sergiotarxz/Wordpress
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Fotmatting: in sanitize_file_name(), escape % when uploads contain them, otherwise attachment URLs will unescape the char and break.

Browse Source 
Adds unit tests.

Props mordauk, simonwheatley, dd32, solarissmoke.
Fixes #16226.


git-svn-id: https://develop.svn.wordpress.org/trunk@35122 602fd350-edb4-49c9-b593-d223f7449a82
This commit is contained in:
Scott Taylor 2015-10-13 03:21:13 +00:00
parent 0f2f946736
commit a6a0045460
2 changed files with 13 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
src/wp-includes/formatting.php
View File

@ -1368,7 +1368,7 @@ function remove_accents( $string ) {
*/
function sanitize_file_name( $filename ) {
$filename_raw = $filename;
$special_chars = array("?", "[", "]", "/", "\\", "=", "<", ">", ":", ";", ",", "'", "\"", "&", "$", "#", "*", "(", ")", "|", "~", "`", "!", "{", "}", chr(0));
$special_chars = array("?", "[", "]", "/", "\\", "=", "<", ">", ":", ";", ",", "'", "\"", "&", "$", "#", "*", "(", ")", "|", "~", "`", "!", "{", "}", "%", "+", chr(0));
/**
* Filter the list of characters to remove from a filename.
*

17
tests/phpunit/tests/formatting/SanitizeFileName.php
View File

@ -11,7 +11,7 @@ class Tests_Formatting_SanitizeFileName extends WP_UnitTestCase {
}
function test_removes_special_chars() {
$special_chars = array("?", "[", "]", "/", "\\", "=", "<", ">", ":", ";", ",", "'", "\"", "&", "$", "#", "*", "(", ")", "|", "~", "`", "!", "{", "}", chr(0));
$special_chars = array("?", "[", "]", "/", "\\", "=", "<", ">", ":", ";", ",", "'", "\"", "&", "$", "#", "*", "(", ")", "|", "~", "`", "!", "{", "}", "%", "+", chr(0));
$string = 'test';
foreach ( $special_chars as $char )
$string .= $char;
@ -26,10 +26,10 @@ class Tests_Formatting_SanitizeFileName extends WP_UnitTestCase {
*/
function test_replace_spaces() {
$urls = array(
'unencoded space.png' => 'unencoded-space.png',
'encoded%20space.jpg' => 'encoded-space.jpg',
'plus+space.jpg' => 'plus-space.jpg',
'multi %20 +space.png' => 'multi-space.png',
'unencoded space.png' => 'unencoded-space.png',
'encoded-space.jpg' => 'encoded-space.jpg',
'plus+space.jpg' => 'plusspace.jpg',
'multi %20 +space.png' => 'multi-20-space.png',
);
foreach( $urls as $test => $expected ) {
@ -49,4 +49,11 @@ class Tests_Formatting_SanitizeFileName extends WP_UnitTestCase {
$this->assertEquals("a-t", sanitize_file_name("a t"));
$this->assertEquals("a-t", sanitize_file_name("a \n\n\nt"));
}
/**
* @ticket 16226
*/
function test_replaces_percent_sign() {
$this->assertEquals( 'a22b.jpg', sanitize_file_name( 'a%22b.jpg' ) );
}
}