public static function sanitize_filename($str, $relative_path = FALSE)
{
$bad = array('../', '<!--', '-->', '<', '>', "'", '"', '&', '$', '#', '{', '}', '[', ']', '=', ';', '?', '%20', '%22', '%3c', '%253c', '%3e', '%0e', '%28', '%29', '%2528', '%26', '%24', '%3f', '%3b', '%3d');
if (!$relative_path) {
$bad[] = './';
$bad[] = '/';
}
$str = TrackerHelper::remove_invisible_characters($str, FALSE);
return stripslashes(str_replace($bad, '', $str));
}
