mbk-lab
/
nextcloud
2
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

get the real physical folder name for anonymous upload

This commit is contained in:
Thomas Müller 2013-07-05 12:15:47 +02:00
parent 83898e87be
commit 0c32f66899
1 changed files with 7 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
apps/files/ajax/upload.php
View File

@ -18,7 +18,6 @@ if (empty($_POST['dirToken'])) {
} }
} else { } else {
$linkItem = OCP\Share::getShareByToken($_POST['dirToken']); $linkItem = OCP\Share::getShareByToken($_POST['dirToken']);
if ($linkItem === false) { if ($linkItem === false) {
OCP\JSON::error(array('data' => array_merge(array('message' => $l->t('Invalid Token'))))); OCP\JSON::error(array('data' => array_merge(array('message' => $l->t('Invalid Token')))));
die(); die();
@ -27,11 +26,17 @@ if (empty($_POST['dirToken'])) {
if (!($linkItem['permissions'] & OCP\PERMISSION_CREATE)) { if (!($linkItem['permissions'] & OCP\PERMISSION_CREATE)) {
OCP\JSON::checkLoggedIn(); OCP\JSON::checkLoggedIn();
} else { } else {
// translate linkItem to the real folder name on the file system
$sharedItem = OCP\Share::getItemShared($linkItem['item_type'], $linkItem['item_source']);
if (!$sharedItem || empty($sharedItem) || $sharedItem === false) {
OCP\JSON::error(array('data' => array_merge(array('message' => $l->t('Unable to set upload directory.')))));
die();
}
// The token defines the target directory (security reasons) // The token defines the target directory (security reasons)
$dir = sprintf( $dir = sprintf(
"/%s/%s", "/%s/%s",
$linkItem['file_target'], array_pop($sharedItem)['path'],
isset($_POST['subdir']) ? $_POST['subdir'] : '' isset($_POST['subdir']) ? $_POST['subdir'] : ''
); );