Project

General

Profile

Actions
Copy link

Bug #32046

closed

function t3lib_div::validPathStr fails on certain file names

Added by Jürgen Tauschl almost 13 years ago. Updated about 6 years ago.

Status:
Closed
Priority:
Should have
Assignee:
Dmitry Dulepov
Category:
-
Target version:
-
Start date:
2011-11-24
Due date:
% Done:

100%

Estimated time:
TYPO3 Version:
4.6
PHP Version:
5.2
Tags:
Complexity:
Is Regression:
Sprint Focus:

Description

File t3lib/class.t3lib_div.php Line 3952 (function validPathStr):

if (strpos($theFile, '//') === FALSE && strpos($theFile, '\\') === FALSE && !preg_match('#(?:^\.\.|/\.\./|[[:cntrl:]])#', $theFile)) {
    return TRUE;
}

The [[:cntrl:]] part of the search pattern matches on certain German umlauts (Ü, ß). The result is that certain files won't be shown.

Problem exists also in 4.5(.6).

Files

test-32046.php (232 Bytes) test-32046.php Dmitry Dulepov, 2011-12-02 14:20
Actions
Copy link
 #1

Updated by Dmitry Dulepov almost 13 years ago

  • Status changed from New to Accepted
  • Assignee set to Dmitry Dulepov

It also fails on any cyrillic letters. Thus it is not possible to have UTF-8 file names from t3lib_div::getFileGetAbsFileName().

Actions
Copy link
 #2

Updated by Helmut Hummel almost 13 years ago

Dmitry Dulepov wrote:

It also fails on any cyrillic letters. Thus it is not possible to have UTF-8 file names from t3lib_div::getFileGetAbsFileName().

What are the exact letter that match the query?

I tried this:

$theFile='asdasäöüÄÖÜßАБВГДЕЖЅЗИІКЛМНОПҀРСТѸФХѠЦЧШЩЪꙐЬѢꙖѤЮѦѪѨѬѮѰѲѴ';
var_dump(preg_match('#(?:^\.\.|/\.\./|[[:cntrl:]])#', $theFile));

But the result is "int 0"

Maybe it depends on the PHP version or if zend multibyte is used?
Maybe adding the "u" modifier already helps on your side?

$theFile='asdasäöüÄÖÜßАБВГДЕЖЅЗИІКЛМНОПҀРСТѸФХѠЦЧШЩЪꙐЬѢꙖѤЮѦѪѨѬѮѰѲѴ';
var_dump(preg_match('#(?:^\.\.|/\.\./|[[:cntrl:]])#u', $theFile));
Actions
Copy link
 #3

Updated by Dmitry Dulepov almost 13 years ago

I attached a test file. Please, put it into the root of any TYPO3 installation and run. The result will be:

t3lib_div::validPathStr('fileadmin/templates/Ссылки (fce).xml') returns false

Expected result is:

t3lib_div::validPathStr('fileadmin/templates/Ссылки (fce).xml') returns true
Actions
Copy link
 #4

Updated by Dmitry Dulepov almost 13 years ago

'u' modifier helps.

Actions
Copy link
 #5

Updated by Gerrit Code Review almost 13 years ago

  • Status changed from Accepted to Under Review

Patch set 1 for branch master has been pushed to the review server.
It is available at http://review.typo3.org/7032

Actions
Copy link
 #6

Updated by Gerrit Code Review almost 13 years ago

Patch set 2 for branch master has been pushed to the review server.
It is available at http://review.typo3.org/7032

Actions
Copy link
 #7

Updated by Gerrit Code Review almost 13 years ago

Patch set 3 for branch master has been pushed to the review server.
It is available at http://review.typo3.org/7032

Actions
Copy link
 #8

Updated by Gerrit Code Review almost 13 years ago

Patch set 1 for branch TYPO3_4-5 has been pushed to the review server.
It is available at http://review.typo3.org/7796

Actions
Copy link
 #9

Updated by Gerrit Code Review almost 13 years ago

Patch set 1 for branch TYPO3_4-6 has been pushed to the review server.
It is available at http://review.typo3.org/7797

Actions
Copy link
 #10

Updated by Dmitry Dulepov almost 13 years ago

  • Status changed from Under Review to Resolved
  • % Done changed from 0 to 100
Actions
Copy link
 #11

Updated by Benni Mack about 6 years ago

  • Status changed from Resolved to Closed
Actions
Copy link

Also available in: Atom PDF