From 2bbf79cde9de677eaaadaa5e111fb1c4c187e1d9 Mon Sep 17 00:00:00 2001
From: Diego Najar <dignajar@gmail.com>
Date: Fri, 11 Jan 2019 17:43:37 +0100
Subject: [PATCH] remove quotes from filename after uploaded a image

---
 bl-kernel/ajax/upload-images.php              |  3 +++
 ...picture.php => upload-profile-picture.php} |  0
 bl-kernel/helpers/text.class.php              | 21 ++++++++++++++++++-
 3 files changed, 23 insertions(+), 1 deletion(-)
 rename bl-kernel/ajax/{profile-picture.php => upload-profile-picture.php} (100%)

diff --git a/bl-kernel/ajax/upload-images.php b/bl-kernel/ajax/upload-images.php
index b0d738a9..5748c0a1 100644
--- a/bl-kernel/ajax/upload-images.php
+++ b/bl-kernel/ajax/upload-images.php
@@ -42,6 +42,9 @@ foreach ($_FILES['bluditInputFiles']['name'] as $key=>$filename) {
 		)));
 	}
 
+	// Convert URL characters such as spaces or quotes to characters
+	$filename = urldecode($filename);
+
 	// Check file extension
 	$fileExtension = pathinfo($filename, PATHINFO_EXTENSION);
 	$fileExtension = Text::lowercase($fileExtension);
diff --git a/bl-kernel/ajax/profile-picture.php b/bl-kernel/ajax/upload-profile-picture.php
similarity index 100%
rename from bl-kernel/ajax/profile-picture.php
rename to bl-kernel/ajax/upload-profile-picture.php
diff --git a/bl-kernel/helpers/text.class.php b/bl-kernel/helpers/text.class.php
index ec1e4573..c19112e0 100644
--- a/bl-kernel/helpers/text.class.php
+++ b/bl-kernel/helpers/text.class.php
@@ -87,6 +87,12 @@ class Text {
 		return $string;
 	}
 
+	// Escape quotes and backslash
+	public static function escapeQuotes($string)
+	{
+		return addslashes($string);
+	}
+
 	public static function startsWith($string, $startString)
 	{
 		$length = self::length($startString);
@@ -125,9 +131,22 @@ class Text {
 		return preg_replace("/[\/_|+:!@#$%^&*()'\"<>\\\`}{;=,?\[\]~. -]+/", $replace, $string);
 	}
 
+	public static function removeQuotes($string, $replace='')
+	{
+		$remove = array('\''=>$replace, '"'=>$replace);
+		return self::replaceAssoc($remove, $string);
+	}
+
 	public static function removeLineBreaks($string)
 	{
-		return str_replace(array("\r", "\n"), '', $string);
+		$remove = array("\r"=>'', "\n"=>'');
+		return self::replaceAssoc($remove, $string);
+	}
+
+	public static function removeSpaces($string, $replace='')
+	{
+		$remove = array(' '=>$replace);
+		return self::replaceAssoc($remove, $string);
 	}
 
 	// Convert unicode characters to utf-8 characters