diff -r 8aca18c0da85 -r bb98a0de3bfd web/event_process.php
--- a/web/event_process.php	Wed Nov 27 13:23:08 2013 +0100
+++ b/web/event_process.php	Wed Nov 27 16:36:10 2013 +0100
@@ -34,43 +34,13 @@
     $zip->addEmptyDir("$event_title/images");
     foreach ($files as $key => $file_desc) {
     	if($file_desc['size']>0) {
-            $zip->addFile($file_desc['tmp_name'], "$event_title/images/".$file_desc['name']);
+            $zip->addFile($file_desc['tmp_name'], "$event_title/images/".sanitize_filename($file_desc['name']));
     	}
     }
     
     return $zip->close();
 }
 
-/**
- * Modifies a string to remove all non ASCII characters and spaces.
- */
-function slugify($text)
-{
-	// replace non letter or digits by -
-	$text = preg_replace('~[^\\pL\d]+~u', '-', $text);
-
-	// trim
-	$text = trim($text, '-');
-
-	// transliterate
-	if (function_exists('iconv'))
-	{
-		$text = iconv('utf-8', 'us-ascii//TRANSLIT', $text);
-	}
-
-	// lowercase
-	$text = strtolower($text);
-
-	// remove unwanted characters
-	$text = preg_replace('~[^-\w]+~', '', $text);
-
-	if (empty($text))
-	{
-		return 'n-a';
-	}
-
-	return $text;
-}
 
 ?>
 
@@ -150,7 +120,7 @@
 		}
 		
 		foreach ($_FILES as $key => $value) {
-			$config_values[$key] = "images/".basename($value['name']);
+			$config_values[$key] = "images/".sanitize_filename(basename($value['name']));
 		}
 		
 		$event_title = slugify($config_values['title']);