/** Function to sanitize the upload file name when the file name is detected to have bad extensions * @param String -- $fileName - File name to be sanitized * @return String - Sanitized file name */ function sanitizeUploadFileName($fileName, $badFileExtensions) { $fileName = Vtiger_Functions::slug($fileName); $fileName = rtrim($fileName, '\\/<>?*:"<>|'); $fileNameParts = explode(".", $fileName); $countOfFileNameParts = count($fileNameParts); $badExtensionFound = false; for ($i = 0; $i < $countOfFileNameParts; ++$i) { $partOfFileName = $fileNameParts[$i]; if (in_array(strtolower($partOfFileName), $badFileExtensions)) { $badExtensionFound = true; $fileNameParts[$i] = $partOfFileName . 'file'; } } $newFileName = implode(".", $fileNameParts); if ($badExtensionFound) { $newFileName .= ".txt"; } return $newFileName; }