fix: Fixed several issues with the template file uploads, fixes #1743

- Bug with uploading attachments as described in the issue
  - move from pass by reference for a loop was still lacking the correct selector to update the array element instead of the loop's copy
  - attachment uploader tried to base64 the file-name instead of the file-data and store it as the attachment

- Fix to an unrelated bug that didn't encrypt malicious files when going through the template uploader

app/Controller/TemplatesController.php

@@ -330,10 +330,14 @@ class TemplatesController extends AppController {
 						$file = new File(APP . 'tmp/files/' . $attribute['data']);
 						$content = $file->read();
 						$attributes[$k]['data'] = base64_encode($content);
+						if ($this->Event->Attribute->typeIsMalware($attributes[$k]['type'])) {
+							$hashes = $this->Event->Attribute->handleMaliciousBase64($event_id, explode('|', $attributes[$k]['value'])[0], $attributes[$k]['data'], array('md5'));
+							$attributes[$k]['data'] = $hashes['data'];
+						}
 						$file->delete();
 					}
 					$this->Attribute->create();
-					if (!$this->Attribute->save(array('Attribute' => $attribute))) $fails++;
+					if (!$this->Attribute->save(array('Attribute' => $attributes[$k]))) $fails++;
 				}
 				$count = isset($k) ? $k + 1 : 0;
 				$event = $this->Event->find('first', array(
@@ -385,7 +389,6 @@ class TemplatesController extends AppController {
 			} else {
 				$this->set('upload_error', false);
 			}
-
 			$this->set('result', $result);
 			$this->set('filenames', $filenames);
 			$this->set('fileArray', json_encode($fileArray));