Make WordPress Core


Ignore:
Timestamp:
04/29/2020 04:58:19 PM (5 years ago)
Author:
whyisjake
Message:

User: Invalidate user_activation_key on password update.
Query: Ensure that only a single post can be returned on date/time based queries.
Cache API: Ensure proper escaping around the stats method in the cache API.
Formatting: Expand sanitize_file_name to have better support for utf8 characters.

Brings the changes in [47634], [47635], [47637], and [47638] to the 3.7 branch.

Props: batmoo, ehti, nickdaugherty, peterwilsoncc, sergeybiryukov, sstoqnov, westi, whyisjake, whyisjake, xknown.

File:
1 edited

Legend:

Unmodified
Added
Removed
  • branches/3.7/src/wp-includes/formatting.php

    r37825 r47662  
    958958    $special_chars = array("?", "[", "]", "/", "\\", "=", "<", ">", ":", ";", ",", "'", "\"", "&", "$", "#", "*", "(", ")", "|", "~", "`", "!", "{", "}", chr(0));
    959959    $special_chars = apply_filters('sanitize_file_name_chars', $special_chars, $filename_raw);
     960
     961    // Check for support for utf8 in the installed PCRE library once and store the result in a static.
     962    static $utf8_pcre = null;
     963    if ( ! isset( $utf8_pcre ) ) {
     964        // phpcs:ignore WordPress.PHP.NoSilencedErrors.Discouraged
     965        $utf8_pcre = @preg_match( '/^./u', 'a' );
     966    }
     967
     968    if ( ! seems_utf8( $filename ) ) {
     969        $_ext     = pathinfo( $filename, PATHINFO_EXTENSION );
     970        $_name    = pathinfo( $filename, PATHINFO_FILENAME );
     971        $filename = sanitize_title_with_dashes( $_name ) . '.' . $_ext;
     972    }
     973
     974    if ( $utf8_pcre ) {
     975        $filename = preg_replace( "#\x{00a0}#siu", ' ', $filename );
     976    }
     977
    960978    $filename = str_replace($special_chars, '', $filename);
    961979    $filename = preg_replace('/[\s-]+/', '-', $filename);
Note: See TracChangeset for help on using the changeset viewer.