WordPress.org

Make WordPress Core

Ticket #16226: Add plus to special chars.diff

File Add plus to special chars.diff, 833 bytes (added by simonwheatley, 4 years ago)

Strip + AND % chars from uploaded filenames

  • wp-includes/formatting.php

     
    681681 */ 
    682682function sanitize_file_name( $filename ) { 
    683683        $filename_raw = $filename; 
    684         $special_chars = array("?", "[", "]", "/", "\\", "=", "<", ">", ":", ";", ",", "'", "\"", "&", "$", "#", "*", "(", ")", "|", "~", "`", "!", "{", "}", chr(0)); 
     684        $special_chars = array("?", "[", "]", "/", "\\", "=", "<", ">", ":", ";", ",", "'", "\"", "&", "$", "#", "*", "(", ")", "|", "~", "`", "!", "{", "}", "%", "+", chr(0)); 
    685685        $special_chars = apply_filters('sanitize_file_name_chars', $special_chars, $filename_raw); 
    686686        $filename = str_replace($special_chars, '', $filename); 
    687687        $filename = preg_replace('/[\s-]+/', '-', $filename);