tonyair/silverstripe-framework
1
0
Fork 0
mirror of https://github.com/silverstripe/silverstripe-framework synced 2024-10-22 12:05:37 +00:00
Code Issues Projects Releases Wiki Activity

BUG Fixed critical issue with Folder::find_or_make failing to handle invalid filename characters

Browse Source 
BUG Fix UploadField duplicate checking with invalid folderName
This commit is contained in:
Damian Mooyman 2014-02-20 14:03:40 +13:00
parent 429fdfaa72
commit ebeb663ddf
3 changed files with 36 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

23
filesystem/Folder.php
View File

@ -57,20 +57,23 @@ class Folder extends File {
$parentID = 0;
$item = null;
$filter = FileNameFilter::create();
foreach($parts as $part) {
if(!$part) continue; // happens for paths with a trailing slash
$item = DataObject::get_one(
"Folder",
sprintf(
"\"Name\" = '%s' AND \"ParentID\" = %d",
Convert::raw2sql($part),
(int)$parentID
)
);
// Ensure search includes folders with illegal characters removed, but
// err in favour of matching existing folders if $folderPath
// includes illegal characters itself.
$partSafe = $filter->filter($part);
$item = Folder::get()->filter(array(
'ParentID' => $parentID,
'Name' => array($partSafe, $part)
))->first();
if(!$item) {
$item = new Folder();
$item->ParentID = $parentID;
$item->Name = $part;
$item->Name = $partSafe;
$item->Title = $part;
$item->write();
}
@ -460,7 +463,7 @@ class Folder extends File {
* Get the children of this folder that are also folders.
*/
public function ChildFolders() {
return DataObject::get("Folder", "\"ParentID\" = " . (int)$this->ID);
return Folder::get()->filter('ParentID', $this->ID);
}
/**

8
forms/UploadField.php
View File

@ -1273,11 +1273,15 @@ class UploadField extends FileField {
$nameFilter = FileNameFilter::create();
$filteredFile = basename($nameFilter->filter($originalFile));
// Resolve expected folder name
$folderName = $this->getFolderName();
$folder = Folder::find_or_make($folderName);
$parentPath = BASE_PATH."/".$folder->getFilename();
// check if either file exists
$folder = $this->getFolderName();
$exists = false;
foreach(array($originalFile, $filteredFile) as $file) {
if(file_exists(ASSETS_PATH."/$folder/$file")) {
if(file_exists($parentPath.$file)) {
$exists = true;
break;
}

17
tests/filesystem/FolderTest.php
View File

@ -338,4 +338,21 @@ class FolderTest extends SapphireTest {
))->count());
}
public function testIllegalFilenames() {
// Test that generating a filename with invalid characters generates a correctly named folder.
$folder = Folder::find_or_make('/FolderTest/EN_US Lang');
$this->assertEquals(ASSETS_DIR.'/FolderTest/EN-US-Lang/', $folder->getRelativePath());
// Test repeatitions of folder
$folder2 = Folder::find_or_make('/FolderTest/EN_US Lang');
$this->assertEquals($folder->ID, $folder2->ID);
$folder3 = Folder::find_or_make('/FolderTest/EN--US_L!ang');
$this->assertEquals($folder->ID, $folder3->ID);
$folder4 = Folder::find_or_make('/FolderTest/EN-US-Lang');
$this->assertEquals($folder->ID, $folder4->ID);
}
}