Ticket #16330: 16330.3.diff

wp-admin/includes/file.php

@@ -441 +441 @@
 
         $filename = wp_unique_filename( $uploads['path'], $file['name'], $unique_filename_callback );
 
-        // Strip the query strings.
-        $filename = str_replace('?','-', $filename);
-        $filename = str_replace('&','-', $filename);
-
         // Move the file to the uploads dir
         $new_file = $uploads['path'] . "/$filename";
         if ( false === @ rename( $file['tmp_name'], $new_file ) ) {

wp-admin/includes/media.php

@@ -600 +600 @@
                 // Set variables for storage
                 // fix file filename for query strings
                 preg_match( '/[^\?]+\.(jpe?g|jpe|gif|png)\b/i', $file, $matches );
-                $file_array['name'] = basename($matches[0]);
+                $file_array['name'] = urldecode( basename( $matches[0] ) );
                 $file_array['tmp_name'] = $tmp;
 
                 // If error storing temporarily, unlink

wp-includes/formatting.php

@@ -812 +812 @@
  */
 function sanitize_file_name( $filename ) {
         $filename_raw = $filename;
-        $special_chars = array("?", "[", "]", "/", "\\", "=", "<", ">", ":", ";", ",", "'", "\"", "&", "$", "#", "*", "(", ")", "|", "~", "`", "!", "{", "}", chr(0));
+        $special_chars = array("?", "[", "]", "/", "\\", "=", "<", ">", ":", ";", ",", "'", "\"", "&", "$", "#", "*", "(", ")", "|", "~", "`", "!", "{", "}", "%", "+", chr(0));
         $special_chars = apply_filters('sanitize_file_name_chars', $special_chars, $filename_raw);
         $filename = str_replace($special_chars, '', $filename);
         $filename = preg_replace('/[\s-]+/', '-', $filename);