mbk-lab
/
nextcloud
2
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

escape file and directory names when downloading files

This commit is contained in:
Robin Appelman 2011-09-30 10:57:39 +02:00
parent 35d490f8e9
commit 51e68729de
2 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
files/js/fileactions.js
View File

@ -125,7 +125,7 @@ FileActions={
}
FileActions.register('all','Download',function(){return OC.imagePath('core','actions/download')},function(filename){
window.location='ajax/download.php?files='+filename+'&dir='+$('#dir').val();
window.location='ajax/download.php?files='+encodeURIComponent(filename)+'&dir='+encodeURIComponent($('#dir').val());
});
FileActions.register('all','Delete',function(){return OC.imagePath('core','actions/delete')},function(filename){

2
files/templates/part.list.php
View File

@ -8,7 +8,7 @@
<tr data-file="<?php echo $file['name'];?>" data-type="<?php echo ($file['type'] == 'dir')?'dir':'file'?>" data-mime="<?php echo $file['mime']?>" data-size='<?php echo $file['size'];?>'>
<td class="filename svg" style="background-image:url(<?php if($file['type'] == 'dir') echo mimetype_icon('dir'); else echo mimetype_icon($file['mime']); ?>)">
<?php if(!isset($_['readonly']) || !$_['readonly']) { ?><input type="checkbox" /><?php } ?>
<a class="name" href="<?php if($file['type'] == 'dir') echo $_['baseURL'].$file['directory'].'/'.$file['name']; else echo $_['downloadURL'].$file['directory'].'/'.$file['name']; ?>" title="">
<a class="name" href="<?php if($file['type'] == 'dir') echo $_['baseURL'].$file['directory'].'/'.$file['name']; else echo $_['downloadURL'].urlencode($file['directory']).'/'.urlencode($file['name']); ?>" title="">
<span class="nametext">
<?php if($file['type'] == 'dir'):?>
<?php echo htmlspecialchars($file['name']);?>