summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--system/core/Security.php51
-rw-r--r--system/libraries/Upload.php12
2 files changed, 42 insertions, 21 deletions
diff --git a/system/core/Security.php b/system/core/Security.php
index 196d61144..cd1cb1ab4 100644
--- a/system/core/Security.php
+++ b/system/core/Security.php
@@ -115,6 +115,36 @@ class CI_Security {
);
/**
+ * List of bad chars for sanitize filename
+ *
+ * @var array
+ */
+ private $_filename_bad_str_rules = array(
+ 'default' => array(
+ '../', '<!--', '-->', '<', '>',
+ "'", '"', '&', '$', '#',
+ '{', '}', '[', ']', '=',
+ ';', '?', '%20', '%22',
+ '%3c', // <
+ '%253c', // <
+ '%3e', // >
+ '%0e', // >
+ '%28', // (
+ '%29', // )
+ '%2528', // (
+ '%26', // &
+ '%24', // $
+ '%3f', // ?
+ '%3b', // ;
+ '%3d' // =
+ ),
+ 'windows' => array(
+ '\\', '/', ':', '*', '?',
+ '"', '<', '>', '|',
+ ),
+ );
+
+ /**
* Class constructor
*
* @return void
@@ -547,26 +577,9 @@ class CI_Security {
* @param bool $relative_path Whether to preserve paths
* @return string
*/
- public function sanitize_filename($str, $relative_path = FALSE)
+ public function sanitize_filename($str, $relative_path = FALSE, $rule = 'default')
{
- $bad = array(
- '../', '<!--', '-->', '<', '>',
- "'", '"', '&', '$', '#',
- '{', '}', '[', ']', '=',
- ';', '?', '%20', '%22',
- '%3c', // <
- '%253c', // <
- '%3e', // >
- '%0e', // >
- '%28', // (
- '%29', // )
- '%2528', // (
- '%26', // &
- '%24', // $
- '%3f', // ?
- '%3b', // ;
- '%3d' // =
- );
+ $bad = $this->_filename_bad_str_rules[$rule];
if ( ! $relative_path)
{
diff --git a/system/libraries/Upload.php b/system/libraries/Upload.php
index 85428044d..62eca6fdb 100644
--- a/system/libraries/Upload.php
+++ b/system/libraries/Upload.php
@@ -143,6 +143,13 @@ class CI_Upload {
public $file_ext_tolower = FALSE;
/**
+ * Filename Rule
+ *
+ * @var string
+ */
+ public $filename_rule = 'default';
+
+ /**
* Upload path
*
* @var string
@@ -315,7 +322,8 @@ class CI_Upload {
'detect_mime' => TRUE,
'xss_clean' => FALSE,
'temp_prefix' => 'temp_file_',
- 'client_name' => ''
+ 'client_name' => '',
+ 'filename_rule' => 'default',
);
foreach ($defaults as $key => $val)
@@ -472,7 +480,7 @@ class CI_Upload {
// Sanitize the file name for security
$CI =& get_instance();
- $this->file_name = $CI->security->sanitize_filename($this->file_name);
+ $this->file_name = $CI->security->sanitize_filename($this->file_name, FALSE, $this->filename_rule);
// Truncate the file name if it's too long
if ($this->max_filename > 0)