Garbage in file names or hiding our swans (wordpress)

Introduction

Some cameras categorically refuse to name files based on the timestamp using an ordinary counter. In everyday life, this trifle really seems a trifle, but on the Internet it grows into a problem, which allows a particularly curious wool site in search of photos P1100812.jpg and P1100813.jpg after viewing P1100811.jpg.

Option s solutions:

~~add static prefix~~
add dynamic prefix

Now we need to decide how to add a prefix, whether to do this through a samopisny script before uploading photos, renaming all local photos (science power, oh no!) Or when uploading to the server. Without looking, without the startled facial muscles, I chose the option “to the server!”.

Technical implementation:

she is! = write with pens
it is not! = ready wordpress plugin

Fortunately or unfortunately, the search for plug-ins produced an outdated list for older wordpress versions. Therefore, armed with Google and then np ++, it was found that:

processing upload files on the shoulders /wp-includes/functions.php
file name * is generated in the wp_unique_filename function

* generated - I bent a little, just checked for uniqueness / correctness and changes in the case, but this, judging by the code, is the final authority.

And so, open the functions.php file, find the body of the function wp_unique_filename , there is the line $filename = sanitize_file_name($filename); and joyfully rule her!

How to rule her?
')
For example as (one of the options):

$filename = crc32(md5(microtime()).sanitize_file_name($filename))."_".sanitize_file_name($filename);
$filename = md5(microtime().sanitize_file_name($filename))."_".sanitize_file_name($filename);
$filename = crc32("blablabla".microtime().sanitize_file_name($filename))."_".sanitize_file_name($filename);
$filename = any soul suitable php hashes and something random .sanitize_file_name($filename);

microtime() - performs the role of PRNG, giving the current server time.

We leave the current algorithm of wp_unique_filename , only adding our garbage to the beginning of the file.

I chose the CRC32( elf magic )."_".sanitize_file_name($filename); option for myself )."_".sanitize_file_name($filename); , because the CRC32 does not disfigure the file (name) externally, adding a little tsyferek / bukovok, making the “ random_file_names.png ” into the digestible “ 255298064_random_file_names.png ”, which is more ae812e87bbbf3a068807fe763721c38a_random_file_names.png eye than “ ae812e87bbbf3a068807fe763721c38a_random_file_names.png , which is more ae812e87bbbf3a068807fe763721c38a_random_file_names.png eye than the“ ae812e87bbbf3a068807fe763721c38a_random_file_names.png , which is more ae812e87bbbf3a068807fe763721c38a_random_file_names.png eye than the “ ae812e87bbbf3a068807fe763721c38a_random_file_names.png , which is more ae812e87bbbf3a068807fe763721c38a_random_file_names.png eye than the

Total:

simple single line solution
private files are a bit more private (albeit in public)

Bonus:
3894406080_ P1100810.jpg and 3765414138_ P1100811.jpg

In the same folder there is P1100827.jpg ...

upd :
Of course, we must understand that when updating WP can update (= rub) functions.php. Therefore, this procedure will need to be repeated.

Automation :

Principle: find the entire file $filename = sanitize_file_name($filename); and replace it with the one you $filename = crc32(md5(microtime()).sanitize_file_name($filename))."_".sanitize_file_name($filename); (in the example, this is $filename = crc32(md5(microtime()).sanitize_file_name($filename))."_".sanitize_file_name($filename); ).

Create a file functions.php.diff following content in the /wp-includes folder

For the prefix of the form "12345_image.jpg"

  --- functions.php.orig 2015-04-20 06: 39: 25.000000000 +0000
 +++ functions.php.new 2015-05-04 17: 45: 27.000000000 +0000
 @@ -1 +1 @@
 - $ filename = sanitize_file_name ($ filename);
 + $ filename = crc32 (md5 (mt_rand (). microtime ()). sanitize_file_name ($ filename)). "_". sanitize_file_name ($ filename);

For the suffix type "image_12345_.jpg"

  --- old.php 2015-05-06 10: 39: 17.847753325 +0000
 +++ new.php 2015-05-06 10: 39: 31.459794157 +0000
 @@ -1 +1,2 @@
 - $ filename = sanitize_file_name ($ filename);
 + $ filename = sanitize_file_name ($ filename);
 + $ filename = pathinfo ($ filename, PATHINFO_FILENAME) .'_ '. crc32 (md5 (mt_rand (). microtime ()). sanitize_file_name ($ filename)). (pathinfo ($ filename, PATHINFO_EXTENSION)?'. '. pathinfo ($ filename, PATHINFO_EXTENSION): '');

Run in the folder "dry"
patch --dry-run functions.php -i functions.php.diff

If everything is OK, we get an answer like this:

  checking file functions.php
 Hunk # 1 succeeded at 1862 (offset 1861 lines).

Then patches for real:
patch functions.php -i functions.php.diff

We receive the answer of a type:

  patching file functions.php
 Hunk # 1 succeeded at 1862 (offset 1861 lines).

The old file will have the name " functions.php.orig ".

As already mentioned above, instead of crc32 you can use a hash function, the values of which can be truncated due to bulkiness. Due to personal preference, numbers from crc32 were left.

upd2: (20150506) Added option for suffix between file name and extension. For files without an extension (if the download of such is allowed), the suffix will be added to the end.

upd3: (20150506) Added mt_rand() and a shorter suffix version proposed by maximw .

Source: https://habr.com/ru/post/257239/

All Articles