CodeIgniter Forums

Full Version: upload filename with multiple dots 2.0.3 problem
You're currently viewing a stripped down version of our content. View the full version with proper formatting.

El Forum

[eluser]rogierb[/eluser]
Hello all,

I'm rewriting a 10 year old system and are now faced with fun filenames like this.is.a.old.filename.jpg
which is causing problem in the upload library.

After each part an underscore is added even if you add the 'overwrite' config.

This is due to the nature of _prep_filename() in the Uploads library. Since nowadays common practice is to use either underscores or dashes, the possibility of dots is forgotten.

I would like to use dashes or underscores but I'm not going to rename thousands of files, so i had to change a core method wich I hate.

My quick and very dirty solution is
Code:
foreach ($parts as $part)
  {
   if ( (! in_array(strtolower($part), $this->allowed_types) OR $this->mimes_types(strtolower($part)) === FALSE ) AND $part === $parts[count($parts) - 1])
   {
    if($this->overwrite == FALSE) $filename .= '.'.$part.'_';
                else $filename .= '.'.$part;
   }
   else
   {
    $filename .= '.'.$part;
   }
  }

Am I missing something? Can this be solved without hacking the core?

El Forum

[eluser]Colm Ward[/eluser]
Old thread I know, but you can get around this simply by setting
Code:
'allowed_types' => '*'

I didnt want to allow any kind of file to be uploaded. So I solved this by extending the core, which is slightly less hacky than changing the core directly:

Code:
<?php  if ( ! defined('BASEPATH')) exit('No direct script access allowed');

class MY_Upload extends CI_Upload {

/**
  * Overriding the default 'Prep Filename' to prevent underscores appearing before dots in filenames if remove_spaces is set to false
  *
  * Prevents possible script execution from Apache's handling of files multiple extensions
  * http://httpd.apache.org/docs/1.3/mod/mod_mime.html#multipleext
  *
  * @param string
  * @return string
  */
protected function _prep_filename($filename)
{
  if (strpos($filename, '.') === FALSE OR $this->allowed_types == '*')
  {
   return $filename;
  }

  $parts  = explode('.', $filename);
  $ext  = array_pop($parts);
  $filename = array_shift($parts);

  foreach ($parts as $part)
  {
   if ( ! in_array(strtolower($part), $this->allowed_types) OR $this->mimes_types(strtolower($part)) === FALSE)
   {
    if($this->remove_spaces) // don't prefix the dots with underscores if remove_spaces is set to false
    {
     $filename .= '.'.$part.'_';
    }
    else
    {
     $filename .= '.'.$part;
    }    
   }
   else
   {
    $filename .= '.'.$part;
   }
  }

  $filename .= '.'.$ext;

  return $filename;
}
  
}

/* End of file MY_Upload.php */
/* Location: ./system/application/libraries/MY_Upload.php */