>> I am working with a system that will have users uploading files,and I
>> can't depend on them not using spaces and other things Unix doesnt'
>> like in their file names (like ', ., etc).

> $photo = "This is a photo of my dog, Skippy!.jpg";
> $funkychars = array('\'', '.', ',', '$', '!', ' ');
> $photo = str_replace($funkychars, '_', $photo);
> $photo = strtolower($photo);

NOOOOOOOOOOOOOOOOOOOO*! (*= add some more O's for a more dramaturgical 
effect)

Do not say which chars you want to kill. There are always more chars than 
you can think of! Better say which chars you allow:

$photo=preg_replace("/[^a-z9-0_\-]+/","",strtolower($photo));

This technique is called "whitelist". "blacklist" techniques are not 
bulletproof. 



Community email addresses:
  Post message: [email protected]
  Subscribe:    [EMAIL PROTECTED]
  Unsubscribe:  [EMAIL PROTECTED]
  List owner:   [EMAIL PROTECTED]

Shortcut URL to this page:
  http://groups.yahoo.com/group/php-list 
Yahoo! Groups Links

<*> To visit your group on the web, go to:
    http://groups.yahoo.com/group/php-list/

<*> To unsubscribe from this group, send an email to:
    [EMAIL PROTECTED]

<*> Your use of Yahoo! Groups is subject to:
    http://docs.yahoo.com/info/terms/
 


Reply via email to