Created
July 2, 2019 03:12
-
-
Save remoharsono/ebc2754a8887221bb3a58c67453230cf to your computer and use it in GitHub Desktop.
[PHP] Sanitize file name - source https://developer.wordpress.org/reference/functions/sanitize_file_name/
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
function sanitize_file_name( $filename ) { | |
$filename_raw = $filename; | |
$special_chars = array( '?', '[', ']', '/', '\\', '=', '<', '>', ':', ';', ',', "'", '"', '&', '$', '#', '*', '(', ')', '|', '~', '`', '!', '{', '}', '%', '+', chr( 0 ) ); | |
/** | |
* Filters the list of characters to remove from a filename. | |
* | |
* @since 2.8.0 | |
* | |
* @param array $special_chars Characters to remove. | |
* @param string $filename_raw Filename as it was passed into sanitize_file_name(). | |
*/ | |
$special_chars = apply_filters( 'sanitize_file_name_chars', $special_chars, $filename_raw ); | |
$filename = preg_replace( "#\x{00a0}#siu", ' ', $filename ); | |
$filename = str_replace( $special_chars, '', $filename ); | |
$filename = str_replace( array( '%20', '+' ), '-', $filename ); | |
$filename = preg_replace( '/[\r\n\t -]+/', '-', $filename ); | |
$filename = trim( $filename, '.-_' ); | |
if ( false === strpos( $filename, '.' ) ) { | |
$mime_types = wp_get_mime_types(); | |
$filetype = wp_check_filetype( 'test.' . $filename, $mime_types ); | |
if ( $filetype['ext'] === $filename ) { | |
$filename = 'unnamed-file.' . $filetype['ext']; | |
} | |
} | |
// Split the filename into a base and extension[s] | |
$parts = explode( '.', $filename ); | |
// Return if only one extension | |
if ( count( $parts ) <= 2 ) { | |
/** | |
* Filters a sanitized filename string. | |
* | |
* @since 2.8.0 | |
* | |
* @param string $filename Sanitized filename. | |
* @param string $filename_raw The filename prior to sanitization. | |
*/ | |
return apply_filters( 'sanitize_file_name', $filename, $filename_raw ); | |
} | |
// Process multiple extensions | |
$filename = array_shift( $parts ); | |
$extension = array_pop( $parts ); | |
$mimes = get_allowed_mime_types(); | |
/* | |
* Loop over any intermediate extensions. Postfix them with a trailing underscore | |
* if they are a 2 - 5 character long alpha string not in the extension whitelist. | |
*/ | |
foreach ( (array) $parts as $part ) { | |
$filename .= '.' . $part; | |
if ( preg_match( '/^[a-zA-Z]{2,5}\d?$/', $part ) ) { | |
$allowed = false; | |
foreach ( $mimes as $ext_preg => $mime_match ) { | |
$ext_preg = '!^(' . $ext_preg . ')$!i'; | |
if ( preg_match( $ext_preg, $part ) ) { | |
$allowed = true; | |
break; | |
} | |
} | |
if ( ! $allowed ) { | |
$filename .= '_'; | |
} | |
} | |
} | |
$filename .= '.' . $extension; | |
/** This filter is documented in wp-includes/formatting.php */ | |
return apply_filters( 'sanitize_file_name', $filename, $filename_raw ); | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment