Merge branch 'master' of vc.linet-services.de:public/lx-office-erp

[kivitendo-erp.git] / SL / AM.pm

diff --git a/SL/AM.pm b/SL/AM.pm
index 70f56f9..b2730ce 100644 (file)
--- a/SL/AM.pm
+++ b/SL/AM.pm
@@ -965,7 +965,9 @@ sub prepare_template_filename {
     }
 
     $filename .= "." . ($form->{format} eq "html" ? "html" : "tex");
-    $filename =~ s|.*/||;
+    if ($form->{"formname"} =~ m|\.\.| || $form->{"formname"} =~ m|^/|) {
+      $filename =~ s|.*/||;
+    }
     $display_filename = $filename;
     $filename = "$myconfig->{templates}/$filename";
   }