Changeset 11178
- Timestamp:
- 05/04/2009 08:20:48 PM (15 years ago)
- Location:
- trunk/wp-includes
- Files:
-
- 2 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/wp-includes/formatting.php
r11126 r11178 567 567 568 568 /** 569 * Filters certain characters from the file name. 570 * 571 * Turns all strings to lowercase removing most characters except alphanumeric 572 * with spaces, dashes and periods. All spaces and underscores are converted to 573 * dashes. Multiple dashes are converted to a single dash. Finally, if the file 574 * name ends with a dash, it is removed. 569 * Sanitizes a filename replacing whitespace with dashes 570 * 571 * Removes special characters that are illegal in filenames on certain 572 * operating systems and special characters requiring special escaping 573 * to manipulate at the command line. Replaces spaces and consecutive 574 * dashes with a single dash. Trim period, dash and underscore from beginning 575 * and end of filename. 575 576 * 576 577 * @since 2.1.0 577 578 * 578 * @param string $name The file name 579 * @return string Sanitized file name 580 */ 581 function sanitize_file_name( $name ) { // Like sanitize_title, but with periods 582 $name = strtolower( $name ); 583 $name = preg_replace('/&.+?;/', '', $name); // kill entities 584 $name = str_replace( '_', '-', $name ); 585 $name = preg_replace('/[^a-z0-9\s-.]/', '', $name); 586 $name = preg_replace('/\s+/', '-', $name); 587 $name = preg_replace('|-+|', '-', $name); 588 $name = trim($name, '-'); 589 return $name; 579 * @param string $filename The filename to be sanitized 580 * @return string The sanitized filename 581 */ 582 function sanitize_file_name( $filename ) { 583 $filename_raw = $filename; 584 $special_chars = array("?", "[", "]", "/", "\\", "=", "<", ">", ":", ";", ",", "'", "\"", "&", "$", "#", "*", "(", ")", "|", "~", "`", "!", "{", "}"); 585 $special_chars = apply_filters('sanitize_file_name_chars', $special_chars, $filename_raw); 586 $filename = str_replace($special_chars, '', $filename); 587 $filename = preg_replace('/[\s-]+/', '-', $filename); 588 $filename = trim($filename, '.-_'); 589 return apply_filters('sanitize_file_name', $filename, $filename_raw); 590 590 } 591 591 -
trunk/wp-includes/functions.php
r11170 r11178 2014 2014 */ 2015 2015 function wp_unique_filename( $dir, $filename, $unique_filename_callback = null ) { 2016 $filename = strtolower( $filename ); 2016 // sanitize the file name before we begin processing 2017 $filename = sanitize_file_name($filename); 2018 2017 2019 // separate the filename into a name and extension 2018 2020 $info = pathinfo($filename); 2019 2021 $ext = !empty($info['extension']) ? $info['extension'] : ''; 2020 2022 $name = basename($filename, ".{$ext}"); 2021 2023 2022 2024 // edge case: if file is named '.ext', treat as an empty name 2023 2025 if( $name === ".$ext" ) … … 2031 2033 2032 2034 if ( !empty( $ext ) ) 2033 $ext = strtolower( ".$ext" ); 2034 2035 $filename = str_replace( $ext, '', $filename ); 2036 // Strip % so the server doesn't try to decode entities. 2037 $filename = str_replace('%', '', sanitize_title_with_dashes( $filename ) ) . $ext; 2035 $ext = ".$ext"; 2038 2036 2039 2037 while ( file_exists( $dir . "/$filename" ) ) {
Note: See TracChangeset
for help on using the changeset viewer.