use improved filename sanitizing methods of ModCfg

This commit is contained in:
Daniel Seifert 2021-02-22 10:07:26 +01:00
parent c82fa1f01f
commit d7b279a4aa
Signed by: DanielS
GPG Key ID: 8A7C4C6ED1915C6F
4 changed files with 14 additions and 13 deletions

View File

@ -10,6 +10,7 @@
namespace D3\PdfDocuments\Application\Model\AbstractClasses; namespace D3\PdfDocuments\Application\Model\AbstractClasses;
use D3\ModCfg\Application\Model\d3filesystem;
use D3\PdfDocuments\Application\Model\Exceptions\pdfGeneratorExceptionAbstract; use D3\PdfDocuments\Application\Model\Exceptions\pdfGeneratorExceptionAbstract;
use D3\PdfDocuments\Application\Model\Interfaces\pdfdocumentsGenericInterface as genericInterface; use D3\PdfDocuments\Application\Model\Interfaces\pdfdocumentsGenericInterface as genericInterface;
use OxidEsales\Eshop\Core\Base; use OxidEsales\Eshop\Core\Base;
@ -218,15 +219,15 @@ abstract class pdfdocumentsGeneric extends Base implements genericInterface
{ {
// forced filename from setFilename() // forced filename from setFilename()
if ($this->filename) { if ($this->filename) {
return $this->addFilenameExtension( return $this->makeValidFileName(
$this->makeValidFileName( $this->addFilenameExtension(
$this->filename $this->filename
) )
); );
} }
return $this->addFilenameExtension( return $this->makeValidFileName(
$this->makeValidFileName( $this->addFilenameExtension(
$this->getTypeForFilename() $this->getTypeForFilename()
) )
); );
@ -257,10 +258,8 @@ abstract class pdfdocumentsGeneric extends Base implements genericInterface
*/ */
public function makeValidFileName($sFilename) public function makeValidFileName($sFilename)
{ {
$sFilename = preg_replace('/[\s]+/', '_', $sFilename); $fs = oxNew(d3filesystem::class);
$sFilename = preg_replace('/[^a-zA-Z0-9_\.-]/', '', $sFilename); return $fs->filterFilename($sFilename);
return str_replace(' ', '_', $sFilename);
} }
/** /**

View File

@ -63,8 +63,8 @@ abstract class pdfdocumentsOrder extends pdfdocumentsGeneric implements orderInt
{ {
// forced filename from setFilename() // forced filename from setFilename()
if ($this->filename) { if ($this->filename) {
return $this->addFilenameExtension( return $this->makeValidFileName(
$this->makeValidFileName( $this->addFilenameExtension(
$this->filename $this->filename
) )
); );
@ -72,8 +72,8 @@ abstract class pdfdocumentsOrder extends pdfdocumentsGeneric implements orderInt
$sTrimmedBillName = trim($this->getOrder()->getFieldData('oxbilllname')); $sTrimmedBillName = trim($this->getOrder()->getFieldData('oxbilllname'));
return $this->addFilenameExtension( return $this->makeValidFileName(
$this->makeValidFileName( $this->addFilenameExtension(
implode( implode(
'_', '_',
[ [

View File

@ -33,7 +33,8 @@
"require": { "require": {
"php": "^7.0", "php": "^7.0",
"oxid-esales/oxideshop-ce": "6.3 - 6.6", "oxid-esales/oxideshop-ce": "6.3 - 6.6",
"spipu/html2pdf": "^5.2" "spipu/html2pdf": "^5.2",
"d3/modcfg": "^5.3.6.000"
}, },
"autoload": { "autoload": {
"psr-4": { "psr-4": {

View File

@ -10,6 +10,7 @@ title: Systemanforderungen
* 6.2.x * 6.2.x
* Themes * Themes
* Diese Modul bindet sich nicht in Frontendthemes ein und ist daher davon unabhängig * Diese Modul bindet sich nicht in Frontendthemes ein und ist daher davon unabhängig
* (D3) Modul-Connector ([kostenfrei bei D3 erhältlich](https://www.oxidmodule.com/connector/)) ab Version 5.3.6.0
* Template-Engine * Template-Engine
* Smarty * Smarty
* Installation via [Composer](https://getcomposer.org) * Installation via [Composer](https://getcomposer.org)