diff options
Diffstat (limited to 'apps/files/ajax/newfolder.php')
| -rw-r--r-- | apps/files/ajax/newfolder.php | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/apps/files/ajax/newfolder.php b/apps/files/ajax/newfolder.php index 512e0e1f6d9..0668a6191f4 100644 --- a/apps/files/ajax/newfolder.php +++ b/apps/files/ajax/newfolder.php @@ -13,6 +13,10 @@ if(trim($foldername) == '') { OCP\JSON::error(array("data" => array( "message" => "Empty Foldername" ))); exit(); } +if(strpos($filename,'/')!==false){ + OCP\JSON::error(array("data" => array( "message" => "Invalid Foldername" ))); + exit(); +} if(OC_Files::newFile($dir, stripslashes($foldername), 'dir')) { OCP\JSON::success(array("data" => array())); |