real_name = $this->_ensureUniqueFilename($this->FullPath, $real_name, $files2delete);
 				$file_name = $this->FullPath.$real_name;
 
 				$tmp_file = WRITEABLE . '/tmp/' . $swf_uploaded_ids[$i].'_'.$swf_uploaded_names[$i];
@@ -127,7 +127,7 @@
 					$object->SetError($field_name, 'cant_save_file', 'la_error_cant_save_file');
 				}
 				else {
-					$real_name = $this->ValidateFileName($this->FullPath, $value['name']);
+					$real_name = $this->_ensureUniqueFilename($this->FullPath, $value['name']);
 					$file_name = $this->FullPath.$real_name;
 					if (!move_uploaded_file($value['tmp_name'], $file_name)) {
 						$object->SetError($field_name, 'cant_save_file', 'la_error_cant_save_file');
@@ -283,21 +283,30 @@
 		return sprintf($format, $value);
 	}
 
-	function ValidateFileName($path, $name, $forbidden_names = Array())
+	/**
+	 * Ensures, that uploaded file will not overwrite any of previously uploaded files with same name
+	 *
+	 * @param string $path
+	 * @param string $name
+	 * @param Array $forbidden_names
+	 * @return string
+	 */
+	function _ensureUniqueFilename($path, $name, $forbidden_names = Array())
 	{
 		$parts = pathinfo($name);
-		$ext = '.'.$parts['extension'];
+		$ext = '.' . $parts['extension'];
 		$filename = mb_substr($parts['basename'], 0, -mb_strlen($ext));
-		$new_name = $filename.$ext;
-		while ( file_exists($path.'/'.$new_name) || in_array(rtrim($path, '/').'/'.$new_name, $forbidden_names) )
-		{
-	   		if ( preg_match('/('.preg_quote($filename, '/').'_)([0-9]*)('.preg_quote($ext, '/').')/', $new_name, $regs) ) {
-					$new_name = $regs[1].($regs[2]+1).$regs[3];
-				}
-				else {
-					$new_name = $filename.'_1'.$ext;
-				}
+		$new_name = $filename . $ext;
+
+		while (file_exists($path . '/' . $new_name) || in_array(rtrim($path, '/') . '/' . $new_name, $forbidden_names)) {
+	   		if (preg_match('/(' . preg_quote($filename, '/') . '_)([0-9]*)(' . preg_quote($ext, '/') . ')/', $new_name, $regs)) {
+				$new_name = $regs[1] . ($regs[2] + 1) . $regs[3];
+			}
+			else {
+				$new_name = $filename . '_1' . $ext;
+			}
 		}
+
 		return $new_name;
 	}