b74fd71d67
* the previous one could allow a SQL injection, since the `opts.filetype` value came straight from the browser * this more precise regex match will not produce spurious matches (which were very unlikely, true, but still, let's be precise) (`video/movingimages` would have matched `%image%`!)