From aeb516c3c9d8c21231ffb91233407c1e0043c625 Mon Sep 17 00:00:00 2001
From: Lukas Reschke <lukas@owncloud.com>
Date: Tue, 23 Sep 2014 19:30:32 +0200
Subject: [PATCH] Check for blacklisted characters

Fixes https://github.com/owncloud/core/issues/11264

(This should in future get moved to the mountpoint class - but that is something for @icewind1991 ;-))
---
 apps/files_sharing/ajax/external.php | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/apps/files_sharing/ajax/external.php b/apps/files_sharing/ajax/external.php
index 544a97e80be..6d68b5f7f82 100644
--- a/apps/files_sharing/ajax/external.php
+++ b/apps/files_sharing/ajax/external.php
@@ -24,6 +24,12 @@ $owner = $_POST['owner'];
 $name = $_POST['name'];
 $password = $_POST['password'];
 
+// Check for invalid name
+if(!\OCP\Util::isValidFileName($name)) {
+	\OCP\JSON::error(array('data' => array('message' => $l->t('The mountpoint name contains invalid characters.'))));
+	exit();
+}
+
 $externalManager = new \OCA\Files_Sharing\External\Manager(
 	\OC::$server->getDatabaseConnection(),
 	\OC\Files\Filesystem::getMountManager(),
-- 
2.39.5