WordPress.org

Make WordPress Core

Ticket #16330: 16330.3.diff

File 16330.3.diff, 1.9 KB (added by SergeyBiryukov, 9 years ago)

Refreshed

  • wp-admin/includes/file.php

     
    441441
    442442        $filename = wp_unique_filename( $uploads['path'], $file['name'], $unique_filename_callback );
    443443
    444         // Strip the query strings.
    445         $filename = str_replace('?','-', $filename);
    446         $filename = str_replace('&','-', $filename);
    447 
    448444        // Move the file to the uploads dir
    449445        $new_file = $uploads['path'] . "/$filename";
    450446        if ( false === @ rename( $file['tmp_name'], $new_file ) ) {
  • wp-admin/includes/media.php

     
    600600                // Set variables for storage
    601601                // fix file filename for query strings
    602602                preg_match( '/[^\?]+\.(jpe?g|jpe|gif|png)\b/i', $file, $matches );
    603                 $file_array['name'] = basename($matches[0]);
     603                $file_array['name'] = urldecode( basename( $matches[0] ) );
    604604                $file_array['tmp_name'] = $tmp;
    605605
    606606                // If error storing temporarily, unlink
  • wp-includes/formatting.php

     
    812812 */
    813813function sanitize_file_name( $filename ) {
    814814        $filename_raw = $filename;
    815         $special_chars = array("?", "[", "]", "/", "\\", "=", "<", ">", ":", ";", ",", "'", "\"", "&", "$", "#", "*", "(", ")", "|", "~", "`", "!", "{", "}", chr(0));
     815        $special_chars = array("?", "[", "]", "/", "\\", "=", "<", ">", ":", ";", ",", "'", "\"", "&", "$", "#", "*", "(", ")", "|", "~", "`", "!", "{", "}", "%", "+", chr(0));
    816816        $special_chars = apply_filters('sanitize_file_name_chars', $special_chars, $filename_raw);
    817817        $filename = str_replace($special_chars, '', $filename);
    818818        $filename = preg_replace('/[\s-]+/', '-', $filename);