NOBUG: Extend param_file and param_path to nicely support utf-8 chars

diff --git a/lib/moodlelib.php b/lib/moodlelib.php
index 826741a8e5fa2177a5ca905ca12ffb0f3886bf72..b16c9c9149fee103c0745e64a7b4039d4c485f7a 100644 (file)
--- a/lib/moodlelib.php
+++ b/lib/moodlelib.php
@@ -476,7 +476,7 @@ function clean_param($param, $type) {
             return preg_replace('/[^a-zA-Z0-9\/_-]/i', '', $param); 
 
         case PARAM_FILE:         // Strip all suspicious characters from filename
-            $param = preg_replace('~[[:cntrl:]]|[&<>"`\|\':\\/]~', '', $param);
+            $param = preg_replace('~[[:cntrl:]]|[&<>"`\|\':\\/]~u', '', $param);
             $param = preg_replace('~\.\.+~', '', $param);
             if ($param === '.') {
                 $param = '';
@@ -485,7 +485,7 @@ function clean_param($param, $type) {
 
         case PARAM_PATH:         // Strip all suspicious characters from file path
             $param = str_replace('\\', '/', $param);
-            $param = preg_replace('~[[:cntrl:]]|[&<>"`\|\':]~', '', $param);
+            $param = preg_replace('~[[:cntrl:]]|[&<>"`\|\':]~u', '', $param);
             $param = preg_replace('~\.\.+~', '', $param);
             $param = preg_replace('~//+~', '/', $param);
             return preg_replace('~/(\./)+~', '/', $param);