diff options
Diffstat (limited to 'files')
| -rwxr-xr-x[-rw-r--r--] | files/upload.php | 4 |
1 files changed, 1 insertions, 3 deletions
diff --git a/files/upload.php b/files/upload.php index 1190b466eac..e84cf8303db 100644..100755 --- a/files/upload.php +++ b/files/upload.php @@ -22,11 +22,9 @@ */ require_once('../inc/lib_base.php'); -// sleep(5); //immitate slow internet. - $fileName=$_FILES['file']['name']; $source=$_FILES['file']['tmp_name']; -$target=$_GET['dir'].'/'.$fileName; +$target=stripslashes($_GET['dir']).'/'.$fileName; if(isset($_SESSION['username']) and $_SESSION['username'] and strpos($_GET['dir'],'..')===false){ if(OC_FILESYSTEM::fromTmpFile($source,$target)){ echo 'true'; |