Commit 228f50ce329f141190b6842d0784c70ff3f66459
1 parent
a442cd5c
KTS-2742
"Create/identify a function to test for acceptable characters that should be supported in file names and folder names." Fixed. Committed By: Conrad Vermeulen Reviewed By: Megan Watson git-svn-id: https://kt-dms.svn.sourceforge.net/svnroot/kt-dms/trunk@8084 c91229c3-7414-0410-bfa2-8a42b809f60b
Showing
5 changed files
with
61 additions
and
7 deletions
ktapi/KTAPIDocument.inc.php
| ... | ... | @@ -159,6 +159,8 @@ class KTAPI_Document extends KTAPI_FolderItem |
| 159 | 159 | return new PEAR_Error(KTAPI_ERROR_DOCUMENT_NOT_CHECKED_OUT); |
| 160 | 160 | } |
| 161 | 161 | |
| 162 | + $filename = KTUtil::replaceInvalidCharacters($filename); | |
| 163 | + | |
| 162 | 164 | $options = array('major_update'=>$major_update); |
| 163 | 165 | |
| 164 | 166 | $currentfilename = $this->document->getFileName(); |
| ... | ... | @@ -664,6 +666,7 @@ class KTAPI_Document extends KTAPI_FolderItem |
| 664 | 666 | { |
| 665 | 667 | return $user; |
| 666 | 668 | } |
| 669 | + $newname = KTUtil::replaceInvalidCharacters($newname); | |
| 667 | 670 | |
| 668 | 671 | DBUtil::startTransaction(); |
| 669 | 672 | $res = KTDocumentUtil::rename($this->document, $newname, $user); |
| ... | ... | @@ -743,6 +746,7 @@ class KTAPI_Document extends KTAPI_FolderItem |
| 743 | 746 | { |
| 744 | 747 | return $user; |
| 745 | 748 | } |
| 749 | + $newname = KTUtil::replaceInvalidCharacters($newname); | |
| 746 | 750 | |
| 747 | 751 | if ($this->document->getName() != $newname) |
| 748 | 752 | { |
| ... | ... | @@ -1164,6 +1168,7 @@ class KTAPI_Document extends KTAPI_FolderItem |
| 1164 | 1168 | $documents['immutable'] = in_array(strtolower($value), array('1','true','on','yes'))?'1':'0'; |
| 1165 | 1169 | break; |
| 1166 | 1170 | case 'filename': |
| 1171 | + $value = KTUtil::replaceInvalidCharacters($value); | |
| 1167 | 1172 | $document_content['filename'] = $value; |
| 1168 | 1173 | break; |
| 1169 | 1174 | case 'major_version': | ... | ... |
ktapi/KTAPIFolder.inc.php
| ... | ... | @@ -180,6 +180,7 @@ class KTAPI_Folder extends KTAPI_FolderItem |
| 180 | 180 | { |
| 181 | 181 | continue; |
| 182 | 182 | } |
| 183 | + $foldername = KTUtil::replaceInvalidCharacters($foldername); | |
| 183 | 184 | $foldername = sanitizeForSQL($foldername); |
| 184 | 185 | $sql = "SELECT id FROM folders WHERE |
| 185 | 186 | (name='$foldername' and parent_id=$folderid) OR |
| ... | ... | @@ -234,6 +235,7 @@ class KTAPI_Folder extends KTAPI_FolderItem |
| 234 | 235 | |
| 235 | 236 | $foldername = dirname($documentname); |
| 236 | 237 | $documentname = basename($documentname); |
| 238 | + $documentname = KTUtil::replaceInvalidCharacters($documentname); | |
| 237 | 239 | |
| 238 | 240 | $ktapi_folder = $this; |
| 239 | 241 | |
| ... | ... | @@ -592,7 +594,9 @@ class KTAPI_Folder extends KTAPI_FolderItem |
| 592 | 594 | return $user; |
| 593 | 595 | } |
| 594 | 596 | |
| 597 | + $title = KTUtil::replaceInvalidCharacters($title); | |
| 595 | 598 | $filename = basename($filename); |
| 599 | + $filename = KTUtil::replaceInvalidCharacters($filename); | |
| 596 | 600 | $documenttypeid = KTAPI::get_documenttypeid($documenttype); |
| 597 | 601 | if (PEAR::isError($documenttypeid)) |
| 598 | 602 | { |
| ... | ... | @@ -649,6 +653,7 @@ class KTAPI_Folder extends KTAPI_FolderItem |
| 649 | 653 | { |
| 650 | 654 | return $user; |
| 651 | 655 | } |
| 656 | + $foldername = KTUtil::replaceInvalidCharacters($foldername); | |
| 652 | 657 | |
| 653 | 658 | DBUtil::startTransaction(); |
| 654 | 659 | $result = KTFolderUtil::add($this->folder, $foldername, $user); |
| ... | ... | @@ -705,6 +710,7 @@ class KTAPI_Folder extends KTAPI_FolderItem |
| 705 | 710 | { |
| 706 | 711 | return $user; |
| 707 | 712 | } |
| 713 | + $newname = KTUtil::replaceInvalidCharacters($newname); | |
| 708 | 714 | |
| 709 | 715 | DBUtil::startTransaction(); |
| 710 | 716 | $result = KTFolderUtil::rename($this->folder, $newname, $user); | ... | ... |
ktwebservice/nunit/document_rename.cs
| ... | ... | @@ -35,6 +35,14 @@ namespace MonoTests.KnowledgeTree |
| 35 | 35 | response = this._kt.rename_document_title(this._session, this._doc1.docId, "test title"); |
| 36 | 36 | Assert.AreEqual(0, response.status_code); |
| 37 | 37 | Assert.AreEqual("test title", response.title); |
| 38 | - } | |
| 38 | + } | |
| 39 | + | |
| 40 | + [Test] | |
| 41 | + public void RenameWithInvalidCharactersTest() | |
| 42 | + { | |
| 43 | + kt_document_detail response = this._kt.rename_document_filename(this._session, this._doc1.docId, "te<s'`me"); | |
| 44 | + Assert.AreEqual(0, response.status_code); | |
| 45 | + Assert.AreEqual("te-s--me", response.filename); | |
| 46 | + } | |
| 39 | 47 | } |
| 40 | 48 | } | ... | ... |
ktwebservice/nunit/folder.cs
| ... | ... | @@ -99,9 +99,9 @@ namespace MonoTests.KnowledgeTree |
| 99 | 99 | kt_folder_detail response2 = this._kt.get_folder_detail(this._session, this._subfolder_id); |
| 100 | 100 | Assert.AreEqual(0, response2.status_code); |
| 101 | 101 | Assert.AreEqual(this._subfolder_id, response2.id); |
| 102 | - Assert.AreEqual("subfolde'r2", response2.folder_name); | |
| 102 | + Assert.AreEqual("subfolde-r2", response2.folder_name); | |
| 103 | 103 | Assert.AreEqual(this._folder_id, response2.parent_id); |
| 104 | - Assert.AreEqual("kt_unit_test/subfolde'r2", response2.full_path); | |
| 104 | + Assert.AreEqual("kt_unit_test/subfolde-r2", response2.full_path); | |
| 105 | 105 | } |
| 106 | 106 | |
| 107 | 107 | [Test] |
| ... | ... | @@ -120,15 +120,16 @@ namespace MonoTests.KnowledgeTree |
| 120 | 120 | |
| 121 | 121 | response = this._kt.create_folder(this._session, 1, "kt ' unit \" test"); |
| 122 | 122 | Assert.AreEqual(0,response.status_code); |
| 123 | - Assert.AreEqual("kt ' unit \" test",response.folder_name); | |
| 123 | + Assert.AreEqual("kt - unit - test",response.folder_name); | |
| 124 | 124 | |
| 125 | + // this fails because the previous folder makes a folder with the same name because of invalid character substitution | |
| 125 | 126 | response = this._kt.create_folder(this._session, 1, "kt - unit - test"); |
| 126 | - Assert.AreEqual(0,response.status_code); | |
| 127 | - Assert.AreEqual("kt - unit - test",response.folder_name); | |
| 127 | + Assert.AreEqual(22,response.status_code); | |
| 128 | +// Assert.AreEqual("kt - unit - test",response.folder_name); | |
| 128 | 129 | |
| 129 | 130 | response = this._kt.get_folder_detail_by_name(this._session, "/kt ' unit \" test"); |
| 130 | 131 | Assert.AreEqual(0,response.status_code); |
| 131 | - Assert.AreEqual("kt ' unit \" test",response.folder_name); | |
| 132 | + Assert.AreEqual("kt - unit - test",response.folder_name); | |
| 132 | 133 | } |
| 133 | 134 | |
| 134 | 135 | [Test] | ... | ... |
lib/util/ktutil.inc
| ... | ... | @@ -117,6 +117,40 @@ class KTUtil { |
| 117 | 117 | } |
| 118 | 118 | } |
| 119 | 119 | |
| 120 | + | |
| 121 | + | |
| 122 | + static $invalidFilenameCharacters = array('\\','/',':','*','?','"','<','>','|','%','+','\'','`'); | |
| 123 | + | |
| 124 | + /** | |
| 125 | + * Checks if a filename is valid | |
| 126 | + * | |
| 127 | + * @param string $filename | |
| 128 | + * @return boolean | |
| 129 | + */ | |
| 130 | + static function isValidFilename($filename) | |
| 131 | + { | |
| 132 | + foreach(KTUtil::$invalidFilenameCharacters as $char) | |
| 133 | + { | |
| 134 | + if (strpos($filename, $char) !== false) | |
| 135 | + { | |
| 136 | + return false; | |
| 137 | + } | |
| 138 | + } | |
| 139 | + | |
| 140 | + return true; | |
| 141 | + } | |
| 142 | + | |
| 143 | + static function replaceInvalidCharacters($filename) | |
| 144 | + { | |
| 145 | + foreach(KTUtil::$invalidFilenameCharacters as $char) | |
| 146 | + { | |
| 147 | + $filename = str_replace($char, '-', $filename); | |
| 148 | + } | |
| 149 | + | |
| 150 | + return $filename; | |
| 151 | + } | |
| 152 | + | |
| 153 | + | |
| 120 | 154 | function extractGPC () { |
| 121 | 155 | foreach (func_get_args() as $var) { |
| 122 | 156 | if (array_key_exists($var, $_REQUEST)) { | ... | ... |