1
0
mirror of https://github.com/phpbb/phpbb.git synced 2025-08-06 16:56:44 +02:00

[feature/attach-dl] Moved filename cleaning into own function

PHPBB3-11042
This commit is contained in:
Fyorl
2012-08-14 11:42:23 +01:00
parent e8830c3369
commit 20ecd046da
2 changed files with 22 additions and 8 deletions

View File

@@ -647,3 +647,24 @@ function phpbb_download_check_forum_auth($db, $auth, $topic_id)
trigger_error('SORRY_AUTH_VIEW_ATTACH');
}
}
/**
* Cleans a filename of any characters that could potentially cause a problem on
* a user's filesystem.
*
* @param string $filename The filename to clean
*
* @return string The cleaned filename
*/
function phpbb_download_clean_filename($filename)
{
$bad_chars = array("'", "\\", ' ', '/', ':', '*', '?', '"', '<', '>', '|');
// rawurlencode to convert any potentially 'bad' characters that we missed
$filename = rawurlencode(str_replace($bad_chars, '_', $filename));
// Turn the %xx entities created by rawurlencode to _
$filename = preg_replace("/%(\w{2})/", '_', $filename);
return $filename;
}