summaryrefslogtreecommitdiffstats
path: root/files/ajax/newfolder.php
diff options
context:
space:
mode:
Diffstat (limited to 'files/ajax/newfolder.php')
-rw-r--r--files/ajax/newfolder.php6
1 files changed, 3 insertions, 3 deletions
diff --git a/files/ajax/newfolder.php b/files/ajax/newfolder.php
index d244fb7be19..6db045c4e17 100644
--- a/files/ajax/newfolder.php
+++ b/files/ajax/newfolder.php
@@ -6,15 +6,15 @@ require_once('../../lib/base.php');
OC_JSON::checkLoggedIn();
// Get the params
-$dir = isset( $_GET['dir'] ) ? $_GET['dir'] : '';
-$foldername = isset( $_GET['foldername'] ) ? $_GET['foldername'] : '';
+$dir = isset( $_GET['dir'] ) ? stripslashes($_GET['dir']) : '';
+$foldername = isset( $_GET['foldername'] ) ? stripslashes($_GET['foldername']) : '';
if(trim($foldername) == '') {
OC_JSON::error(array("data" => array( "message" => "Empty Foldername" )));
exit();
}
-if(OC_Files::newFile($dir, $foldername, 'dir')) {
+if(OC_Files::newFile($dir, stripslashes($foldername), 'dir')) {
OC_JSON::success(array("data" => array()));
exit();
}
generated by cgit v1.2.3 (git 2.39.1) at 2025-01-17 04:20:25 +0000