Fixes #1497 ZCA-009 by restricting data exporting to user defined folder.

Previously the RPC interface allowed z_exportwallet, backupwallet and
dumpwallet to write data to an arbitrary filename.  ZCA-009 demonstrates
how this is vulnerable.  The resolution is to only allow data to
written when the -exportdir has been configured.  Also filenames are
restricted to alphanumeric characters.

src/util.h

@@ -134,6 +134,7 @@ boost::filesystem::path GetSpecialFolderPath(int nFolder, bool fCreate = true);
 boost::filesystem::path GetTempPath();
 void ShrinkDebugFile();
 void runCommand(std::string strCommand);
+const boost::filesystem::path GetExportDir();
 
 inline bool IsSwitchChar(char c)
 {