id,summary,reporter,owner,description,type,status,priority,milestone,component,version,severity,resolution,keywords,cc,mlocked 5656,Escape regex-special characters in filenames for video handler,sphery ,xris,"{{{ The attached patch creates a new function escape_regex(), which is meant to ""escape"" regex-special characters, and invokes that method within the video handler to handle filenames that use those characters. Without the patch, in the event that a filename contains square brackets, the RLIKE will fail to return results, and in the event that it contains an ""invalid range"" (such as '[whatever-2008]'), will result in a blank page being returned to the browser. Once patched, filenames using square brackets work properly. Currently, the only special characters handled by the function are '[' and ']'. The '*' should probably be handled, too, as well as the anchor characters, '^' and '$'. The patch is meant mainly as a potential approach for fixing the issue, but I didn't take it all the way because I didn't know if there's a better approach (PHP-wise or, just different from replacing characters with '.'). Note that the function escape_regex(), as written, does not perform database-special-character escaping, so escape() should be called on the string after escape_regex(). Or, escape_regex() could be modified to make the call to escape(), if desired. }}}",patch,closed,minor,unknown,mythweb,unknown,medium,fixed,,,0