sanitize_file_name() improvements. Props sivel. fixes #9416

git-svn-id: http://svn.automattic.com/wordpress/trunk@11178 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit is contained in:
ryan 2009-05-04 20:20:48 +00:00
parent d3847a2f53
commit 3072fbb30d
2 changed files with 21 additions and 23 deletions

View File

@ -566,27 +566,27 @@ function remove_accents($string) {
}
/**
* Filters certain characters from the file name.
* Sanitizes a filename replacing whitespace with dashes
*
* Turns all strings to lowercase removing most characters except alphanumeric
* with spaces, dashes and periods. All spaces and underscores are converted to
* dashes. Multiple dashes are converted to a single dash. Finally, if the file
* name ends with a dash, it is removed.
* Removes special characters that are illegal in filenames on certain
* operating systems and special characters requiring special escaping
* to manipulate at the command line. Replaces spaces and consecutive
* dashes with a single dash. Trim period, dash and underscore from beginning
* and end of filename.
*
* @since 2.1.0
*
* @param string $name The file name
* @return string Sanitized file name
* @param string $filename The filename to be sanitized
* @return string The sanitized filename
*/
function sanitize_file_name( $name ) { // Like sanitize_title, but with periods
$name = strtolower( $name );
$name = preg_replace('/&.+?;/', '', $name); // kill entities
$name = str_replace( '_', '-', $name );
$name = preg_replace('/[^a-z0-9\s-.]/', '', $name);
$name = preg_replace('/\s+/', '-', $name);
$name = preg_replace('|-+|', '-', $name);
$name = trim($name, '-');
return $name;
function sanitize_file_name( $filename ) {
$filename_raw = $filename;
$special_chars = array("?", "[", "]", "/", "\\", "=", "<", ">", ":", ";", ",", "'", "\"", "&", "$", "#", "*", "(", ")", "|", "~", "`", "!", "{", "}");
$special_chars = apply_filters('sanitize_file_name_chars', $special_chars, $filename_raw);
$filename = str_replace($special_chars, '', $filename);
$filename = preg_replace('/[\s-]+/', '-', $filename);
$filename = trim($filename, '.-_');
return apply_filters('sanitize_file_name', $filename, $filename_raw);
}
/**

View File

@ -2013,12 +2013,14 @@ function wp_upload_dir( $time = null ) {
* @return string New filename, if given wasn't unique.
*/
function wp_unique_filename( $dir, $filename, $unique_filename_callback = null ) {
$filename = strtolower( $filename );
// sanitize the file name before we begin processing
$filename = sanitize_file_name($filename);
// separate the filename into a name and extension
$info = pathinfo($filename);
$ext = !empty($info['extension']) ? $info['extension'] : '';
$name = basename($filename, ".{$ext}");
// edge case: if file is named '.ext', treat as an empty name
if( $name === ".$ext" )
$name = '';
@ -2030,11 +2032,7 @@ function wp_unique_filename( $dir, $filename, $unique_filename_callback = null )
$number = '';
if ( !empty( $ext ) )
$ext = strtolower( ".$ext" );
$filename = str_replace( $ext, '', $filename );
// Strip % so the server doesn't try to decode entities.
$filename = str_replace('%', '', sanitize_title_with_dashes( $filename ) ) . $ext;
$ext = ".$ext";
while ( file_exists( $dir . "/$filename" ) ) {
if ( '' == "$number$ext" )