You are here

private function SmartlingTranslator::cleanFileName in TMGMT Translator Smartling 8

Same name and namespace in other branches
  1. 8.4 src/Plugin/tmgmt/Translator/SmartlingTranslator.php \Drupal\tmgmt_smartling\Plugin\tmgmt\Translator\SmartlingTranslator::cleanFileName()
  2. 8.2 src/Plugin/tmgmt/Translator/SmartlingTranslator.php \Drupal\tmgmt_smartling\Plugin\tmgmt\Translator\SmartlingTranslator::cleanFileName()
  3. 8.3 src/Plugin/tmgmt/Translator/SmartlingTranslator.php \Drupal\tmgmt_smartling\Plugin\tmgmt\Translator\SmartlingTranslator::cleanFileName()

Return clean filename, sanitized for path traversal vulnerability.

Url (https://code.google.com/p/teenage-mutant-ninja-turtles /wiki/AdvancedObfuscationPathtraversal).

Parameters

string $filename: File name.

bool $allow_dirs: TRUE if allow dirs. FALSE by default.

Return value

string Return clean filename.

File

src/Plugin/tmgmt/Translator/SmartlingTranslator.php, line 368
Contains \Drupal\tmgmt_smartling\Plugin\tmgmt\Translator\SmartlingTranslator.

Class

SmartlingTranslator
Smartling translator plugin.

Namespace

Drupal\tmgmt_smartling\Plugin\tmgmt\Translator

Code

private function cleanFileName($filename, $allow_dirs = FALSE) {

  // Prior to PHP 5.5, empty() only supports variables.
  // (http://www.php.net/manual/en/function.empty.php).
  $trim_filename = trim($filename);
  if (empty($trim_filename)) {
    return '';
  }
  $pattern = '/[^a-zA-Z0-9_\\-\\:]/i';
  $info = pathinfo(trim($filename));
  $filename = preg_replace($pattern, '_', $info['filename']);
  if (isset($info['extension']) && !empty($info['extension'])) {
    $filename .= '.' . preg_replace($pattern, '_', $info['extension']);
  }
  if ($allow_dirs && isset($info['dirname']) && !empty($info['dirname'])) {
    $filename = preg_replace('/[^a-zA-Z0-9_\\/\\-\\:]/i', '_', $info['dirname']) . '/' . $filename;
  }
  return (string) $filename;
}