From 8df3352dff5f734c1b3831fdc131f676a9850d51 Mon Sep 17 00:00:00 2001
From: Hunter Wu <hunter.wu@gmail.com>
Date: Sat, 3 Aug 2013 22:36:05 +0800
Subject: Revert "Add windows filename rule as an option for upload files"

This reverts commit 23719ab569c9c8d6b791f65d7861daba3895ddcb.
---
 system/core/Security.php    | 51 +++++++++++++++++----------------------------
 system/libraries/Upload.php | 12 ++---------
 2 files changed, 21 insertions(+), 42 deletions(-)

(limited to 'system')

diff --git a/system/core/Security.php b/system/core/Security.php
index cd1cb1ab4..196d61144 100644
--- a/system/core/Security.php
+++ b/system/core/Security.php
@@ -114,36 +114,6 @@ class CI_Security {
 		"([\"'])?data\s*:[^\\1]*?base64[^\\1]*?,[^\\1]*?\\1?"
 	);
 
-	/**
-	 * List of bad chars for sanitize filename
-	 *
-	 * @var	array
-	 */
-	private $_filename_bad_str_rules = array(
-		'default' => array(
-			'../', '<!--', '-->', '<', '>',
-			"'", '"', '&', '$', '#',
-			'{', '}', '[', ']', '=',
-			';', '?', '%20', '%22',
-			'%3c',		// <
-			'%253c',	// <
-			'%3e',		// >
-			'%0e',		// >
-			'%28',		// (
-			'%29',		// )
-			'%2528',	// (
-			'%26',		// &
-			'%24',		// $
-			'%3f',		// ?
-			'%3b',		// ;
-			'%3d'		// =
-		),
-		'windows' => array(
-			'\\', '/', ':', '*', '?',
-			'"', '<', '>', '|',
-		),
-	);
-
 	/**
 	 * Class constructor
 	 *
@@ -577,9 +547,26 @@ class CI_Security {
 	 * @param 	bool	$relative_path	Whether to preserve paths
 	 * @return	string
 	 */
-	public function sanitize_filename($str, $relative_path = FALSE, $rule = 'default')
+	public function sanitize_filename($str, $relative_path = FALSE)
 	{
-		$bad = $this->_filename_bad_str_rules[$rule];
+		$bad = array(
+			'../', '<!--', '-->', '<', '>',
+			"'", '"', '&', '$', '#',
+			'{', '}', '[', ']', '=',
+			';', '?', '%20', '%22',
+			'%3c',		// <
+			'%253c',	// <
+			'%3e',		// >
+			'%0e',		// >
+			'%28',		// (
+			'%29',		// )
+			'%2528',	// (
+			'%26',		// &
+			'%24',		// $
+			'%3f',		// ?
+			'%3b',		// ;
+			'%3d'		// =
+		);
 
 		if ( ! $relative_path)
 		{
diff --git a/system/libraries/Upload.php b/system/libraries/Upload.php
index 62eca6fdb..85428044d 100644
--- a/system/libraries/Upload.php
+++ b/system/libraries/Upload.php
@@ -142,13 +142,6 @@ class CI_Upload {
 	 */
 	public $file_ext_tolower		= FALSE;
 
-	/**
-	 * Filename Rule
-	 *
-	 * @var	string
-	 */
-	public $filename_rule		= 'default';
-
 	/**
 	 * Upload path
 	 *
@@ -322,8 +315,7 @@ class CI_Upload {
 					'detect_mime'			=> TRUE,
 					'xss_clean'			=> FALSE,
 					'temp_prefix'			=> 'temp_file_',
-					'client_name'			=> '',
-					'filename_rule'			=> 'default',
+					'client_name'			=> ''
 				);
 
 		foreach ($defaults as $key => $val)
@@ -480,7 +472,7 @@ class CI_Upload {
 
 		// Sanitize the file name for security
 		$CI =& get_instance();
-		$this->file_name = $CI->security->sanitize_filename($this->file_name, FALSE, $this->filename_rule);
+		$this->file_name = $CI->security->sanitize_filename($this->file_name);
 
 		// Truncate the file name if it's too long
 		if ($this->max_filename > 0)
-- 
cgit v1.2.3-24-g4f1b