diff options
| author | Fyorl <gaelreth@gmail.com> | 2012-08-14 11:42:23 +0100 |
|---|---|---|
| committer | Fyorl <gaelreth@gmail.com> | 2012-08-14 11:42:23 +0100 |
| commit | 20ecd046daf660a7cb5ae7079cea9a6ed26c9bab (patch) | |
| tree | f6f38018513abdef666ce46fb026353c6495a9e2 /phpBB/includes/functions_download.php | |
| parent | e8830c3369dbd4b25a4798eeb3fe2c7834825c42 (diff) | |
| download | forums-20ecd046daf660a7cb5ae7079cea9a6ed26c9bab.tar forums-20ecd046daf660a7cb5ae7079cea9a6ed26c9bab.tar.gz forums-20ecd046daf660a7cb5ae7079cea9a6ed26c9bab.tar.bz2 forums-20ecd046daf660a7cb5ae7079cea9a6ed26c9bab.tar.xz forums-20ecd046daf660a7cb5ae7079cea9a6ed26c9bab.zip | |
[feature/attach-dl] Moved filename cleaning into own function
PHPBB3-11042
Diffstat (limited to 'phpBB/includes/functions_download.php')
| -rw-r--r-- | phpBB/includes/functions_download.php | 21 |
1 files changed, 21 insertions, 0 deletions
diff --git a/phpBB/includes/functions_download.php b/phpBB/includes/functions_download.php index 22f217909c..f866c6bbfb 100644 --- a/phpBB/includes/functions_download.php +++ b/phpBB/includes/functions_download.php @@ -647,3 +647,24 @@ function phpbb_download_check_forum_auth($db, $auth, $topic_id) trigger_error('SORRY_AUTH_VIEW_ATTACH'); } } + +/** +* Cleans a filename of any characters that could potentially cause a problem on +* a user's filesystem. +* +* @param string $filename The filename to clean +* +* @return string The cleaned filename +*/ +function phpbb_download_clean_filename($filename) +{ + $bad_chars = array("'", "\\", ' ', '/', ':', '*', '?', '"', '<', '>', '|'); + + // rawurlencode to convert any potentially 'bad' characters that we missed + $filename = rawurlencode(str_replace($bad_chars, '_', $filename)); + + // Turn the %xx entities created by rawurlencode to _ + $filename = preg_replace("/%(\w{2})/", '_', $filename); + + return $filename; +} |