$trim_extra = '-_,~@+#&'; ?> <h3>pagetitle(str, NULL, '<?php echo $re_extra; ?> ', '<?php echo $trim_extra; ?> ')</h3> <?php $test = array(array('src' => '.htaccess', 'expect' => 'htaccess'), array('src' => 'regular.jpg', 'expect' => 'regular.jpg'), array('src' => 'Umgebung Altstadt Østgat', 'expect' => 'Umgebung Altstadt Ostgat'), array('src' => ' Sed ut perspiciatis unde omnis iste natus error ', 'expect' => 'Sed ut perspiciatis unde omnis iste natus error'), array('src' => ' advantage from it? But who has any right ', 'expect' => 'advantage from it_ But who has any right'), array('src' => 'welche aus geistiger Schwäche, d.h.', 'expect' => 'welche aus geistiger Schwaeche, d.h'), array('src' => 'München - Ausrüstung - Spaß - Viele Grüße!', 'expect' => 'Muenchen - Ausruestung - Spass - Viele Gruesse!'), array('src' => 'C:\\Windows\\TEMP\\', 'expect' => 'C_Windows_TEMP'), array('src' => '/etc/passwd', 'expect' => 'etc_passwd'), array('src' => 'Let\'s see what " quotes do?', 'expect' => 'Let_s see what _ quotes do'), array('src' => '中国出售的软件必须使用编码 新 和 湖南北部 父母通常都会对子女说地方方言 现在香港的日常使用中出现了越来越多的简体汉字 华语, 走 贵州 看不懂 清浊声', 'expect' => ''), array('src' => 'également appelé lorem ipsum', 'expect' => 'egalement appele lorem ipsum'), array('src' => 'łaciński tekst pochodzący ze starożytności, zaczerpnięty', 'expect' => 'aci_ski tekst pochodz_cy ze staro_ytno_ci, zaczerpni_ty'), array('src' => 'Ipsum текст Lorem, которые, как правило, бессмысленный список полу-латинские слова', 'expect' => 'Ipsum _ Lorem'), array('src' => 'اول دو واژه از رشته ای از متن لاتین مورد استفاده در طراحی وب سایت و چاپ به جای انگلیسی به استرس و با تکیه تلفظ کردن اهمیت', 'expect' => ''), array('src' => '설명하는 그래픽 등의 요소의 시각적 프레 젠 테이션, 문서 또는 글꼴 , 활판 인쇄술 , 그리고 레이아웃 . 의 세미 라틴어', 'expect' => ''), array('src' => 'פילער טעקסט) צו באַווייַזן די גראַפיק עלעמענטן פון אַ דאָקומענט אָדער וויסואַל פּרעזענטירונג, אַזאַ ווי שריפֿט , טאַפּאַגראַפי', 'expect' => ')'), array('src' => 'χρησιμοποιούνται κείμενο κράτησης θέσης (κείμενο πλήρωσης), για να αποδειχθεί η γραφικά στοιχεία', 'expect' => '(_ _)'), array('src' => 'ルダテキスト (フィラーテキスト)示すために、グラフィックなどの要素を指定するの視覚的なプレゼンテーション、', 'expect' => ''), array('src' => 'SQL: \'\'; DROP TABLE; \'', 'expect' => 'SQL_ _ DROP TABLE'), array('src' => '<script>alert(\'boom!\');</script>', 'expect' => 'script_alert(_boom!_)_script'), array('src' => '%20%2F%41%39 & X?', 'expect' => '20_2F_41_39 _amp_ X'), array('src' => 'https://127893215784/xyz', 'expect' => 'https_127893215784_xyz')); foreach ($test as $tc) { $t = $tc['src']; $e = $tc['expect']; $r = FileManagerUtility::pagetitle($t, null, $re_extra, $trim_extra); echo "\n<pre>ORIG: [" . htmlentities($t, ENT_NOQUOTES, 'UTF-8') . "]\nRES: [" . htmlentities($r, ENT_NOQUOTES, 'UTF-8') . "]</pre>\n"; if (strcmp($e, $r) != 0) { echo "<p><strong>FAILED!</strong></p>\n"; } echo "\n<hr />\n"; } ?> <h3>getSiteRoot</h3> <p>$_SERVER['DOCUMENT_ROOT'] = '<?php echo $_SERVER['DOCUMENT_ROOT']; ?> '</p>
protected function getName($file, $dir) { $files = array(); foreach ((array) glob($dir . '/*') as $f) { $files[] = pathinfo($f, PATHINFO_FILENAME); } $pathinfo = pathinfo($file); $file = $dir . '/' . FileManagerUtility::pagetitle($pathinfo['filename'], $files) . (!empty($pathinfo['extension']) ? '.' . $pathinfo['extension'] : null); return !$file || !FileManagerUtility::startsWith($file, $this->basedir) || file_exists($file) ? null : $file; }
/** * Make a cleaned-up, unique filename * * Return the file (dir + name + ext), or a unique, yet non-existing, variant thereof, where the filename * is appended with a '_' and a number, e.g. '_1', when the file itself already exists in the given * directory. The directory part of the returned value equals $dir. * * Return NULL when $file is empty or when the specified directory does not reside within the * directory tree rooted by options['URLpath4FileManagedDirTree'] * * Note that the given filename will be converted to a legal filename, containing a filesystem-legal * subset of ASCII characters only, before being used and returned by this function. * * @param mixed $fileinfo either a string containing a filename+ext or an array as produced by pathinfo(). * @daram string $dir path pointing at where the given file may exist. * * @return a filepath consisting of $dir and the cleaned up and possibly sequenced filename and file extension * as provided by $fileinfo, or NULL on error. */ public function getUniqueName($fileinfo, $dir) { $dir = self::enforceTrailingSlash($dir); if (is_string($fileinfo)) { $fileinfo = pathinfo($fileinfo); } if (!is_array($fileinfo)) { return null; } $dotfile = strlen($fileinfo['filename']) == 0; /* * since 'pagetitle()' is used to produce a unique, non-existing filename, we can forego the dirscan * and simply check whether the constructed filename/path exists or not and bump the suffix number * by 1 until it does not, thus quickly producing a unique filename. * * This is faster than using a dirscan to collect a set of existing filenames and feeding them as * an option array to pagetitle(), particularly for large directories. */ $filename = FileManagerUtility::pagetitle($fileinfo['filename'], null, '-_., []()~!@+', '-_,~@+#&'); if (!$filename && !$dotfile) { return null; } // also clean up the extension: only allow alphanumerics in there! $ext = FileManagerUtility::pagetitle(isset($fileinfo['extension']) ? $fileinfo['extension'] : null); $ext = strlen($ext) > 0 ? '.' . $ext : null; // make sure the generated filename is SAFE: $fname = $filename . $ext; $file = $dir . $fname; if (file_exists($file)) { if ($dotfile) { $filename = $fname; $ext = ''; } /* * make a unique name. Do this by postfixing the filename with '_X' where X is a sequential number. * * Note that when the input name is already such a 'sequenced' name, the sequence number is * extracted from it and sequencing continues from there, hence input 'file_5' would, if it already * existed, thus be bumped up to become 'file_6' and so on, until a filename is found which * does not yet exist in the designated directory. */ $i = 1; if (preg_match('/^(.*)_([1-9][0-9]*)$/', $filename, $matches)) { $i = intval($matches[2]); if ('P' . $i !== 'P' . $matches[2] || $i > 100000) { // very large number: not a sequence number! $i = 1; } else { $filename = $matches[1]; } } do { $fname = $filename . ($i ? '_' . $i : '') . $ext; $file = $dir . $fname; $i++; } while (file_exists($file)); } // $fname is now guaranteed to NOT exist in the given directory return $fname; }