Changeset 12166
- Timestamp:
- 11/11/2009 11:10:13 PM (15 years ago)
- Location:
- branches/2.8/wp-includes
- Files:
-
- 2 edited
Legend:
- Unmodified
- Added
- Removed
-
branches/2.8/wp-includes/formatting.php
r12073 r12166 606 606 $filename = preg_replace('/[\s-]+/', '-', $filename); 607 607 $filename = trim($filename, '.-_'); 608 609 // Split the filename into a base and extension[s] 610 $parts = explode('.', $filename); 611 612 // Return if only one extension 613 if ( count($parts) <= 2 ) 614 return apply_filters('sanitize_file_name', $filename, $filename_raw); 615 616 // Process multiple extensions 617 $filename = array_shift($parts); 618 $extension = array_pop($parts); 619 $mimes = get_allowed_mime_types(); 620 621 // Loop over any intermediate extensions. Munge them with a trailing underscore if they are a 2 - 5 character 622 // long alpha string not in the extension whitelist. 623 foreach ( (array) $parts as $part) { 624 $filename .= '.' . $part; 625 626 if ( preg_match("/^[a-zA-Z]{2,5}\d?$/", $part) ) { 627 $allowed = false; 628 foreach ( $mimes as $ext_preg => $mime_match ) { 629 $ext_preg = '!(^' . $ext_preg . ')$!i'; 630 if ( preg_match( $ext_preg, $part ) ) { 631 $allowed = true; 632 break; 633 } 634 } 635 if ( !$allowed ) 636 $filename .= '_'; 637 } 638 } 639 $filename .= '.' . $extension; 640 608 641 return apply_filters('sanitize_file_name', $filename, $filename_raw); 609 642 } -
branches/2.8/wp-includes/functions.php
r11678 r12166 2227 2227 */ 2228 2228 function wp_check_filetype( $filename, $mimes = null ) { 2229 // Accepted MIME types are set here as PCRE unless provided. 2230 $mimes = ( is_array( $mimes ) ) ? $mimes : apply_filters( 'upload_mimes', array( 2229 if ( null === $mimes ) 2230 $mimes = get_allowed_mime_types(); 2231 $type = false; 2232 $ext = false; 2233 2234 foreach ( $mimes as $ext_preg => $mime_match ) { 2235 $ext_preg = '!\.(' . $ext_preg . ')$!i'; 2236 if ( preg_match( $ext_preg, $filename, $ext_matches ) ) { 2237 $type = $mime_match; 2238 $ext = $ext_matches[1]; 2239 break; 2240 } 2241 } 2242 2243 return compact( 'ext', 'type' ); 2244 } 2245 2246 /** 2247 * Retrieve list of allowed mime types and file extensions. 2248 * 2249 * @since 2.8.6 2250 * 2251 * @return array Array of mime types keyed by the file extension regex corresponding to those types. 2252 */ 2253 function get_allowed_mime_types() { 2254 static $mimes = false; 2255 2256 if ( !$mimes ) { 2257 // Accepted MIME types are set here as PCRE unless provided. 2258 $mimes = apply_filters( 'upload_mimes', array( 2231 2259 'jpg|jpeg|jpe' => 'image/jpeg', 2232 2260 'gif' => 'image/gif', … … 2274 2302 'odb' => 'application/vnd.oasis.opendocument.database', 2275 2303 'odf' => 'application/vnd.oasis.opendocument.formula', 2276 ) 2277 ); 2278 2279 $type = false; 2280 $ext = false; 2281 2282 foreach ( $mimes as $ext_preg => $mime_match ) { 2283 $ext_preg = '!\.(' . $ext_preg . ')$!i'; 2284 if ( preg_match( $ext_preg, $filename, $ext_matches ) ) { 2285 $type = $mime_match; 2286 $ext = $ext_matches[1]; 2287 break; 2288 } 2289 } 2290 2291 return compact( 'ext', 'type' ); 2292 } 2293 2304 ) ); 2305 } 2306 2307 return $mimes; 2308 } 2294 2309 /** 2295 2310 * Retrieve nonce action "Are you sure" message.
Note: See TracChangeset
for help on using the changeset viewer.