prevent creating files with a / the name
This commit is contained in:
parent
3ce6344d40
commit
e6c4e53486
|
@ -15,6 +15,10 @@ if($filename == '') {
|
||||||
OCP\JSON::error(array("data" => array( "message" => "Empty Filename" )));
|
OCP\JSON::error(array("data" => array( "message" => "Empty Filename" )));
|
||||||
exit();
|
exit();
|
||||||
}
|
}
|
||||||
|
if(strpos($filename,'/')!==false){
|
||||||
|
OCP\JSON::error(array("data" => array( "message" => "Invalid Filename" )));
|
||||||
|
exit();
|
||||||
|
}
|
||||||
|
|
||||||
if($source){
|
if($source){
|
||||||
if(substr($source,0,8)!='https://' and substr($source,0,7)!='http://'){
|
if(substr($source,0,8)!='https://' and substr($source,0,7)!='http://'){
|
||||||
|
|
|
@ -13,6 +13,10 @@ if(trim($foldername) == '') {
|
||||||
OCP\JSON::error(array("data" => array( "message" => "Empty Foldername" )));
|
OCP\JSON::error(array("data" => array( "message" => "Empty Foldername" )));
|
||||||
exit();
|
exit();
|
||||||
}
|
}
|
||||||
|
if(strpos($filename,'/')!==false){
|
||||||
|
OCP\JSON::error(array("data" => array( "message" => "Invalid Foldername" )));
|
||||||
|
exit();
|
||||||
|
}
|
||||||
|
|
||||||
if(OC_Files::newFile($dir, stripslashes($foldername), 'dir')) {
|
if(OC_Files::newFile($dir, stripslashes($foldername), 'dir')) {
|
||||||
OCP\JSON::success(array("data" => array()));
|
OCP\JSON::success(array("data" => array()));
|
||||||
|
|
|
@ -452,6 +452,11 @@ $(document).ready(function() {
|
||||||
input.focus();
|
input.focus();
|
||||||
input.change(function(){
|
input.change(function(){
|
||||||
var name=$(this).val();
|
var name=$(this).val();
|
||||||
|
if(name.indexOf('/')!=-1){
|
||||||
|
$('#notification').text(t('files','Invalid name, \'/\' is not allowed.'));
|
||||||
|
$('#notification').fadeIn();
|
||||||
|
return;
|
||||||
|
}
|
||||||
switch(type){
|
switch(type){
|
||||||
case 'file':
|
case 'file':
|
||||||
$.post(
|
$.post(
|
||||||
|
|
Loading…
Reference in New Issue