From 0c32f668998bfa95ae9a36bbddcc6263b2a98701 Mon Sep 17 00:00:00 2001
From: =?utf8?q?Thomas=20M=C3=BCller?= <thomas.mueller@tmit.eu>
Date: Fri, 5 Jul 2013 12:15:47 +0200
Subject: [PATCH] get the real physical folder name for anonymous upload

---
 apps/files/ajax/upload.php | 9 +++++++--
 1 file changed, 7 insertions(+), 2 deletions(-)

diff --git a/apps/files/ajax/upload.php b/apps/files/ajax/upload.php
index 8433716dec1..4b015e4d1f5 100644
--- a/apps/files/ajax/upload.php
+++ b/apps/files/ajax/upload.php
@@ -18,7 +18,6 @@ if (empty($_POST['dirToken'])) {
 	}
 } else {
 	$linkItem = OCP\Share::getShareByToken($_POST['dirToken']);
-
 	if ($linkItem === false) {
 		OCP\JSON::error(array('data' => array_merge(array('message' => $l->t('Invalid Token')))));
 		die();
@@ -27,11 +26,17 @@ if (empty($_POST['dirToken'])) {
 	if (!($linkItem['permissions'] & OCP\PERMISSION_CREATE)) {
 		OCP\JSON::checkLoggedIn();
 	} else {
+		// translate linkItem to the real folder name on the file system
+		$sharedItem = OCP\Share::getItemShared($linkItem['item_type'], $linkItem['item_source']);
+		if (!$sharedItem || empty($sharedItem) || $sharedItem === false) {
+			OCP\JSON::error(array('data' => array_merge(array('message' => $l->t('Unable to set upload directory.')))));
+			die();
+		}
 
 		// The token defines the target directory (security reasons)
 		$dir = sprintf(
 			"/%s/%s",
-			$linkItem['file_target'],
+			array_pop($sharedItem)['path'],
 			isset($_POST['subdir']) ? $_POST['subdir'] : ''
 		);
 
-- 
2.39.5