Re: Sanitize file name
Philipp wrote:
Hello,
On some platforms, file names cannot contain certain characters (eg. on
windows no ? is allowed in a file name and path).
Is there a way in the API to sanitize a user-supplied string so that it
can be used as a valid filename?
Is there a way to test if a filename is valid on a certain platform?
Thanks Phil
If you don't need to protect the current system from the user (eg,
you're running locally on the user's computer), then let the user enter
whatever they want. If it's not a valid filename, let the file operation
throw the exception. Ofcourse, you should catch it and display the
appropriate dialog.
On the other hand, just because a string has no "forbidden" characters,
doesn't mean its a valid file for your purpose. If it happens to be the
same name as a directory, then reading and/or writing to it will fail in
most cases. If it happens to be a read-only file, then writing to it
might fail, depending on user privilege. If the file doesn't exist, but
the parent path is read-only, you won't be able to create.
So, in short. Let if its not a security issue, let the OS tell you the
validity. If it *is* a security issue, let the security manager tell
you the validity.
Hope this helps,
Daniel.
--
Daniel Pitts' Tech Blog: <http://virtualinfinity.net/wordpress/>