Gitiles
Code Review Sign In
www.giggi.me / code-igniter-v3-giggi / 8df3352dff5f734c1b3831fdc131f676a9850d51^! / . / system
commit8df3352dff5f734c1b3831fdc131f676a9850d51[log] [tgz]
authorHunter Wu <hunter.wu@gmail.com>Sat Aug 03 22:36:05 2013 +0800
committerHunter Wu <hunter.wu@gmail.com>Sat Aug 03 22:36:05 2013 +0800
tree5c042e2c9b78dee17dbaa967c891e4ff5923ee8c
parent23719ab569c9c8d6b791f65d7861daba3895ddcb [diff]
Revert "Add windows filename rule as an option for upload files"

This reverts commit 23719ab569c9c8d6b791f65d7861daba3895ddcb.

diff --git a/system/core/Security.php b/system/core/Security.php
index cd1cb1a..196d611 100644
--- a/system/core/Security.php
+++ b/system/core/Security.php

@@ -115,36 +115,6 @@
 	);
 
 	/**
-	 * List of bad chars for sanitize filename
-	 *
-	 * @var	array
-	 */
-	private $_filename_bad_str_rules = array(
-		'default' => array(
-			'../', '<!--', '-->', '<', '>',
-			"'", '"', '&', '$', '#',
-			'{', '}', '[', ']', '=',
-			';', '?', '%20', '%22',
-			'%3c',		// <
-			'%253c',	// <
-			'%3e',		// >
-			'%0e',		// >
-			'%28',		// (
-			'%29',		// )
-			'%2528',	// (
-			'%26',		// &
-			'%24',		// $
-			'%3f',		// ?
-			'%3b',		// ;
-			'%3d'		// =
-		),
-		'windows' => array(
-			'\\', '/', ':', '*', '?',
-			'"', '<', '>', '|',
-		),
-	);
-
-	/**
 	 * Class constructor
 	 *
 	 * @return	void
@@ -577,9 +547,26 @@
 	 * @param 	bool	$relative_path	Whether to preserve paths
 	 * @return	string
 	 */
-	public function sanitize_filename($str, $relative_path = FALSE, $rule = 'default')
+	public function sanitize_filename($str, $relative_path = FALSE)
 	{
-		$bad = $this->_filename_bad_str_rules[$rule];
+		$bad = array(
+			'../', '<!--', '-->', '<', '>',
+			"'", '"', '&', '$', '#',
+			'{', '}', '[', ']', '=',
+			';', '?', '%20', '%22',
+			'%3c',		// <
+			'%253c',	// <
+			'%3e',		// >
+			'%0e',		// >
+			'%28',		// (
+			'%29',		// )
+			'%2528',	// (
+			'%26',		// &
+			'%24',		// $
+			'%3f',		// ?
+			'%3b',		// ;
+			'%3d'		// =
+		);
 
 		if ( ! $relative_path)
 		{

diff --git a/system/libraries/Upload.php b/system/libraries/Upload.php
index 62eca6f..8542804 100644
--- a/system/libraries/Upload.php
+++ b/system/libraries/Upload.php

@@ -143,13 +143,6 @@
 	public $file_ext_tolower		= FALSE;
 
 	/**
-	 * Filename Rule
-	 *
-	 * @var	string
-	 */
-	public $filename_rule		= 'default';
-
-	/**
 	 * Upload path
 	 *
 	 * @var	string
@@ -322,8 +315,7 @@
 					'detect_mime'			=> TRUE,
 					'xss_clean'			=> FALSE,
 					'temp_prefix'			=> 'temp_file_',
-					'client_name'			=> '',
-					'filename_rule'			=> 'default',
+					'client_name'			=> ''
 				);
 
 		foreach ($defaults as $key => $val)
@@ -480,7 +472,7 @@
 
 		// Sanitize the file name for security
 		$CI =& get_instance();
-		$this->file_name = $CI->security->sanitize_filename($this->file_name, FALSE, $this->filename_rule);
+		$this->file_name = $CI->security->sanitize_filename($this->file_name);
 
 		// Truncate the file name if it's too long
 		if ($this->max_filename > 0)