Add support for files with UTF-8 start letter

TeLiXj · TeLiXj · commit bf2513ab40b4 · 2016-04-11T22:50:19.000+02:00
diff --git a/server/php/UploadHandler.php b/server/php/UploadHandler.php
@@ -43,7 +43,7 @@ class UploadHandler
     function __construct($options = null, $initialize = true, $error_messages = null) {
         $this->response = array();
         $this->options = array(
-            'script_url' => $this->get_full_url().'/'.basename($this->get_server_var('SCRIPT_NAME')),
+            'script_url' => $this->get_full_url().'/'.$this->basename($this->get_server_var('SCRIPT_NAME')),
             'upload_dir' => dirname($this->get_server_var('SCRIPT_FILENAME')).'/files/',
             'upload_url' => $this->get_full_url().'/files/',
             'input_stream' => 'php://input',
@@ -517,7 +517,7 @@ protected function trim_file_name($file_path, $name, $size, $type, $error,
         // Remove path information and dots around the filename, to prevent uploading
         // into different directories or replacing hidden system files.
         // Also remove control characters and spaces (\x00..\x20) around the filename:
-        $name = trim(basename(stripslashes($name)), ".\x00..\x20");
+        $name = trim($this->basename(stripslashes($name)), ".\x00..\x20");
         // Use a timestamp for empty filenames:
         if (!$name) {
             $name = str_replace('.', '-', microtime(true));
@@ -1150,7 +1150,7 @@ protected function handle_form_data($file, $index) {
     }
 
     protected function get_version_param() {
-        return basename(stripslashes($this->get_query_param('version')));
+        return $this->basename(stripslashes($this->get_query_param('version')));
     }
 
     protected function get_singular_param_name() {
@@ -1159,7 +1159,7 @@ protected function get_singular_param_name() {
 
     protected function get_file_name_param() {
         $name = $this->get_singular_param_name();
-        return basename(stripslashes($this->get_query_param($name)));
+        return $this->basename(stripslashes($this->get_query_param($name)));
     }
 
     protected function get_file_names_params() {
@@ -1168,7 +1168,7 @@ protected function get_file_names_params() {
             return null;
         }
         foreach ($params as $key => $value) {
-            $params[$key] = basename(stripslashes($value));
+            $params[$key] = $this->basename(stripslashes($value));
         }
         return $params;
     }
@@ -1385,4 +1385,8 @@ public function delete($print_response = true) {
         return $this->generate_response($response, $print_response);
     }
 
+    private function basename($filepath, $suffix = null) {
+        $splited = preg_split('/\//', rtrim ($filepath, '/ '));
+        return substr(basename('X'.$splited[count($splited)-1], $suffix), 1);
+    }
 }

Original file line number	Diff line number	Diff line change
`@@ -43,7 +43,7 @@ class UploadHandler`
`43`	`43`	`function __construct($options = null, $initialize = true, $error_messages = null) {`
`44`	`44`	`$this->response = array();`
`45`	`45`	`$this->options = array(`
`46`		`- 'script_url' => $this->get_full_url().'/'.basename($this->get_server_var('SCRIPT_NAME')),`
	`46`	`+ 'script_url' => $this->get_full_url().'/'.$this->basename($this->get_server_var('SCRIPT_NAME')),`
`47`	`47`	`'upload_dir' => dirname($this->get_server_var('SCRIPT_FILENAME')).'/files/',`
`48`	`48`	`'upload_url' => $this->get_full_url().'/files/',`
`49`	`49`	`'input_stream' => 'php://input',`
`@@ -517,7 +517,7 @@ protected function trim_file_name($file_path, $name, $size, $type, $error,`
`517`	`517`	`// Remove path information and dots around the filename, to prevent uploading`
`518`	`518`	`// into different directories or replacing hidden system files.`
`519`	`519`	`// Also remove control characters and spaces (\x00..\x20) around the filename:`
`520`		`- $name = trim(basename(stripslashes($name)), ".\x00..\x20");`
	`520`	`+ $name = trim($this->basename(stripslashes($name)), ".\x00..\x20");`
`521`	`521`	`// Use a timestamp for empty filenames:`
`522`	`522`	`if (!$name) {`
`523`	`523`	`$name = str_replace('.', '-', microtime(true));`
`@@ -1150,7 +1150,7 @@ protected function handle_form_data($file, $index) {`
`1150`	`1150`	`}`
`1151`	`1151`
`1152`	`1152`	`protected function get_version_param() {`
`1153`		`- return basename(stripslashes($this->get_query_param('version')));`
	`1153`	`+ return $this->basename(stripslashes($this->get_query_param('version')));`
`1154`	`1154`	`}`
`1155`	`1155`
`1156`	`1156`	`protected function get_singular_param_name() {`
`@@ -1159,7 +1159,7 @@ protected function get_singular_param_name() {`
`1159`	`1159`
`1160`	`1160`	`protected function get_file_name_param() {`
`1161`	`1161`	`$name = $this->get_singular_param_name();`
`1162`		`- return basename(stripslashes($this->get_query_param($name)));`
	`1162`	`+ return $this->basename(stripslashes($this->get_query_param($name)));`
`1163`	`1163`	`}`
`1164`	`1164`
`1165`	`1165`	`protected function get_file_names_params() {`
`@@ -1168,7 +1168,7 @@ protected function get_file_names_params() {`
`1168`	`1168`	`return null;`
`1169`	`1169`	`}`
`1170`	`1170`	`foreach ($params as $key => $value) {`
`1171`		`- $params[$key] = basename(stripslashes($value));`
	`1171`	`+ $params[$key] = $this->basename(stripslashes($value));`
`1172`	`1172`	`}`
`1173`	`1173`	`return $params;`
`1174`	`1174`	`}`
`@@ -1385,4 +1385,8 @@ public function delete($print_response = true) {`
`1385`	`1385`	`return $this->generate_response($response, $print_response);`
`1386`	`1386`	`}`
`1387`	`1387`
	`1388`	`+ private function basename($filepath, $suffix = null) {`
	`1389`	`+ $splited = preg_split('/\//', rtrim ($filepath, '/ '));`
	`1390`	`+ return substr(basename('X'.$splited[count($splited)-1], $suffix), 1);`
	`1391`	`+ }`
`1388`	`1392`	`}`