@@ -161,6 +161,15 @@ if (\OC\Files\Filesystem::isValidPath($dir) === true) { | |||
$resolution = null; | |||
} | |||
if(isset($_POST['dirToken'])) { | |||
// If it is a read only share the resolution will always be autorename | |||
$shareManager = \OC::$server->getShareManager(); | |||
$share = $shareManager->getShareByToken((string)$_POST['dirToken']); | |||
if (!($share->getPermissions() & \OCP\Constants::PERMISSION_READ)) { | |||
$resolution = 'autorename'; | |||
} | |||
} | |||
// target directory for when uploading folders | |||
$relativePath = ''; | |||
if(!empty($_POST['file_directory'])) { | |||
@@ -247,6 +256,20 @@ if (\OC\Files\Filesystem::isValidPath($dir) === true) { | |||
} | |||
if ($error === false) { | |||
// Do not leak file information if it is a read-only share | |||
if(isset($_POST['dirToken'])) { | |||
$shareManager = \OC::$server->getShareManager(); | |||
$share = $shareManager->getShareByToken((string)$_POST['dirToken']); | |||
if (!($share->getPermissions() & \OCP\Constants::PERMISSION_READ)) { | |||
$newResults = []; | |||
foreach($result as $singleResult) { | |||
$fileName = $singleResult['originalname']; | |||
$newResults['filename'] = $fileName; | |||
$newResults['mimetype'] = \OC::$server->getMimeTypeDetector()->detectPath($fileName); | |||
} | |||
$result = $newResults; | |||
} | |||
} | |||
OCP\JSON::encodedPrint($result); | |||
} else { | |||
OCP\JSON::error(array(array('data' => array_merge(array('message' => $error, 'code' => $errorCode), $storageStats)))); |
@@ -159,36 +159,63 @@ thead { | |||
cursor: pointer; | |||
} | |||
#body-public #emptycontent h2 { | |||
#public-upload .avatardiv { | |||
margin: 0 auto; | |||
} | |||
#public-upload #emptycontent h2 { | |||
margin: 10px 0 5px 0; | |||
} | |||
#body-public #emptycontent h2+p { | |||
#public-upload #emptycontent h2+p { | |||
margin-bottom: 30px; | |||
} | |||
#body-public #emptycontent .icon-folder { | |||
#public-upload #emptycontent .icon-folder { | |||
height: 16px; | |||
width: 16px; | |||
background-size: 16px; | |||
display: inline-block; | |||
vertical-align: text-top; | |||
margin-bottom: 0; | |||
margin-right: 5px; | |||
opacity: 1; | |||
} | |||
#body-public #emptycontent .button { | |||
background-size: 32px; | |||
height: 32px; | |||
width: 32px; | |||
background-position: 16px; | |||
#public-upload #emptycontent .button { | |||
background-size: 16px; | |||
height: 16px; | |||
width: 16px; | |||
background-position: 16px; | |||
opacity: .7; | |||
font-size: 20px; | |||
margin: 20px; | |||
padding: 10px 20px; | |||
padding-left: 64px; | |||
padding-left: 42px; | |||
font-weight: normal; | |||
} | |||
#body-public .avatardiv { | |||
margin: 0 auto; | |||
} | |||
#public-upload #emptycontent ul { | |||
width: 160px; | |||
margin: 25px auto; | |||
text-align: left; | |||
} | |||
#public-upload #emptycontent li { | |||
overflow: hidden; | |||
text-overflow: ellipsis; | |||
white-space: nowrap; | |||
padding: 7px 0; | |||
} | |||
#public-upload #emptycontent li img { | |||
vertical-align: text-bottom; | |||
margin-right: 5px; | |||
} | |||
#public-upload li span.icon-loading-small { | |||
padding-left: 18px; | |||
margin-right: 7px; | |||
} |
@@ -15,24 +15,33 @@ | |||
// Prevent the default browser drop action: | |||
e.preventDefault(); | |||
}); | |||
$('#publicUploadDiv').fileupload({ | |||
$('#public-upload').fileupload({ | |||
url: OC.linkTo('files', 'ajax/upload.php'), | |||
dataType: 'json', | |||
//maxFileSize: fileUploadContainer.data('maxupload'), | |||
messages: { | |||
maxFileSize: t('files_sharing', 'File is bigger than allowed.') | |||
}, | |||
dropZone: $('#publicUploadDiv'), | |||
dropZone: $('#public-upload'), | |||
formData: { | |||
dirToken: $('#sharingToken').val() | |||
}, | |||
add: function(e, data) { | |||
_.each(data['files'], function(file) { | |||
$('#public-upload ul').append('<li data-name="'+escapeHTML(file.name)+'"><span class="icon-loading-small"></span> '+escapeHTML(file.name)+'</li>'); | |||
}); | |||
data.submit(); | |||
}, | |||
success: function (response) { | |||
var mimeTypeUrl = OC.MimeType.getIconUrl(response['mimetype']); | |||
$('#public-upload ul li[data-name="'+escapeHTML(response['filename'])+'"]').html('<img src="'+escapeHTML(mimeTypeUrl)+'"/> '+escapeHTML(response['filename'])); | |||
} | |||
}); | |||
$('#public-upload .button.icon-upload').click(function(e) { | |||
e.preventDefault(); | |||
$('#public-upload #emptycontent input').focus().trigger('click'); | |||
}); | |||
} | |||
}; | |||
$(document).ready(function() { | |||
if($('#uploadOnlyInterface').val() === "1") { | |||
if($('#upload-only-interface').val() === "1") { | |||
$('.avatardiv').avatar($('#sharingUserId').val(), 128, true); | |||
} | |||
@@ -238,11 +238,6 @@ OCA.Sharing.PublicApp = { | |||
$(this).select(); | |||
}); | |||
$(document).on('click', '.content-wrapper-upload', function (e) { | |||
//e.preventDefault(); | |||
$('#file_upload_start').focus().trigger('click'); | |||
}); | |||
$('.save-form').submit(function (event) { | |||
event.preventDefault(); | |||
@@ -307,9 +302,7 @@ OCA.Sharing.PublicApp = { | |||
$('#save-button-confirm') | |||
.removeClass("icon-loading-small") | |||
.addClass("icon-confirm"); | |||
} | |||
else { | |||
} else { | |||
$('#save-button-confirm') | |||
.removeClass("icon-confirm") | |||
.addClass("icon-loading-small"); | |||
@@ -319,7 +312,6 @@ OCA.Sharing.PublicApp = { | |||
toggleLoading(); | |||
var location = window.location.protocol + '//' + window.location.host + OC.webroot; | |||
if(remote.substr(-1) !== '/') { | |||
remote += '/' | |||
}; |
@@ -41,7 +41,9 @@ OCP\Util::addscript('files', 'keyboardshortcuts'); | |||
<input type="hidden" name="mimetype" value="<?php p($_['mimetype']) ?>" id="mimetype"> | |||
<input type="hidden" name="previewSupported" value="<?php p($_['previewSupported'] ? 'true' : 'false'); ?>" id="previewSupported"> | |||
<input type="hidden" name="mimetypeIcon" value="<?php p(\OC::$server->getMimeTypeDetector()->mimeTypeIcon($_['mimetype'])); ?>" id="mimetypeIcon"> | |||
<input type="hidden" name="filesize" value="<?php p($_['nonHumanFileSize']); ?>" id="filesize"> | |||
<?php if (!isset($_['hideFileList']) || (isset($_['hideFileList']) && $_['hideFileList'] === false)): ?> | |||
<input type="hidden" name="filesize" value="<?php p($_['nonHumanFileSize']); ?>" id="filesize"> | |||
<?php endif; ?> | |||
<input type="hidden" name="maxSizeAnimateGif" value="<?php p($_['maxSizeAnimateGif']); ?>" id="maxSizeAnimateGif"> | |||
@@ -89,7 +91,7 @@ OCP\Util::addscript('files', 'keyboardshortcuts'); | |||
</div> | |||
</div></header> | |||
<div id="content-wrapper" <?php if(isset($_['hideFileList']) && $_['hideFileList'] === true){ print_unescaped(" class=\"content-wrapper-upload\"");} ?>> | |||
<?php if (!isset($_['hideFileList']) || (isset($_['hideFileList']) && $_['hideFileList'] === false)) { ?> | |||
<?php if (!isset($_['hideFileList']) || (isset($_['hideFileList']) && $_['hideFileList'] === false)) { ?> | |||
<div id="preview"> | |||
<?php if (isset($_['folder'])): ?> | |||
<?php print_unescaped($_['folder']); ?> | |||
@@ -117,13 +119,17 @@ OCP\Util::addscript('files', 'keyboardshortcuts'); | |||
<?php endif; ?> | |||
</div> | |||
<?php } else { ?> | |||
<input type="hidden" id="uploadOnlyInterface" value="1"/> | |||
<div id="publicUploadDiv"> | |||
<input type="hidden" id="upload-only-interface" value="1"/> | |||
<div id="public-upload"> | |||
<div id="emptycontent" class=""> | |||
<div id="displayavatar"><div class="avatardiv"></div></div> | |||
<h2><?php p($l->t('Upload files to %s', [$_['shareOwner']])) ?></h2> | |||
<p><span class="icon-folder"></span> <?php p($_['filename']) ?></p> | |||
<input type="file" name="files[]" class="hidden" multiple> | |||
<a href="#" class="button icon-upload"><?php p($l->t('Select')) ?></a> | |||
<ul> | |||
</ul> | |||
</div> | |||
</div> | |||
<?php } ?> |