summaryrefslogtreecommitdiffstats
path: root/apps
diff options
context:
space:
mode:
authorBjörn Schießle <schiessle@owncloud.com>2012-09-27 12:37:23 +0200
committerBjörn Schießle <schiessle@owncloud.com>2012-09-27 12:37:23 +0200
commitaa9ffd119aea9a2cb527a0ac662fcdaad464fc68 (patch)
treef8eafcde6ff03dd8af61ab94f31c23f40478abfb /apps
parenta56f2ec183091dc6d95109806612454c66ce0f07 (diff)
downloadnextcloud-server-aa9ffd119aea9a2cb527a0ac662fcdaad464fc68.tar.gz
nextcloud-server-aa9ffd119aea9a2cb527a0ac662fcdaad464fc68.zip
check if file really exist before add/remove it
Diffstat (limited to 'apps')
-rw-r--r--apps/files_external/ajax/addRootCertificate.php5
-rw-r--r--apps/files_external/ajax/removeRootCertificate.php11
2 files changed, 12 insertions, 4 deletions
diff --git a/apps/files_external/ajax/addRootCertificate.php b/apps/files_external/ajax/addRootCertificate.php
index 42927b86068..e0a0239c954 100644
--- a/apps/files_external/ajax/addRootCertificate.php
+++ b/apps/files_external/ajax/addRootCertificate.php
@@ -2,6 +2,11 @@
OCP\JSON::checkAppEnabled('files_external');
+if ( !($filename = $_FILES['rootcert_import']['name']) ) {
+ header("Location: settings/personal.php");
+ exit;
+}
+
$fh = fopen($_FILES['rootcert_import']['tmp_name'], 'r');
$data = fread($fh, filesize($_FILES['rootcert_import']['tmp_name']));
fclose($fh);
diff --git a/apps/files_external/ajax/removeRootCertificate.php b/apps/files_external/ajax/removeRootCertificate.php
index 8c196eddf55..6871b0fd1d4 100644
--- a/apps/files_external/ajax/removeRootCertificate.php
+++ b/apps/files_external/ajax/removeRootCertificate.php
@@ -5,7 +5,10 @@ OCP\JSON::checkLoggedIn();
OCP\JSON::callCheck();
$view = \OCP\Files::getStorage("files_external");
-$cert = ltrim($_POST['cert'], "/\\.");
-$file = \OCP\Config::getSystemValue('datadirectory').$view->getAbsolutePath("").'uploads/'.$cert;
-unlink($file);
-OC_Mount_Config::createCertificateBundle();
+$file = 'uploads/'.ltrim($_POST['cert'], "/\\.");
+
+if ( $view->file_exists($file) ) {
+ $view->unlink($file);
+ OC_Mount_Config::createCertificateBundle();
+}
+