mirror of
https://github.com/WordPress/WordPress.git
synced 2024-12-22 17:18:32 +01:00
sanitize_file_name() improvements. Props sivel. fixes #9416
git-svn-id: http://svn.automattic.com/wordpress/trunk@11178 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit is contained in:
parent
d3847a2f53
commit
3072fbb30d
@ -566,27 +566,27 @@ function remove_accents($string) {
|
||||
}
|
||||
|
||||
/**
|
||||
* Filters certain characters from the file name.
|
||||
* Sanitizes a filename replacing whitespace with dashes
|
||||
*
|
||||
* Turns all strings to lowercase removing most characters except alphanumeric
|
||||
* with spaces, dashes and periods. All spaces and underscores are converted to
|
||||
* dashes. Multiple dashes are converted to a single dash. Finally, if the file
|
||||
* name ends with a dash, it is removed.
|
||||
* Removes special characters that are illegal in filenames on certain
|
||||
* operating systems and special characters requiring special escaping
|
||||
* to manipulate at the command line. Replaces spaces and consecutive
|
||||
* dashes with a single dash. Trim period, dash and underscore from beginning
|
||||
* and end of filename.
|
||||
*
|
||||
* @since 2.1.0
|
||||
*
|
||||
* @param string $name The file name
|
||||
* @return string Sanitized file name
|
||||
* @param string $filename The filename to be sanitized
|
||||
* @return string The sanitized filename
|
||||
*/
|
||||
function sanitize_file_name( $name ) { // Like sanitize_title, but with periods
|
||||
$name = strtolower( $name );
|
||||
$name = preg_replace('/&.+?;/', '', $name); // kill entities
|
||||
$name = str_replace( '_', '-', $name );
|
||||
$name = preg_replace('/[^a-z0-9\s-.]/', '', $name);
|
||||
$name = preg_replace('/\s+/', '-', $name);
|
||||
$name = preg_replace('|-+|', '-', $name);
|
||||
$name = trim($name, '-');
|
||||
return $name;
|
||||
function sanitize_file_name( $filename ) {
|
||||
$filename_raw = $filename;
|
||||
$special_chars = array("?", "[", "]", "/", "\\", "=", "<", ">", ":", ";", ",", "'", "\"", "&", "$", "#", "*", "(", ")", "|", "~", "`", "!", "{", "}");
|
||||
$special_chars = apply_filters('sanitize_file_name_chars', $special_chars, $filename_raw);
|
||||
$filename = str_replace($special_chars, '', $filename);
|
||||
$filename = preg_replace('/[\s-]+/', '-', $filename);
|
||||
$filename = trim($filename, '.-_');
|
||||
return apply_filters('sanitize_file_name', $filename, $filename_raw);
|
||||
}
|
||||
|
||||
/**
|
||||
|
@ -2013,12 +2013,14 @@ function wp_upload_dir( $time = null ) {
|
||||
* @return string New filename, if given wasn't unique.
|
||||
*/
|
||||
function wp_unique_filename( $dir, $filename, $unique_filename_callback = null ) {
|
||||
$filename = strtolower( $filename );
|
||||
// sanitize the file name before we begin processing
|
||||
$filename = sanitize_file_name($filename);
|
||||
|
||||
// separate the filename into a name and extension
|
||||
$info = pathinfo($filename);
|
||||
$ext = !empty($info['extension']) ? $info['extension'] : '';
|
||||
$name = basename($filename, ".{$ext}");
|
||||
|
||||
|
||||
// edge case: if file is named '.ext', treat as an empty name
|
||||
if( $name === ".$ext" )
|
||||
$name = '';
|
||||
@ -2030,11 +2032,7 @@ function wp_unique_filename( $dir, $filename, $unique_filename_callback = null )
|
||||
$number = '';
|
||||
|
||||
if ( !empty( $ext ) )
|
||||
$ext = strtolower( ".$ext" );
|
||||
|
||||
$filename = str_replace( $ext, '', $filename );
|
||||
// Strip % so the server doesn't try to decode entities.
|
||||
$filename = str_replace('%', '', sanitize_title_with_dashes( $filename ) ) . $ext;
|
||||
$ext = ".$ext";
|
||||
|
||||
while ( file_exists( $dir . "/$filename" ) ) {
|
||||
if ( '' == "$number$ext" )
|
||||
|
Loading…
Reference in New Issue
Block a user