diff options
| author | Thomas Müller <thomas.mueller@tmit.eu> | 2015-02-18 17:44:13 +0100 |
|---|---|---|
| committer | Thomas Müller <thomas.mueller@tmit.eu> | 2015-03-09 10:38:37 +0100 |
| commit | 4bac595068c813c56d8d5e580e560527ba80194d (patch) | |
| tree | e7584ca8ff57a9b037388d428e47f390bc1a7fcc /apps/files/ajax/newfolder.php | |
| parent | 348fe105b13717757bee4150caa9d3546d6a7666 (diff) | |
| download | nextcloud-server-4bac595068c813c56d8d5e580e560527ba80194d.tar.gz nextcloud-server-4bac595068c813c56d8d5e580e560527ba80194d.zip | |
adding storage specific filename verification - refs #13640
Diffstat (limited to 'apps/files/ajax/newfolder.php')
| -rw-r--r-- | apps/files/ajax/newfolder.php | 25 |
1 files changed, 11 insertions, 14 deletions
diff --git a/apps/files/ajax/newfolder.php b/apps/files/ajax/newfolder.php index e5e038b715c..3a252c5ba3c 100644 --- a/apps/files/ajax/newfolder.php +++ b/apps/files/ajax/newfolder.php @@ -9,7 +9,7 @@ OCP\JSON::callCheck(); // Get the params $dir = isset($_POST['dir']) ? (string)$_POST['dir'] : ''; -$foldername = isset($_POST['foldername']) ?(string) $_POST['foldername'] : ''; +$folderName = isset($_POST['foldername']) ?(string) $_POST['foldername'] : ''; $l10n = \OC::$server->getL10N('files'); @@ -18,16 +18,13 @@ $result = array( 'data' => NULL ); -if(trim($foldername) === '') { - $result['data'] = array('message' => $l10n->t('Folder name cannot be empty.')); +try { + \OC\Files\Filesystem::getView()->verifyPath($dir, $folderName); +} catch (\OCP\Files\InvalidPathException $ex) { + $result['data'] = [ + 'message' => $ex->getMessage()]; OCP\JSON::error($result); - exit(); -} - -if(!OCP\Util::isValidFileName($foldername)) { - $result['data'] = array('message' => (string)$l10n->t("Invalid name, '\\', '/', '<', '>', ':', '\"', '|', '?' and '*' are not allowed.")); - OCP\JSON::error($result); - exit(); + return; } if (!\OC\Files\Filesystem::file_exists($dir . '/')) { @@ -39,12 +36,12 @@ if (!\OC\Files\Filesystem::file_exists($dir . '/')) { exit(); } -$target = $dir . '/' . $foldername; +$target = $dir . '/' . $folderName; if (\OC\Files\Filesystem::file_exists($target)) { $result['data'] = array('message' => $l10n->t( 'The name %s is already used in the folder %s. Please choose a different name.', - array($foldername, $dir)) + array($folderName, $dir)) ); OCP\JSON::error($result); exit(); @@ -52,9 +49,9 @@ if (\OC\Files\Filesystem::file_exists($target)) { if(\OC\Files\Filesystem::mkdir($target)) { if ( $dir !== '/') { - $path = $dir.'/'.$foldername; + $path = $dir.'/'.$folderName; } else { - $path = '/'.$foldername; + $path = '/'.$folderName; } $meta = \OC\Files\Filesystem::getFileInfo($path); $meta['type'] = 'dir'; // missing ?! |