comparison MoinMoin/web/static/htdocs/applets/FCKeditor/editor/filemanager/connectors/py/fckutil.py @ 5144:12d27670e274

merged moin/1.8
author Thomas Waldmann <tw AT waldmann-edv DOT de>
date Mon, 14 Sep 2009 02:47:11 +0200
parents wiki/htdocs/applets/FCKeditor/editor/filemanager/connectors/py/fckutil.py@287faf79876f wiki/htdocs/applets/FCKeditor/editor/filemanager/connectors/py/fckutil.py@a6461afbc0ce
children 9c27b8589342
comparison
equal deleted inserted replaced
5113:b7c8c6eb7690 5144:12d27670e274
60 return filename 60 return filename
61 61
62 def sanitizeFolderName( newFolderName ): 62 def sanitizeFolderName( newFolderName ):
63 "Do a cleanup of the folder name to avoid possible problems" 63 "Do a cleanup of the folder name to avoid possible problems"
64 # Remove . \ / | : ? * " < > and control characters 64 # Remove . \ / | : ? * " < > and control characters
65 return re.sub( '(?u)\\.|\\\\|\\/|\\||\\:|\\?|\\*|"|<|>|[^\u0000-\u001f\u007f-\u009f]', '_', newFolderName ) 65 return re.sub( '\\.|\\\\|\\/|\\||\\:|\\?|\\*|"|<|>|[\x00-\x1f\x7f-\x9f]', '_', newFolderName )
66 66
67 def sanitizeFileName( newFileName ): 67 def sanitizeFileName( newFileName ):
68 "Do a cleanup of the file name to avoid possible problems" 68 "Do a cleanup of the file name to avoid possible problems"
69 # Replace dots in the name with underscores (only one dot can be there... security issue). 69 # Replace dots in the name with underscores (only one dot can be there... security issue).
70 if ( Config.ForceSingleExtension ): # remove dots 70 if ( Config.ForceSingleExtension ): # remove dots
71 newFileName = re.sub ( '/\\.(?![^.]*$)/', '_', newFileName ) ; 71 newFileName = re.sub ( '\\.(?![^.]*$)', '_', newFileName ) ;
72 newFileName = newFileName.replace('\\','/') # convert windows to unix path 72 newFileName = newFileName.replace('\\','/') # convert windows to unix path
73 newFileName = os.path.basename (newFileName) # strip directories 73 newFileName = os.path.basename (newFileName) # strip directories
74 # Remove \ / | : ? * 74 # Remove \ / | : ? *
75 return re.sub ( '(?u)/\\\\|\\/|\\||\\:|\\?|\\*|"|<|>|[^\u0000-\u001f\u007f-\u009f]/', '_', newFileName ) 75 return re.sub ( '\\\\|\\/|\\||\\:|\\?|\\*|"|<|>|[\x00-\x1f\x7f-\x9f]/', '_', newFileName )
76 76
77 def getCurrentFolder(currentFolder): 77 def getCurrentFolder(currentFolder):
78 if not currentFolder: 78 if not currentFolder:
79 currentFolder = '/' 79 currentFolder = '/'
80 80
88 while '//' in currentFolder: 88 while '//' in currentFolder:
89 currentFolder = currentFolder.replace('//','/') 89 currentFolder = currentFolder.replace('//','/')
90 90
91 # Check for invalid folder paths (..) 91 # Check for invalid folder paths (..)
92 if '..' in currentFolder or '\\' in currentFolder: 92 if '..' in currentFolder or '\\' in currentFolder:
93 return None
94
95 # Check for invalid folder paths (..)
96 if re.search( '(/\\.)|(//)|([\\\\:\\*\\?\\""\\<\\>\\|]|[\x00-\x1F]|[\x7f-\x9f])', currentFolder ):
93 return None 97 return None
94 98
95 return currentFolder 99 return currentFolder
96 100
97 def mapServerPath( environ, url): 101 def mapServerPath( environ, url):