1

How do i escape invalid characters in filenames? I ask this question once before and wrote up a class with the solution. Now i would like to extend it. My site will be able to detect what OS the user is on. So base on that i either 1) Want to escape based on the FS/OS the user is on or 2) Escape it so it works on all filesystems.

What characters may be valid on windows 7 or linux (i am unsure what my current linux FS is set to) and invalid on XP or valid on windows or mac and not on linux?

Community
  • 1
  • 1
  • 1
    Valid characters in filenames on POSIX systems (including Linux) are everything except '/' and '\x00'. – MikeyB Feb 03 '10 at 19:42
  • 2
    That's not true. The only characters that are guaranteed to work are those from the Portable Filename Character Set, defined in Section 3.276 of http://OpenGroup.Org/onlinepubs/9699919799/basedefs/V1_chap03.html#tag_03_276 which are `ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789._-` Also, filenames longer that 14 characters are not guaranteed to work. Now, if OTOH you are writing an application which deals with filenames, then you are right: you should definitely make sure that you don't blow up when handed a filename which consists of 4 billion newline characters. – Jörg W Mittag Feb 03 '10 at 20:18

2 Answers2

1

Will the name of the directory ever be displayed to a user and, if so, does it need to look like the user name (based on info in the other question)? If not, you could split it to a character array, convert the value of each character to its hexadecimal representation and put those together to a string. That should work on any file system.

private static string ToHexString(string input)
{
    return string.Join("", input.ToCharArray()
        .Select(c => string.Format("{0:x}", (int)c))
        .ToArray());
}
Fredrik Mörk
  • 155,851
  • 29
  • 291
  • 343
  • I already have a solution to escape. I just need more testing and a way to allow other filessystems (IE not on my server) not blow up when the user tries to download from my site. BTW i prefer making the hex 2 digit (`{0:X2}`) so dont confuse the hex value with a following letter and i use % before it so its a bit more clear that it is escaped (i also escape %) –  Feb 03 '10 at 20:49
0

solutions

  1. Make them [A-Za-z._-] and escape characters that do not fall in the range
  2. Choose your supported OS and FS and find out what is illegal or not and support those until further notice