1

I'm using do_upload() function in CI3, to rename & upload a file. The file name contains '&' character. When i upload a file and save it, the '&' character from file name is getting remove. Below is the code -

// Upload File Name : ***Heavy & Light Vehicles.csv***

// File post parameter : *im_file*


    $config['file_name'] = $saved_file_name = uniqid() . '_' . $_FILES['im_file']['name'];
    $config['allowed_types'] = 'csv';
    $config['overwrite'] = TRUE;
    $this->load->library('upload');
    $this->upload->initialize($config);
    if (!$this->upload->do_upload('im_file')) {
         $error = array('error' => $this->upload->display_errors());
         $im_file = "";
         exit();
    } else {
         $filedata = array('upload_data' => $this->upload->data());
         print_r($filedata);
    }

The array printed as below -

[upload_data] => Array
        (
            [file_name] => 65e5c1262de2d_Heavy_Light_Vehicles.csv
            [file_type] => text/plain
            [file_path] => D:/wamp/www/project_folder/uploads/import_file/vehicles/
            [full_path] => D:/wamp/www/project_folder/uploads/import_file/vehicles/65e5c1262de2d_Heavy_Light_Vehicles.csv
            [raw_name] => 65e5c1262de2d_Heavy_Light_Vehicles.csv
            [orig_name] => 65e5c1262de2d_Heavy_Light_Vehicles.csv
            [client_name] => Heavy & Light Vehicles.csv
            [file_ext] => .csv
            [file_size] => 99.2
            [is_image] => 
            [image_width] => 
            [image_height] => 
            [image_type] => 
            [image_size_str] => 
        )

In above printed 'file upload' array, the '&' character from file name got removed while saving it. Expected file name after save should be 65e5c1262de2d_Heavy_&_Light_Vehicles.csv. Please suggest if there is any solution to keep file name '&' character as it is.

Improve this question

1 Answer 1

Reset to default
1

The do_upload method uses the sanitize_filename method in the CI_Security class to remove all characters from the filename that are listed in the public $filename_bad_chars array in that same class.

To keep the &, you could extend the CI_Security class, and override the public $filename_bad_chars array with the a copy of the original array that has the & removed.

If you name the class MY_Security.php and save it in the application/core folder, CodeIgniter will automatically use this new class:

<?php

class MY_Security extends CI_Security
{

    /**
     * List of sanitize filename strings
     *
     * @var array
     */
    public $filename_bad_chars =    array(
        '../', '<!--', '-->', '<', '>',
        "'", '"', '$', '#',
        '{', '}', '[', ']', '=',
        ';', '?', '%20', '%22',
        '%3c',        // <
        '%253c',    // <
        '%3e',        // >
        '%0e',        // >
        '%28',        // (
        '%29',        // )
        '%2528',    // (
        '%26',        // &
        '%24',        // $
        '%3f',        // ?
        '%3b',        // ;
        '%3d'        // =
    );

    public function __construct()
    {
        parent::__construct();
    }
}

See also: https://codeigniter.com/userguide3/general/core_classes.html#extending-core-class

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.