Prevent searching for user directory in getParentFolders()

author: Michael Gapczynski <GapczynskiM@gmail.com> 2011-07-08 15:23:41 -0400
committer: Michael Gapczynski <GapczynskiM@gmail.com> 2011-07-08 15:23:41 -0400
commit: 73bab46758552a965450354d6407e328ab82d7f9 (patch)
tree: 73c174722a24d69f3664b23788c368a0663367bb /apps/files_sharing/lib_share.php
parent: f1cac0039636ff4c82f97d94527c2e3d1d47d9fb (diff)
download: nextcloud-server-73bab46758552a965450354d6407e328ab82d7f9.tar.gz
nextcloud-server-73bab46758552a965450354d6407e328ab82d7f9.zip
1 files changed, 3 insertions, 2 deletions
diff --git a/apps/files_sharing/lib_share.php b/apps/files_sharing/lib_share.php
index 50013aa7114..72a8a39e57d 100644
--- a/apps/files_sharing/lib_share.php
+++ b/apps/files_sharing/lib_share.php
@@ -148,8 +148,9 @@ class OC_SHARE {
 		} else {
 			$query = OC_DB::prepare("SELECT source FROM *PREFIX*sharing WHERE target = ? AND uid_shared_with = ? LIMIT 1");
 		}
-		// TODO Prevent searching for user directory e.g. '/MTGap/files'
-		while ($path != "" && $path != "/" && $path != ".") {
+		// Prevent searching for user directory e.g. '/MTGap/files'
+		$userDirectory = substr($path, 0, strpos($path, "files") + 5);
+		while ($path != "" && $path != "/" && $path != "." && $path != $userDirectory) {
 			$result = $query->execute(array($path, $_SESSION['user_id']))->fetchAll();
 			if (count($result) > 0) {
 				break;
author	Michael Gapczynski <GapczynskiM@gmail.com>	2011-07-08 15:23:41 -0400
committer	Michael Gapczynski <GapczynskiM@gmail.com>	2011-07-08 15:23:41 -0400
commit	73bab46758552a965450354d6407e328ab82d7f9 (patch)
tree	73c174722a24d69f3664b23788c368a0663367bb /apps/files_sharing/lib_share.php
parent	f1cac0039636ff4c82f97d94527c2e3d1d47d9fb (diff)
download	nextcloud-server-73bab46758552a965450354d6407e328ab82d7f9.tar.gz nextcloud-server-73bab46758552a965450354d6407e328ab82d7f9.zip