I have an issue with "&" (ampersand) in filenames.

When i am on the edit page, the link to the uploaded file does work : http://www.mysite.com/sites/default/files/GT&W.pdf

however when i'm on the view page (like any visitor), it doesnt work : http://www.mysite.com/sites/default/files/GT%2526W.pdf

Looks like this is a bug from the module.

I will try version 6.x-3.4, but i dident see any related bug fix from version 3.3 -> 3.4.

CommentFileSizeAuthor
#13 Capture.PNG5.35 KBAnonymous (not verified)
#11 ampersand.png12.01 KBtmsimont
Support from Acquia helps fund testing for Drupal Acquia logo

Comments

quicksketch’s picture

quicksketch
he/him
CreditAttribution: quicksketch commented
Status: Active » Fixed

This was actually fixed as part of the XSS security fix in the 3.4, which didn't have a related issue in the issue queue. It should now be corrected to handle special characters like & < > " '.

Ludo.R’s picture

Ludo.R
Location Brussels
CreditAttribution: Ludo.R commented

Oh, i did try the 3.4 version, and uploaded the file again, but the problem still remained.

For instance i installed the transliteration module, but with this solution i only get round the problem.

I'm back with version 3.3, until the new version works correctly. Then i'll try the file upload again.

Status: Fixed » Closed (fixed)

Automatically closed -- issue fixed for 2 weeks with no activity.

nonzero’s picture

nonzero CreditAttribution: nonzero commented
Version: 6.x-3.3 » 6.x-3.9
Status: Closed (fixed) » Active

I'm having this problem with FileField 3.9. & turns into %2526 in a link's href for both node view and node edit.

nonzero’s picture

nonzero CreditAttribution: nonzero commented

The problem exists when Drupal is set to private files mode. In public mode, the ampersand shows up in the link correctly and the download works.

nonzero’s picture

nonzero CreditAttribution: nonzero commented

I'm working around this by adding a str_replace in my theme's template.php:

function THEME_filefield_file($file) {
  // Views may call this function with a NULL value, return an empty string.
  if (empty($file['fid'])) {
    return '';
  }

  $path = $file['filepath'];
  $url = file_create_url($path);
  // Decode ampersands.
  $url = str_replace('%2526', '&', $url);
...

I'm sure there's a better way.

quicksketch’s picture

quicksketch
he/him
CreditAttribution: quicksketch commented
Title: & ampersand in filenames » & ampersand in filenames when using private files
Status: Active » Postponed

I don't plan on fixing this issue personally. I'd be happy to review patches by users who are experiencing this problem.

Ludo.R’s picture

Ludo.R
Location Brussels
CreditAttribution: Ludo.R commented

I had this problem with public files system too!

I dont think this is private files system related.

tmsimont’s picture

tmsimont CreditAttribution: tmsimont commented
Title: & ampersand in filenames when using private files » & ampersand in filenames create broken links in private file systems and views
Version: 6.x-3.9 » 6.x-3.10

I've got the same issue in 3.10 -- it's not just private fields, it also breaks in views, but only in certain circumstances.

In my case, I was putting the "Path to file" formatted field into a view, and then "excluding from display" -- I then rewrote another field as a link, and put the "path to file" field into the href setting.

Basically, I think this means that any time you take the field value and try to use a Drupal module that then uses l() or url() -- or if you're directly putting the filepath into l() or url() then the path gets passed through drupal_urlencode() and php's rawurlencode()

It seems that trying to work around this would be a huge headache... What if the filefield just threw a validation error when it encounters an ampersand? Wouldn't that make the most sense?

tmsimont’s picture

tmsimont CreditAttribution: tmsimont commented
Title: & ampersand in filenames create broken links in private file systems and views » & ampersand in filenames create broken links when using url() or l() to point to filepath

better title

tmsimont’s picture

tmsimont CreditAttribution: tmsimont commented
Title: & ampersand in filenames create broken links when using url() or l() to point to filepath » & ampersand in filenames create broken links when using views (see note) with public and/or any links in private file system
FileSize
ampersand.png12.01 KB

i was wrong.. i just tried testing l() and url() used together in PHP and there's no issue with the ampersand. i only see this problem (with my public file system) when using views as i'd described above...

i'm not sure what about that approach causes it to break.

in the attached screenshot, the field_research_file_fid token refers to the field that is "excluded from display"

that field is configured with the "Path to file" formatter

tmsimont’s picture

tmsimont CreditAttribution: tmsimont commented

OK -- to anyone out there who finds this... i fixed my issue by changing to "URL to file" output instead of "Path to file" in the view field settings...

Sorry that doesn't help anyone having private file system problems.. unless you're using views like i was!

Anonymous’s picture

Anonymous (not verified) CreditAttribution: Anonymous commented
FileSize
Capture.PNG5.35 KB

Question marks ? in the filename also seems to break the link in the views display if I use 'Link this field to download the file'.

quicksketch’s picture

quicksketch
he/him
CreditAttribution: quicksketch commented

We fixed this issue when using the "Generic File" formatter in #1249486: Properly encode public file urls with special characters in file name that were being double escaped. There are probably still lingering problems when doing Views, since we don't provide a custom handler for the display of file paths.