François Beausoleil
2005-Sep-08 14:12 UTC
[BUG][file_column] filename sanitization error patch
Hello Sebastian, In another thread, I said filenames were not properly sanitized. I found the reason why: Index: lib/file_column.rb ==================================================================--- lib/file_column.rb (revision 4915) +++ lib/file_column.rb (revision 4917) @@ -249,7 +249,7 @@ def self.sanitize_filename(filename) filename = File.basename(filename.gsub("\\", "/")) # work-around for IE - filename.gsub(/[^a-zA-Z0-9\.\-\+_]/,"_") + filename.gsub!(/[^a-zA-Z0-9\.\-\+_]/,"_") filename = "_#{filename}" if filename =~ /^\.+$/ filename end Notice I am now using gsub!() from gsub(). Bye ! François
Wagner Narde
2005-Sep-08 21:26 UTC
Re: [BUG][file_column] filename sanitization error patch
Someone forgot the "filename = " On 9/8/05, François Beausoleil <fbeausoleil-IQIa899fVSs@public.gmane.org> wrote:> > Hello Sebastian, > > In another thread, I said filenames were not properly sanitized. I > found the reason why: > Index: lib/file_column.rb > ==================================================================> --- lib/file_column.rb (revision 4915) > +++ lib/file_column.rb (revision 4917) > @@ -249,7 +249,7 @@ > > def self.sanitize_filename(filename) > filename = File.basename(filename.gsub("\\", "/")) # > work-around for IE > - filename.gsub(/[^a-zA-Z0-9\.\-\+_]/,"_") > + filename.gsub!(/[^a-zA-Z0-9\.\-\+_]/,"_") > filename = "_#{filename}" if filename =~ /^\.+$/ > filename > end > > Notice I am now using gsub!() from gsub(). > > Bye ! > François > > _______________________________________________ > Rails mailing list > Rails-1W37MKcQCpIf0INCOvqR/iCwEArCW2h5@public.gmane.org > http://lists.rubyonrails.org/mailman/listinfo/rails >-- Wagner Narde wnarde-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org _______________________________________________ Rails mailing list Rails-1W37MKcQCpIf0INCOvqR/iCwEArCW2h5@public.gmane.org http://lists.rubyonrails.org/mailman/listinfo/rails