Skip to content

gw-custom-modifier-file-upload.php: Added snippet for custom filename modifier for file upload fields. #1144

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
wants to merge 2 commits into
base: master
Choose a base branch
from
+29 −0
Open

gw-custom-modifier-file-upload.php: Added snippet for custom filename modifier for file upload fields. #1144

Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
1de825a
`gw-custom-modifier-file-upload.php`: Added snippet for custom `filen…
saifsultanc Aug 11, 2025
63c34fc
`gw-custom-modifier-file-upload.php`: Added snippet for custom `filen…
saifsultanc Aug 12, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
29 changes: 29 additions & 0 deletions gravity-forms/gw-filename-modifier-file-upload.php
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,29 @@
<?php
/**
* Gravity Wizards // Gravity Forms // Filename Modifier for File Upload
*
* This snippet is an example of how to add filename modifiers to a Gravity Forms file upload field.
*
* Instructions:
*
* 1. Add to snippet to site. See https://gravitywiz.com/documentation/how-do-i-install-a-snippet/.
*/
add_filter( 'gform_merge_tag_filter', function ( $value, $merge_tag, $modifier, $field, $raw_value, $format ) {
if ( $merge_tag != 'all_fields' && $field->type == 'fileupload' && ! empty( $raw_value ) && $modifier == 'filename' ) {
if ( ! $field->multipleFiles ) {
$value = basename( $raw_value );
} else {
$file_list = [];
foreach ( json_decode( $raw_value ) as $filepath ) {
$file_list[] = basename( $filepath );
}
$value = implode( '<br />', $file_list );
}
}
return $value;
}, 10, 6 );
Comment on lines +11 to +24
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🛠️ Refactor suggestion

⚠️ Potential issue

Harden modifier handling, decoding, and output escaping (avoid warnings and potential XSS)

  • json_decode() may return null; foreach on null will warn. Normalize $raw_value robustly.
  • Strip query strings from URLs before basename().
  • Escape filenames for HTML output to avoid HTML injection if a filename includes special chars.
  • Honor stacked modifiers (e.g., {:filename:esc_html}) by checking substring presence.
  • Use strict comparisons and format-aware separators (
    vs newline).
-add_filter( 'gform_merge_tag_filter', function ( $value, $merge_tag, $modifier, $field, $raw_value, $format ) {
-	if ( $merge_tag != 'all_fields' && $field->type == 'fileupload' && ! empty( $raw_value ) && $modifier == 'filename' ) {
-		if ( ! $field->multipleFiles ) {
-			$value = basename( $raw_value );
-		} else {
-			$file_list = [];
-			foreach ( json_decode( $raw_value ) as $filepath ) {
-				$file_list[] = basename( $filepath );
-			}
-			$value = implode( '<br />', $file_list );
-		}
-	}
-	return $value;
-}, 10, 6 );
+add_filter( 'gform_merge_tag_filter', function ( $value, $merge_tag, $modifiers, $field, $raw_value, $format ) {
+	// Only handle file upload fields with the :filename modifier (supports stacked modifiers).
+	if ( $merge_tag === 'all_fields' || ! $field || $field->type !== 'fileupload' || empty( $raw_value ) || strpos( (string) $modifiers, 'filename' ) === false ) {
+		return $value;
+	}
+
+	$is_html = ( $format === 'html' );
+	$sep     = $is_html ? '<br />' : "\n";
+
+	// Normalize to an array of file paths/URLs.
+	if ( is_array( $raw_value ) ) {
+		$files = $raw_value;
+	} else {
+		$decoded = json_decode( $raw_value, true );
+		$files   = is_array( $decoded ) ? $decoded : array( $raw_value );
+	}
+
+	// Extract safe filenames (strip query strings; escape for HTML).
+	$filenames = array();
+	foreach ( $files as $path ) {
+		if ( ! is_string( $path ) || $path === '' ) {
+			continue;
+		}
+		$clean_path = parse_url( $path, PHP_URL_PATH );
+		$basename   = basename( $clean_path ?: $path );
+		$filenames[] = $is_html ? esc_html( $basename ) : $basename;
+	}
+
+	return implode( $sep, $filenames );
+}, 10, 6 );
🤖 Prompt for AI Agents 
In gravity-forms/gw-filename-modifier-file-upload.php around lines 11 to 24, the
modifier handling should be hardened: treat $modifier as substring (use strpos)
so stacked modifiers like {:filename:esc_html} are honored; use strict
comparisons (=== / !==) when checking $merge_tag and $modifier; normalize
$raw_value to an array safely (if field is multipleFiles json_decode may return
null — default to an empty array or single-item array for a plain string) before
iterating to avoid warnings; strip query strings from file URLs before calling
basename (use parse_url or strtok on '?'); escape filenames for HTML output with
esc_html() and choose separator based on $format (use '<br />' for HTML and "\n"
for text); also guard access to $field->multipleFiles with isset/ property
check.


// For GP Media Library
add_filter( 'gpml_image_merge_tag_skip_modifiers', function( $skip_modifiers, $modifiers, $input_id, $image_ids ) {
return [ 'filename' ];
}, 10, 4 );
Comment on lines +27 to +29
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue

Don’t clobber existing GPML skip modifiers

Returning only ['filename'] discards previously skipped modifiers from other plugins/snippets. Append instead of replace.

-add_filter( 'gpml_image_merge_tag_skip_modifiers', function( $skip_modifiers, $modifiers, $input_id, $image_ids ) {
-	return [ 'filename' ];
-}, 10, 4 );
+add_filter( 'gpml_image_merge_tag_skip_modifiers', function( $skip_modifiers, $modifiers, $input_id, $image_ids ) {
+	$skip_modifiers[] = 'filename';
+	return array_values( array_unique( $skip_modifiers ) );
+}, 10, 4 );
📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
add_filter( 'gpml_image_merge_tag_skip_modifiers', function( $skip_modifiers, $modifiers, $input_id, $image_ids ) {
return [ 'filename' ];
}, 10, 4 );
add_filter( 'gpml_image_merge_tag_skip_modifiers', function( $skip_modifiers, $modifiers, $input_id, $image_ids ) {
$skip_modifiers[] = 'filename';
return array_values( array_unique( $skip_modifiers ) );
}, 10, 4 );
🤖 Prompt for AI Agents 
In gravity-forms/gw-filename-modifier-file-upload.php around lines 27 to 29, the
filter handler currently returns a fresh array ['filename'] which overwrites any
existing skip modifiers from other plugins; change it to append 'filename' to
the incoming $skip_modifiers and return the merged unique array (e.g., add
'filename' to $skip_modifiers and return array_unique($skip_modifiers)) so
existing modifiers are preserved.

Loading