Unverified Commit 63efacbb authored by larowlan's avatar larowlan
Browse files

SA-CORE-2019-010 by larowlan, greggles, mlhess, kim.pepper, alexpott, dww, xjm, David_Rothstein

parent 7ae15f9c
...@@ -992,7 +992,7 @@ function _file_save_upload_single(\SplFileInfo $file_info, $form_field_name, $va ...@@ -992,7 +992,7 @@ function _file_save_upload_single(\SplFileInfo $file_info, $form_field_name, $va
$values = [ $values = [
'uid' => $user->id(), 'uid' => $user->id(),
'status' => 0, 'status' => 0,
'filename' => $file_info->getClientOriginalName(), 'filename' => trim($file_info->getClientOriginalName(), '.'),
'uri' => $file_info->getRealPath(), 'uri' => $file_info->getRealPath(),
'filesize' => $file_info->getSize(), 'filesize' => $file_info->getSize(),
]; ];
......
...@@ -2,6 +2,8 @@ ...@@ -2,6 +2,8 @@
namespace Drupal\Tests\file\Functional; namespace Drupal\Tests\file\Functional;
use Drupal\file\Entity\File;
/** /**
* Tests the 'managed_file' element type. * Tests the 'managed_file' element type.
* *
...@@ -156,6 +158,21 @@ public function testManagedFileRemoved() { ...@@ -156,6 +158,21 @@ public function testManagedFileRemoved() {
$this->assertRaw('The file referenced by the Managed <em>file &amp; butter</em> field does not exist.'); $this->assertRaw('The file referenced by the Managed <em>file &amp; butter</em> field does not exist.');
} }
/**
* Tests file names have leading . removed.
*/
public function testFileNameTrim() {
file_put_contents('public://.leading-period.txt', $this->randomString(32));
$last_fid_prior = $this->getLastFileId();
$this->drupalPostForm('file/test/0/0/0', [
'files[file]' => \Drupal::service('file_system')->realpath('public://.leading-period.txt'),
], t('Save'));
$next_fid = $this->getLastFileId();
$this->assertGreaterThan($last_fid_prior, $next_fid);
$file = File::load($next_fid);
$this->assertEquals('leading-period.txt', $file->getFilename());
}
/** /**
* Ensure a file entity can be saved when the file does not exist on disk. * Ensure a file entity can be saved when the file does not exist on disk.
*/ */
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment