diff options
Diffstat (limited to 'lib')
-rw-r--r-- | lib/private/DirectEditing/Manager.php | 8 | ||||
-rw-r--r-- | lib/private/Files/Template/TemplateManager.php | 6 |
2 files changed, 12 insertions, 2 deletions
diff --git a/lib/private/DirectEditing/Manager.php b/lib/private/DirectEditing/Manager.php index 0e7e988eef2..1ea09e74d59 100644 --- a/lib/private/DirectEditing/Manager.php +++ b/lib/private/DirectEditing/Manager.php @@ -27,6 +27,7 @@ namespace OC\DirectEditing; use Doctrine\DBAL\FetchMode; +use OC\Files\Node\Folder; use OCP\AppFramework\Http\NotFoundResponse; use OCP\AppFramework\Http\Response; use OCP\AppFramework\Http\TemplateResponse; @@ -130,7 +131,12 @@ class Manager implements IManager { if ($userFolder->nodeExists($path)) { throw new \RuntimeException('File already exists'); } else { - $file = $userFolder->newFile($path); + if (!$userFolder->nodeExists(dirname($path))) { + throw new \RuntimeException('Invalid path'); + } + /** @var Folder $folder */ + $folder = $userFolder->get(dirname($path)); + $file = $folder->newFile(basename($path)); $editor = $this->getEditor($editorId); $creators = $editor->getCreators(); foreach ($creators as $creator) { diff --git a/lib/private/Files/Template/TemplateManager.php b/lib/private/Files/Template/TemplateManager.php index 33d42bc9c42..c1dd4f3448e 100644 --- a/lib/private/Files/Template/TemplateManager.php +++ b/lib/private/Files/Template/TemplateManager.php @@ -155,7 +155,11 @@ class TemplateManager implements ITemplateManager { } catch (NotFoundException $e) { } try { - $targetFile = $userFolder->newFile($filePath); + if (!$userFolder->nodeExists(dirname($filePath))) { + throw new GenericFileException($this->l10n->t('Invalid path')); + } + $folder = $userFolder->get(dirname($filePath)); + $targetFile = $folder->newFile(basename($filePath)); if ($templateType === 'user' && $templateId !== '') { $template = $userFolder->get($templateId); $template->copy($targetFile->getPath()); |