jpg filenames with '&' don't get edited.

[xushi]

Here's another one.

If you have a jpg with & in the file name, like
me & the dog.jpg
It doesn't like it.

- In the "Batch Add File", it displays a "Cant read that file" instead of the actual image. But it does actually edit it from what i see.
http://xushi.co.uk/xushi/sv/andsign.jpg

- In the gallery, when you want to "crop and rotate" the picture , you can't. After modifying (eg, rotate +-90) and preview or saving, it just displays an empty grey screen and doesn't edit/save.

[Joachim Müller]

[moderation]
bumping this unresolved thread to the top...

[Nibbler]

I remember testing this. The problem was with the space character not the ampersand character, but I was unable to determine the cause.

[Joachim Müller]

I don't think it's the space char, but (as suggested by xushi) the ampersand, see attached screenshot.

[artistsinhawaii]

just a thought.

In my old programing days of 30 years ago. I vaguely remember that if you confuse varchar with string in the function, '&' is read as a function and not as part of a string.

How does the batch file function read file names?

Dennis

[omniscientdeveloper]

*BUMP*

[Aditya Mooley]

& is an illegal character for filenames as filenames are passed around in $_GET.
This was done to prevent possible XSS attacks and this cleanup happens in line 40 of init.inc.php

[Joachim Müller]

there are a number of other illegal chars in filenames, and coppermine handles them by replacing/removing those illegal chars on file system level afaik. Couldn't we do this for ampersands as well, as there will always be fools who use special chars in filenames who will get confused by a hard error?

[Aditya Mooley]

If I am not mistaken, the renaming is done at the insert level. Here we will have to do it before insert, infact as soon as they are displayed.
I don't know how desirable it is to change filenames even before they are inserted. There will always be fools who will keep uploading again and again and it will keep getting renamed ...

Let us hear from other devs if they have any other idea.

[artistsinhawaii]

If someone had a two files, one named "John&Mary.jpg" and the other "JohnMary.jpg" would the renaming overwrite the other?  The renaming script would have to search all files and create a unique filename to prevent this.  How would this affect time out issues on larger galleries?

How about just sticking a tag line somewhere in the [batch add files] and the [upload files] screens stipulating something like  "Coppermine 1.4x does not permit the use of "&,<,>,/,?, etc" in file names." ?  Also include it somewhere in the installation notes?


Dennis

[Joachim Müller]

I agree with Dennis - an error message like "This filename contains illegal characters" would be all it takes instead of the generic "Can't read that file". This way, we'd tell users that they need to rename the pic using their FTP client before it can be added to coppermine, so no extra renaming scheme would have to be added to the coppermine core code, and the bug would be fixed easily. Any dev volunteer?

[Aditya Mooley]

I am working on file renaming as soon as the user first browses the FTP'd files.
It just might work and solve everything for everybody.

[Aditya Mooley]

Added the code for above mentioned functionality and committed to CVS.

All the files in the selected directory with forbidden characters, space and & will get replaced with underscore and then a unique filename will be generated before actaully replacing it on harddisk.

[artistsinhawaii]

Aditya,

Sorry, but what file(s) was modified?  I'd like to keep my eye on CVS for it.

Dennis

[Aditya Mooley]

searchnew.php and functions.inc.php
functions.inc.php was modified for different reason - reported by Abbas in http://forum.coppermine-gallery.net/index.php?topic=21908.0 but also needed for batchadd.

Aditya

[artistsinhawaii]

Thanks, Aditya