File security through obscurity is supported

modules/Documents/views/FilePreview.php

@@ -41,10 +41,11 @@ class Documents_FilePreview_View extends Vtiger_IndexAjax_View {
 		if (!empty ($fileDetails)) {
 			$filePath = $fileDetails['path'];
 			$fileName = $fileDetails['name'];
+            $storedFileName = $fileDetails['storedname'];
 
 			if ($recordModel->get('filelocationtype') == 'I') {
 				$fileName = html_entity_decode($fileName, ENT_QUOTES, vglobal('default_charset'));
-				$savedFile = $fileDetails['attachmentsid']."_".Vtiger_Util_Helper::getEncryptedFileName($fileName);
+				$savedFile = $fileDetails['attachmentsid']."_".$storedFileName;
 
 				$fileSize = filesize($filePath.$savedFile);
 				$fileSize = $fileSize + ($fileSize % 1024);

modules/Vtiger/models/Record.php

@@ -601,7 +601,7 @@ class Vtiger_Record_Model extends Vtiger_Base_Model {
 				header("Content-type: ".$fileDetails['type']);
 				header("Pragma: public");
 				header("Cache-Control: private");
-				header("Content-Disposition: attachment; filename=\"$savedFile\"");
+				header("Content-Disposition: attachment; filename=\"$fileName\"");
 				header("Content-Description: PHP Generated Data");
 				header("Content-Encoding: none");
 			}

pkg/vtiger/modules/ModComments/modules/ModComments/views/FilePreview.php

@@ -36,8 +36,9 @@ class ModComments_FilePreview_View extends Vtiger_IndexAjax_View {
 		if (!empty($fileDetails)) {
 			$filePath = $fileDetails['path'];
 			$fileName = $fileDetails['name'];
+            $storedFileName = $fileDetails['storedname'];
 			$fileName = html_entity_decode($fileName, ENT_QUOTES, vglobal('default_charset'));
-			$savedFile = $fileDetails['attachmentsid']."_".Vtiger_Util_Helper::getEncryptedFileName($fileName);
+			$savedFile = $fileDetails['attachmentsid']."_".$storedFileName;
 
 			$fileSize = filesize($filePath.$savedFile);
 			$fileSize = $fileSize + ($fileSize % 1024);