diff --git a/wp-admin/upload.php b/wp-admin/upload.php
index e7025bda07..56b7a8dbc6 100644
--- a/wp-admin/upload.php
+++ b/wp-admin/upload.php
@@ -80,15 +80,15 @@ case 'upload':
 
 <?php //Makes sure they choose a file
 
-//print_r($HTTP_POST_FILES);
+//print_r($_FILES);
 //die();
 
 
-    $imgalt = (isset($_POST['imgalt'])) ? $_POST['imgalt'] : $imgalt;
+    $imgalt = basename( (isset($_POST['imgalt'])) ? $_POST['imgalt'] : '' );
 
-    $img1_name = (strlen($imgalt)) ? $_POST['imgalt'] : $HTTP_POST_FILES['img1']['name'];
-    $img1_type = (strlen($imgalt)) ? $_POST['img1_type'] : $HTTP_POST_FILES['img1']['type'];
-    $imgdesc = str_replace('"', '&amp;quot;', $_POST['imgdesc']);
+    $img1_name = (strlen($imgalt)) ? $imgalt : basename( $_FILES['img1']['name'] );
+    $img1_type = (strlen($imgalt)) ? $_POST['img1_type'] : $_FILES['img1']['type'];
+    $imgdesc = htmlentities2($imgdesc);
 
     $imgtype = explode(".",$img1_name);
     $imgtype = strtolower($imgtype[count($imgtype)-1]);
@@ -99,10 +99,10 @@ case 'upload':
 
     if (strlen($imgalt)) {
         $pathtofile = get_settings('fileupload_realpath')."/".$imgalt;
-        $img1 = $_POST['img1'];
+        $img1 = $_POST['img1']['tmp_name'];
     } else {
         $pathtofile = get_settings('fileupload_realpath')."/".$img1_name;
-        $img1 = $HTTP_POST_FILES['img1']['tmp_name'];
+        $img1 = $_FILES['img1']['tmp_name'];
     }
 
     // makes sure not to upload duplicates, rename duplicates
@@ -191,7 +191,7 @@ die();
             $max_side = 400;
         }
         elseif($_POST['thumbsize'] == 'custom') {
-            $max_side = $_POST['imgthumbsizecustom'];
+            $max_side = intval($_POST['imgthumbsizecustom']);
         }
         
         $result = wp_create_thumbnail($pathtofile, $max_side, NULL);
diff --git a/wp-includes/functions.php b/wp-includes/functions.php
index 8ee98c5a86..bd06f05727 100644
--- a/wp-includes/functions.php
+++ b/wp-includes/functions.php
@@ -1716,4 +1716,12 @@ function get_template_directory() {
 	return $template;
 }
 
+// Borrowed from the PHP Manual user notes. Convert entities, while
+// preserving already-encoded entities:
+function htmlentities2($myHTML) {
+	$translation_table=get_html_translation_table (HTML_ENTITIES,ENT_QUOTES);
+	$translation_table[chr(38)] = '&';
+	return preg_replace("/&(?![A-Za-z]{0,4}\w{2,3};|#[0-9]{2,3};)/","&amp;" , strtr($myHTML, $translation_table));
+}
+
 ?>