From 11ffdac203a465199a93b3a96b305a7129c6671c Mon Sep 17 00:00:00 2001
From: Tina_Azure <->
Date: Wed, 27 Sep 2023 16:34:13 +0200
Subject: [PATCH] fix decode encoded request data

---
 src/main.cpp | 20 ++++++++++++++------
 1 file changed, 14 insertions(+), 6 deletions(-)

diff --git a/src/main.cpp b/src/main.cpp
index d9cedd8..765f593 100644
--- a/src/main.cpp
+++ b/src/main.cpp
@@ -1231,9 +1231,11 @@ int main(int argc, char *argv[]) {
             ([&, configuration](const crow::request& getRequest, const string& fileName) {
                 auto& cookieCtx = app.get_context<crow::CookieParser>(getRequest);
                 crow::mustache::context ctx;
+                string decodedFileName = fileName;
+                Utilities::decodeString(decodedFileName);
                 if (Utilities::checkCookieLoginState(configuration, cookieCtx)) {
-                    ctx = Utilities::getFreelancerSubmissionLinks(configuration, cookieCtx.get_cookie(COOKIE_FREELANCER_EMAIL), fileName);
-                    ctx["filename"] = fileName;
+                    ctx = Utilities::getFreelancerSubmissionLinks(configuration, cookieCtx.get_cookie(COOKIE_FREELANCER_EMAIL), decodedFileName);
+                    ctx["filename"] = decodedFileName;
                     ctx["domain"] = configuration.domain;
 
                     ctx[MUSTACHE_COOKIE_LOGGED_IN] = true;
@@ -1250,11 +1252,16 @@ int main(int argc, char *argv[]) {
                 auto& cookieCtx = app.get_context<crow::CookieParser>(getRequest);
                 crow::mustache::context ctx;
                 if (Utilities::checkCookieLoginState(configuration, cookieCtx)) {
+                    string decodedAliasName = aliasName;
+                    Utilities::decodeString(decodedAliasName);
+                    string decodedFileName = fileName;
+                    Utilities::decodeString(decodedFileName);
+
                     string formatedAlias = to_string(freelancerID);
                     formatedAlias.append("/");
-                    formatedAlias.append(aliasName);
-                    Utilities::deleteFreelancerSubmissionAlias(configuration, formatedAlias, fileName, cookieCtx.get_cookie(COOKIE_FREELANCER_EMAIL));
-                    ctx["filename"] = fileName;
+                    formatedAlias.append(decodedAliasName);
+                    Utilities::deleteFreelancerSubmissionAlias(configuration, formatedAlias, decodedFileName, cookieCtx.get_cookie(COOKIE_FREELANCER_EMAIL));
+                    ctx["filename"] = decodedFileName;
                     ctx[MUSTACHE_COOKIE_LOGGED_IN] = true;
                 }
                 auto page = crow::mustache::load(TEMPLATE_FREELANCER_SUBMISSION_MANAGEMENT_VIEW_LINK_DELETE_FULFILMENT);
@@ -1358,8 +1365,9 @@ int main(int argc, char *argv[]) {
                         aliasName.append(alias);
                         ctx["submissionLink"] = configuration.domain + "/commissionSubmission/" + aliasName;
                         string decodedFileName = fileName;
+                        Utilities::replaceString(decodedFileName, "+", " ");
                         Utilities::decodeString(decodedFileName);
-                        if(Database::executePreparedStatement_INSERT_FREELANCER_FILE_SUBMISSION_ALIAS(databaseConnection, stoi(freelancerID), fileName, aliasName) > 0)
+                        if(Database::executePreparedStatement_INSERT_FREELANCER_FILE_SUBMISSION_ALIAS(databaseConnection, stoi(freelancerID), decodedFileName, aliasName) > 0)
                             ctx[MUSTACHE_FREELANCER_SUBMISSION_ALIAS_ERROR_INVALID] = true;
                     }
                     else {