upload_munge_filename
modules/upload/upload.module, строка 632
- Версии
- 5
upload_munge_filename($filename, $extensions = NULL, $alerts = 1)
Munge the filename as needed for security purposes.
Параметры
$filename
The name of a file to modify.
$extensions
A space separated list of valid extensions. If this is blank, we'll use
the admin-defined defaults for the user role from upload_extensions_$rid
.
$alerts
Whether alerts (watchdog, drupal_set_message()) should be displayed.
Возвращаемое значение
$filename
The potentially modified $filename
.
Код
<?php
function upload_munge_filename($filename, $extensions = NULL, $alerts = 1) {
global $user;
$original = $filename;
// Allow potentially insecure uploads for very savvy users and admin
if (!variable_get('allow_insecure_uploads', 0)) {
if (!isset($extensions)) {
$extensions = '';
foreach ($user->roles as $rid => $name) {
$extensions .= ' '. variable_get("upload_extensions_$rid", variable_get('upload_extensions_default', 'jpg jpeg gif png txt doc xls pdf ppt pps odt ods odp'));
}
}
$whitelist = array_unique(explode(' ', trim($extensions)));
$filename_parts = explode('.', $filename);
$new_filename = array_shift($filename_parts); // Remove file basename.
$final_extension = array_pop($filename_parts); // Remove final extension.
foreach ($filename_parts as $filename_part) {
$new_filename .= ".$filename_part";
if (!in_array($filename_part, $whitelist) && preg_match("/^[a-zA-Z]{2,5}\d?$/", $filename_part)) {
$new_filename .= '_';
}
}
$filename = "$new_filename.$final_extension";
}
if ($alerts && $original != $filename) {
$message = t('Your filename has been renamed to conform to site policy.');
drupal_set_message($message);
}
return $filename;
}
?>
Войдите или зарегистрируйтесь, чтобы получить возможность отправлять комментарии