IDEMPIERE-5348 : Validation of filenames (#1398)

org.adempiere.base/src/org/compiere/tools/FileUtil.java

@@ -471,11 +471,14 @@ public class FileUtil
             throw new IllegalArgumentException("Prefix string \"" + prefix +
                 "\" too short: length must be at least 3");
         }
+
+        prefix = Util.setFilenameCorrect(prefix);
+
         if (suffix == null)
             suffix = ".tmp";
 
         Calendar cal = Calendar.getInstance();
-		SimpleDateFormat sdf = new SimpleDateFormat("yyyyMMddHHmmss");
+		SimpleDateFormat sdf = new SimpleDateFormat("yyyyMMddHHmmssSSS");
 		String dt = sdf.format(cal.getTime());
 		String tmpdirname = (directory != null) ? directory.getCanonicalPath() : System.getProperty("java.io.tmpdir");
 		tmpdirname += System.getProperty("file.separator") + "rpttmp_" + dt + "_" + Env.getContext(Env.getCtx(), Env.AD_SESSION_ID) + System.getProperty("file.separator");

org.adempiere.base/src/org/compiere/util/Util.java

@@ -25,6 +25,7 @@ import java.sql.Timestamp;
 import java.text.AttributedCharacterIterator;
 import java.text.AttributedString;
 import java.text.Normalizer;
+import java.text.Normalizer.Form;
 import java.util.ArrayList;
 import java.util.Calendar;
 import java.util.HashSet;
@@ -748,4 +749,21 @@ public class Util
 			}
 		}
 	}
+
+	/**
+	 * Make the filename correct (updating all unauthorized characters to safe ones)
+	 * @param the filename to check
+	 * @returns the correct filename
+	 */
+	public static String setFilenameCorrect(String input) {
+		String output = Normalizer.normalize(input, Form.NFD).replaceAll("\\p{InCombiningDiacriticalMarks}+", "");
+		output = output.replaceAll("/" , "-");
+		output = output.replaceAll(":" , "-");
+		output = output.replaceAll("\\*" , "-");
+		output = output.replaceAll("<" , "-");
+		output = output.replaceAll(">" , "-");
+		output = output.replaceAll("%" , "-");
+		return output.trim();
+	}
+
 }   //  Util