diff options
Diffstat (limited to 'files/ajax/newfile.php')
| -rw-r--r-- | files/ajax/newfile.php | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/files/ajax/newfile.php b/files/ajax/newfile.php index 5c4f49a3675..afc444bc0ac 100644 --- a/files/ajax/newfile.php +++ b/files/ajax/newfile.php @@ -6,8 +6,8 @@ require_once('../../lib/base.php'); OC_JSON::checkLoggedIn(); // Get the params -$dir = isset( $_GET['dir'] ) ? $_GET['dir'] : ''; -$filename = isset( $_GET['filename'] ) ? $_GET['filename'] : ''; +$dir = isset( $_GET['dir'] ) ? stripslashes($_GET['dir']) : ''; +$filename = isset( $_GET['filename'] ) ? stripslashes($_GET['filename']) : ''; $content = isset( $_GET['content'] ) ? $_GET['content'] : ''; if($filename == '') { @@ -24,4 +24,4 @@ if(OC_Files::newFile($dir, $filename, 'file')) { } -OC_JSON::error(array("data" => array( "message" => "Error when creating the file" )));
\ No newline at end of file +OC_JSON::error(array("data" => array( "message" => "Error when creating the file" ))); |