My program will take arbitrary strings from the internet and use them for file names. Is there a simple way to remove the bad characters from these strings or do I need to write a custom function for this?
Is there a way of making strings file-path safe in c#?
possible duplicate of Safe/Allowed filename cleaner for .NET –
Rachaba
Ugh, I hate it when people try to guess at which characters are valid. Besides being completely non-portable (always thinking about Mono), both of the earlier comments missed more 25 invalid characters.
foreach (var c in Path.GetInvalidFileNameChars())
{
fileName = fileName.Replace(c, '-');
}
Or in VB:
'Clean just a filename
Dim filename As String = "salmnas dlajhdla kjha;dmas'lkasn"
For Each c In IO.Path.GetInvalidFileNameChars
filename = filename.Replace(c, "")
Next
'See also IO.Path.GetInvalidPathChars
It would be unlikely make much difference in this situation. The Windows error only complains about that handful of characters. Thanks for pointing out the GetInvalidFileNameChars though, I'd not come across that before. I'll keep it in mind. –
Bushore
How would this solution handle name conflicts? It seems that more than one string can match to a single file name ("Hell?" and "Hell*" for example). If you are ok only removing offending chars then fine; otherwise you need to be careful to handle name conflicts. –
Pyrone
what about the filesytem's limits of name (and path) length? what about reserved filenames (PRN CON)? If you need to store the data and the original name you can use 2 files with Guid names: guid.txt and guid.dat –
Transduction
If you need the filenames to be identifiable by humans (or sortable) you can prefix the Guid with a selection of safe characters –
Transduction
I just wanted mention that this function allows whitespace characters. –
Krissykrista
One liner, for fun result = Path.GetInvalidFileNameChars().Aggregate(result, (current, c) => current.Replace(c, '-')); –
Tadeas
@PaulKnopf, are you sure JetBrain does not have copyright to that code ;) –
Leeann
this is not c# please fix it, look at the answer by sidewinderguy down below –
Awesome
To strip invalid characters:
static readonly char[] invalidFileNameChars = Path.GetInvalidFileNameChars();
// Builds a string out of valid chars
var validFilename = new string(filename.Where(ch => !invalidFileNameChars.Contains(ch)).ToArray());
To replace invalid characters:
static readonly char[] invalidFileNameChars = Path.GetInvalidFileNameChars();
// Builds a string out of valid chars and an _ for invalid ones
var validFilename = new string(filename.Select(ch => invalidFileNameChars.Contains(ch) ? '_' : ch).ToArray());
To replace invalid characters (and avoid potential name conflict like Hell* vs Hell$):
static readonly IList<char> invalidFileNameChars = Path.GetInvalidFileNameChars();
// Builds a string out of valid chars and replaces invalid chars with a unique letter (Moves the Char into the letter range of unicode, starting at "A")
var validFilename = new string(filename.Select(ch => invalidFileNameChars.Contains(ch) ? Convert.ToChar(invalidFileNameChars.IndexOf(ch) + 65) : ch).ToArray());
This question has been asked many times before and, as pointed out many times before, IO.Path.GetInvalidFileNameChars is not adequate.
First, there are many names like PRN and CON that are reserved and not allowed for filenames. There are other names not allowed only at the root folder. Names that end in a period are also not allowed.
Second, there are a variety of length limitations. Read the full list for NTFS here.
Third, you can attach to filesystems that have other limitations. For example, ISO 9660 filenames cannot start with "-" but can contain it.
Fourth, what do you do if two processes "arbitrarily" pick the same name?
In general, using externally-generated names for file names is a bad idea. I suggest generating your own private file names and storing human-readable names internally.
Although you are technically accurate, the GetInvalidFileNameChars is good for 80%+ of the situations you'd use it in, hence it's a good answer. Your answer would have been more appropriate as a comment to the accepted answer I think. –
Plumlee
I agree with DourHighArch. Save the file internally as a guid, reference that against the "friendly name" which is stored in a database. Don't let users control your paths on the website or they will try to steal your web.config. If you incorporate url rewriting to make it clean it will only work for matched friendly urls in the database. –
Desirous
I agree with Grauenwolf and would highly recommend the Path.GetInvalidFileNameChars()
Here's my C# contribution:
string file = @"38?/.\}[+=n a882 a.a*/|n^%$ ad#(-))";
Array.ForEach(Path.GetInvalidFileNameChars(),
c => file = file.Replace(c.ToString(), String.Empty));
p.s. -- this is more cryptic than it should be -- I was trying to be concise.
Why in the world would you use
Array.ForEach instead of just foreach here –
Tightlipped If you wanted to be even more concise / cryptic:
Path.GetInvalidFileNameChars().Aggregate(file, (current, c) => current.Replace(c, '-')) –
Accentual @BlueRaja-DannyPflughoeft Because you want to make it slower? –
Banjermasin
@Johnathan Allen, what makes you think foreach is faster than Array.ForEach ? –
Cornia
will this also filter any characters that require url encoding too? e.g. # –
Poach
@rbuddicom Array.ForEach takes a delegate, which means it needs to invoke a function that can't be inlined. For short strings, you could end up spending more time on function call overhead than actual logic. .NET Core is looking at ways to "de-virtualize" calls, reducing the overhead. –
Banjermasin
Here's my version:
static string GetSafeFileName(string name, char replace = '_') {
char[] invalids = Path.GetInvalidFileNameChars();
return new string(name.Select(c => invalids.Contains(c) ? replace : c).ToArray());
}
I'm not sure how the result of GetInvalidFileNameChars is calculated, but the "Get" suggests it's non-trivial, so I cache the results. Further, this only traverses the input string once instead of multiple times, like the solutions above that iterate over the set of invalid chars, replacing them in the source string one at a time. Also, I like the Where-based solutions, but I prefer to replace invalid chars instead of removing them. Finally, my replacement is exactly one character to avoid converting characters to strings as I iterate over the string.
I say all that w/o doing the profiling -- this one just "felt" nice to me. : )
You could do
new HashSet<char>(Path.GetInvalidFileNameChars()) to avoid O(n) enumeration - micro-optimization. –
Metrify Here's the function that I am using now (thanks jcollum for the C# example):
public static string MakeSafeFilename(string filename, char replaceChar)
{
foreach (char c in System.IO.Path.GetInvalidFileNameChars())
{
filename = filename.Replace(c, replaceChar);
}
return filename;
}
I just put this in a "Helpers" class for convenience.
If you want to quickly strip out all special characters which is sometimes more user readable for file names this works nicely:
string myCrazyName = "q`w^e!r@t#y$u%i^o&p*a(s)d_f-g+h=j{k}l|z:x\"c<v>b?n[m]q\\w;e'r,t.y/u";
string safeName = Regex.Replace(
myCrazyName,
"\W", /*Matches any nonword character. Equivalent to '[^A-Za-z0-9_]'*/
"",
RegexOptions.IgnoreCase);
// safeName == "qwertyuiopasd_fghjklzxcvbnmqwertyu"
actually
\W matches more than non-alpha-numerics ([^A-Za-z0-9_]). All Unicode 'word' characters (русский中文..., etc.) will not be replaced either. But this is a good thing. –
Cromwell Only downside is that this also removes
. so you have to extract the extension first, and add it again after. –
Kermie Here's what I just added to ClipFlair's (http://github.com/Zoomicon/ClipFlair) StringExtensions static class (Utils.Silverlight project), based on info gathered from the links to related stackoverflow questions posted by Dour High Arch above:
public static string ReplaceInvalidFileNameChars(this string s, string replacement = "")
{
return Regex.Replace(s,
"[" + Regex.Escape(new String(System.IO.Path.GetInvalidPathChars())) + "]",
replacement, //can even use a replacement string of any length
RegexOptions.IgnoreCase);
//not using System.IO.Path.InvalidPathChars (deprecated insecure API)
}
Just missing to compile the Regex and cache it. –
Scriven
Yes, ideally you'd compile and cache on first use. Would use a static field and check if it's null. If it is, would compile and cache to it, then use it. A race-condition might occur there if multiple threads call it the 1st time simultaneously, but since all would calculate and cache the same thing, only penalty is that extra calculation by the other threads (last one coming would succeed in persisting its calculated value to the static field) –
Brenner
static class Utils
{
public static string MakeFileSystemSafe(this string s)
{
return new string(s.Where(IsFileSystemSafe).ToArray());
}
public static bool IsFileSystemSafe(char c)
{
return !Path.GetInvalidFileNameChars().Contains(c);
}
}
Why not convert the string to a Base64 equivalent like this:
string UnsafeFileName = "salmnas dlajhdla kjha;dmas'lkasn";
string SafeFileName = Convert.ToBase64String(Encoding.UTF8.GetBytes(UnsafeFileName));
If you want to convert it back so you can read it:
UnsafeFileName = Encoding.UTF8.GetString(Convert.FromBase64String(SafeFileName));
I used this to save PNG files with a unique name from a random description.
Base64 is not path safe. It contains character like /, +, =. Besides, it has both upper and lower case, not suitable for Windows file system which is case insensitive –
Medicine
private void textBoxFileName_KeyPress(object sender, KeyPressEventArgs e)
{
e.Handled = CheckFileNameSafeCharacters(e);
}
/// <summary>
/// This is a good function for making sure that a user who is naming a file uses proper characters
/// </summary>
/// <param name="e"></param>
/// <returns></returns>
internal static bool CheckFileNameSafeCharacters(System.Windows.Forms.KeyPressEventArgs e)
{
if (e.KeyChar.Equals(24) ||
e.KeyChar.Equals(3) ||
e.KeyChar.Equals(22) ||
e.KeyChar.Equals(26) ||
e.KeyChar.Equals(25))//Control-X, C, V, Z and Y
return false;
if (e.KeyChar.Equals('\b'))//backspace
return false;
char[] charArray = Path.GetInvalidFileNameChars();
if (charArray.Contains(e.KeyChar))
return true;//Stop the character from being entered into the control since it is non-numerical
else
return false;
}
Many anwer suggest to use Path.GetInvalidFileNameChars() which seems like a bad solution to me. I encourage you to use whitelisting instead of blacklisting because hackers will always find a way eventually to bypass it.
Here is an example of code you could use :
string whitelist = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ.";
foreach (char c in filename)
{
if (!whitelist.Contains(c))
{
filename = filename.Replace(c, '-');
}
}
From my older projects, I've found this solution, which has been working perfectly over 2 years. I'm replacing illegal chars with "!", and then check for double !!'s, use your own char.
public string GetSafeFilename(string filename)
{
string res = string.Join("!", filename.Split(Path.GetInvalidFileNameChars()));
while (res.IndexOf("!!") >= 0)
res = res.Replace("!!", "!");
return res;
}
I find using this to be quick and easy to understand:
<Extension()>
Public Function MakeSafeFileName(FileName As String) As String
Return FileName.Where(Function(x) Not IO.Path.GetInvalidFileNameChars.Contains(x)).ToArray
End Function
This works because a string is IEnumerable as a char array and there is a string constructor string that takes a char array.
I took Jonathan Allen's answer and made an extension method that can be called on any string.
public static class StringExtensions
{
public static string ReplaceInvalidFileNameChars(this string input, char replaceCharacter = '-')
{
foreach (char c in Path.GetInvalidFileNameChars())
{
input = input.Replace(c, replaceCharacter);
}
return input;
}
}
This can then be used like:
string myFileName = "test > file ? name.txt";
string myValidFileName1 = myFileName.ReplaceInvalidFileNameChars();
string myValidFileName2 = myFileName.ReplaceInvalidFileNameChars('');
string myValidFileName3 = myFileName.ReplaceInvalidFileNameChars('_');
© 2022 - 2024 — McMap. All rights reserved.