summaryrefslogtreecommitdiffstats
path: root/system/core
diff options
context:
space:
mode:
authorHunter Wu <hunter.wu@gmail.com>2013-08-03 16:36:05 +0200
committerHunter Wu <hunter.wu@gmail.com>2013-08-03 16:36:05 +0200
commit8df3352dff5f734c1b3831fdc131f676a9850d51 (patch)
tree5c042e2c9b78dee17dbaa967c891e4ff5923ee8c /system/core
parent23719ab569c9c8d6b791f65d7861daba3895ddcb (diff)
Revert "Add windows filename rule as an option for upload files"
Diffstat (limited to 'system/core')
-rw-r--r--system/core/Security.php51
1 files changed, 19 insertions, 32 deletions
diff --git a/system/core/Security.php b/system/core/Security.php
index cd1cb1ab4..196d61144 100644
--- a/system/core/Security.php
+++ b/system/core/Security.php
@@ -115,36 +115,6 @@ class CI_Security {
);
/**
- * List of bad chars for sanitize filename
- *
- * @var array
- */
- private $_filename_bad_str_rules = array(
- 'default' => array(
- '../', '<!--', '-->', '<', '>',
- "'", '"', '&', '$', '#',
- '{', '}', '[', ']', '=',
- ';', '?', '%20', '%22',
- '%3c', // <
- '%253c', // <
- '%3e', // >
- '%0e', // >
- '%28', // (
- '%29', // )
- '%2528', // (
- '%26', // &
- '%24', // $
- '%3f', // ?
- '%3b', // ;
- '%3d' // =
- ),
- 'windows' => array(
- '\\', '/', ':', '*', '?',
- '"', '<', '>', '|',
- ),
- );
-
- /**
* Class constructor
*
* @return void
@@ -577,9 +547,26 @@ class CI_Security {
* @param bool $relative_path Whether to preserve paths
* @return string
*/
- public function sanitize_filename($str, $relative_path = FALSE, $rule = 'default')
+ public function sanitize_filename($str, $relative_path = FALSE)
{
- $bad = $this->_filename_bad_str_rules[$rule];
+ $bad = array(
+ '../', '<!--', '-->', '<', '>',
+ "'", '"', '&', '$', '#',
+ '{', '}', '[', ']', '=',
+ ';', '?', '%20', '%22',
+ '%3c', // <
+ '%253c', // <
+ '%3e', // >
+ '%0e', // >
+ '%28', // (
+ '%29', // )
+ '%2528', // (
+ '%26', // &
+ '%24', // $
+ '%3f', // ?
+ '%3b', // ;
+ '%3d' // =
+ );
if ( ! $relative_path)
{