MDL-15897 deprecated PARAM_CLEANFILE - we now support unicode everywhere

diff --git a/admin/roles/manage.php b/admin/roles/manage.php
index 54299961dfccca30663ab0b000ecb0add60c3737..11c0e2a09cfeff91874706fa798ffa1e28e3ffe8 100755 (executable)
--- a/admin/roles/manage.php
+++ b/admin/roles/manage.php
@@ -55,7 +55,9 @@
         case 'add':
             if ($data = data_submitted() and confirm_sesskey()) {
 
-                $shortname = moodle_strtolower(clean_filename($shortname)); // only lowercase safe ASCII characters
+                $shortname = textlib_get_instance()->specialtoascii($shortname);
+                
+                $shortname = moodle_strtolower(clean_param($shortname, PARAM_ALPHANUMEXT)); // only lowercase safe ASCII characters
                 $legacytype = required_param('legacytype', PARAM_RAW);
 
                 $legacyroles = get_legacy_roles();

diff --git a/admin/uploadpicture.php b/admin/uploadpicture.php
index 65566ce8fcca461e16a43b3176502b781778f35e..19dc8973d83050dfc547eecf455ce11f19e5ef2a 100644 (file)
--- a/admin/uploadpicture.php
+++ b/admin/uploadpicture.php
@@ -200,7 +200,7 @@ function process_file ($file, $userfield, $overwrite) {
     $path_parts = pathinfo(cleardoubleslashes($file));
     $basename  = $path_parts['basename'];
     $extension = $path_parts['extension'];
-    if ($basename != clean_param($basename, PARAM_CLEANFILE)) {
+    if ($basename != clean_param($basename, PARAM_FILE)) {
         // The original picture file name has invalid characters
         notify(get_string('uploadpicture_invalidfilename', 'admin',
                           clean_param($basename, PARAM_CLEANHTML)));

diff --git a/lib/moodlelib.php b/lib/moodlelib.php
index ea3a299ceaac51979dfd8a62f034278f88655554..4443bd7353f0dfa24d84548b4f63db3b34dc079f 100644 (file)
--- a/lib/moodlelib.php
+++ b/lib/moodlelib.php
@@ -168,6 +168,12 @@ define('PARAM_TEXT',  0x0009);
  */
 define('PARAM_FILE',     0x0010);
 
+/**
+ * PARAM_CLEANFILE - alias of PARAM_FILE; originally was removing regional chars too
+ * NOTE: obsoleted do not use anymore
+ */
+define('PARAM_CLEANFILE',0x0010);
+
 /**
  * PARAM_TAG - one tag (interests, blogs, etc.) - mostly international characters and space, <> not supported
  */
@@ -199,14 +205,6 @@ define('PARAM_URL',      0x0080);
  */
 define('PARAM_LOCALURL', 0x0180);
 
-/**
- * PARAM_CLEANFILE - safe file name, all dangerous and regional chars are removed,
- * use when you want to store a new file submitted by students
- *
- * NOTE: obsoleted do not use anymore
- */
-define('PARAM_CLEANFILE',0x0200);
-
 /**
  * PARAM_BOOL - converts input into 0 or 1, use for switches in forms and urls.
  */
@@ -376,7 +374,6 @@ function optional_param($parname, $default=NULL, $type=PARAM_CLEAN) {
  * @uses PARAM_TEXT
  * @uses PARAM_SAFEDIR
  * @uses PARAM_SAFEPATH
- * @uses PARAM_CLEANFILE
  * @uses PARAM_FILE
  * @uses PARAM_PATH
  * @uses PARAM_HOST
@@ -461,10 +458,6 @@ function clean_param($param, $type) {
         case PARAM_SAFEPATH:     // Remove everything not a-zA-Z0-9/_-
             return eregi_replace('[^a-zA-Z0-9/_-]', '', $param);
 
-        case PARAM_CLEANFILE:    // allow only safe characters
-            //TODO: remove?
-            return clean_filename($param);
-
         case PARAM_FILE:         // Strip all suspicious characters from filename
             $param = ereg_replace('[[:cntrl:]]|[&<>"`\|\':\\/]', '', $param);
             $param = ereg_replace('\.\.+', '', $param);
@@ -4966,29 +4959,12 @@ function display_size($size) {
 
 /**
  * Cleans a given filename by removing suspicious or troublesome characters
- * Only these are allowed: alphanumeric _ - .
- * Unicode characters can be enabled by setting $CFG->unicodecleanfilename = true in config.php
- *
- * WARNING: unicode characters may not be compatible with zip compression in backup/restore,
- *          because native zip binaries do weird character conversions. Use PHP zipping instead.
  *
  * @param string $string  file name
  * @return string cleaned file name
  */
 function clean_filename($string) {
-    global $CFG;
-
-    if (empty($CFG->unicodecleanfilename)) {
-        $textlib = textlib_get_instance();
-        $string = $textlib->specialtoascii($string);
-        $string = preg_replace('/[^\.a-zA-Z\d\_-]/','_', $string ); // only allowed chars
-    } else {
-        //clean only ascii range
-        $string = preg_replace("/[\\000-\\x2c\\x2f\\x3a-\\x40\\x5b-\\x5e\\x60\\x7b-\\177]/s", '_', $string);
-    }
-    $string = preg_replace("/_+/", '_', $string);
-    $string = preg_replace("/\.\.+/", '.', $string);
-    return $string;
+    return clean_param($string, PARAM_FILE);
 }
 
 

diff --git a/lib/simpletest/testmoodlelib.php b/lib/simpletest/testmoodlelib.php
index 0189051c13922b12a75268d3a147ca421ede4f8f..05273e6e23e73e2c0e134ad92aa50612020d314f 100644 (file)
--- a/lib/simpletest/testmoodlelib.php
+++ b/lib/simpletest/testmoodlelib.php
@@ -155,7 +155,6 @@ class moodlelib_test extends UnitTestCase {
      * @uses PARAM_ALPHAEXT
      * @uses PARAM_BOOL
      * @uses PARAM_SAFEDIR
-     * @uses PARAM_CLEANFILE
      * @uses PARAM_FILE
      * @uses PARAM_PATH
      * @uses PARAM_HOST

diff --git a/question/export_form.php b/question/export_form.php
index dac89f48a5e10efe6d09f5836f1c39fea5b1f634..598cedb26f6b6f26996fe9189eec631efc0fd696 100644 (file)
--- a/question/export_form.php
+++ b/question/export_form.php
@@ -45,7 +45,7 @@ class question_export_form extends moodleform {
 
         $mform->addElement('text', 'exportfilename', get_string('exportname', 'quiz'), array('size'=>40));
         $mform->setDefault('exportfilename', $defaultfilename);
-        $mform->setType('exportfilename', PARAM_CLEANFILE);
+        $mform->setType('exportfilename', PARAM_FILE);
 
         // set a template for the format select elements   
         $renderer =& $mform->defaultRenderer();