diff options
| author | Robin Appelman <icewind@owncloud.com> | 2012-01-16 03:06:11 +0100 |
|---|---|---|
| committer | Robin Appelman <icewind@owncloud.com> | 2012-01-16 03:06:11 +0100 |
| commit | 96e2f15d8a6eee83e30bdf77ef3582f0c26b52e0 (patch) | |
| tree | 9df43704cb7e580d328d6780561a0ec146003e7b /files/ajax | |
| parent | ccc43f0ea02a048583fff715f00cda0280124586 (diff) | |
| parent | b0dbca0cc7f2d07dbf01c54861b932d8dc9fe2df (diff) | |
| download | nextcloud-server-96e2f15d8a6eee83e30bdf77ef3582f0c26b52e0.tar.gz nextcloud-server-96e2f15d8a6eee83e30bdf77ef3582f0c26b52e0.zip | |
merge master into filesystem
Diffstat (limited to 'files/ajax')
| -rw-r--r-- | files/ajax/delete.php | 4 | ||||
| -rw-r--r-- | files/ajax/move.php | 6 | ||||
| -rw-r--r-- | files/ajax/newfile.php | 6 | ||||
| -rw-r--r-- | files/ajax/newfolder.php | 6 | ||||
| -rw-r--r-- | files/ajax/rename.php | 6 |
5 files changed, 14 insertions, 14 deletions
diff --git a/files/ajax/delete.php b/files/ajax/delete.php index 48df5862db2..1725201fdd9 100644 --- a/files/ajax/delete.php +++ b/files/ajax/delete.php @@ -6,8 +6,8 @@ require_once('../../lib/base.php'); OC_JSON::checkLoggedIn(); // Get data -$dir = $_GET["dir"]; -$files = isset($_GET["file"]) ? $_GET["file"] : $_GET["files"]; +$dir = stripslashes($_GET["dir"]); +$files = isset($_GET["file"]) ? stripslashes($_GET["file"]) : stripslashes($_GET["files"]); $files = explode(';', $files); $filesWithError = ''; diff --git a/files/ajax/move.php b/files/ajax/move.php index 3517901c6cf..9af3f80208f 100644 --- a/files/ajax/move.php +++ b/files/ajax/move.php @@ -6,9 +6,9 @@ require_once('../../lib/base.php'); OC_JSON::checkLoggedIn(); // Get data -$dir = $_GET["dir"]; -$file = $_GET["file"]; -$target = $_GET["target"]; +$dir = stripslashes($_GET["dir"]); +$file = stripslashes($_GET["file"]); +$target = stripslashes($_GET["target"]); if(OC_Files::move($dir,$file,$target,$file)){ diff --git a/files/ajax/newfile.php b/files/ajax/newfile.php index 5c4f49a3675..afc444bc0ac 100644 --- a/files/ajax/newfile.php +++ b/files/ajax/newfile.php @@ -6,8 +6,8 @@ require_once('../../lib/base.php'); OC_JSON::checkLoggedIn(); // Get the params -$dir = isset( $_GET['dir'] ) ? $_GET['dir'] : ''; -$filename = isset( $_GET['filename'] ) ? $_GET['filename'] : ''; +$dir = isset( $_GET['dir'] ) ? stripslashes($_GET['dir']) : ''; +$filename = isset( $_GET['filename'] ) ? stripslashes($_GET['filename']) : ''; $content = isset( $_GET['content'] ) ? $_GET['content'] : ''; if($filename == '') { @@ -24,4 +24,4 @@ if(OC_Files::newFile($dir, $filename, 'file')) { } -OC_JSON::error(array("data" => array( "message" => "Error when creating the file" )));
\ No newline at end of file +OC_JSON::error(array("data" => array( "message" => "Error when creating the file" ))); diff --git a/files/ajax/newfolder.php b/files/ajax/newfolder.php index d244fb7be19..6db045c4e17 100644 --- a/files/ajax/newfolder.php +++ b/files/ajax/newfolder.php @@ -6,15 +6,15 @@ require_once('../../lib/base.php'); OC_JSON::checkLoggedIn(); // Get the params -$dir = isset( $_GET['dir'] ) ? $_GET['dir'] : ''; -$foldername = isset( $_GET['foldername'] ) ? $_GET['foldername'] : ''; +$dir = isset( $_GET['dir'] ) ? stripslashes($_GET['dir']) : ''; +$foldername = isset( $_GET['foldername'] ) ? stripslashes($_GET['foldername']) : ''; if(trim($foldername) == '') { OC_JSON::error(array("data" => array( "message" => "Empty Foldername" ))); exit(); } -if(OC_Files::newFile($dir, $foldername, 'dir')) { +if(OC_Files::newFile($dir, stripslashes($foldername), 'dir')) { OC_JSON::success(array("data" => array())); exit(); } diff --git a/files/ajax/rename.php b/files/ajax/rename.php index 87ffbc3ada0..a51b36635b3 100644 --- a/files/ajax/rename.php +++ b/files/ajax/rename.php @@ -6,9 +6,9 @@ require_once('../../lib/base.php'); OC_JSON::checkLoggedIn(); // Get data -$dir = $_GET["dir"]; -$file = $_GET["file"]; -$newname = $_GET["newname"]; +$dir = stripslashes($_GET["dir"]); +$file = stripslashes($_GET["file"]); +$newname = stripslashes($_GET["newname"]); // Delete if( OC_Files::move( $dir, $file, $dir, $newname )) { |