wbrawner/server
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Sanitize download URL

Browse source 
@MTGap Can you please check if this break something?
This commit is contained in:
Lukas Reschke 2012-09-22 11:20:17 +02:00
parent ac79fe649c
commit b4de89e6b4
1 changed files with 3 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
apps/files_sharing/public.php
View file

@ -129,7 +129,7 @@ if (isset($_GET['file']) || isset($_GET['dir'])) {
} else {
$getPath = '';
}
$tmpl->assign('downloadURL', OCP\Util::linkToPublic('files').'&download&dir='.$_GET['dir'].'&path='.$getPath, false);
$tmpl->assign('downloadURL', OCP\Util::linkToPublic('files').'&download&dir='.$_GET['dir'].'&path='.$getPath);
} else {
// Show file preview if viewer is available
$tmpl->assign('uidOwner', $uidOwner);
@ -137,14 +137,14 @@ if (isset($_GET['file']) || isset($_GET['dir'])) {
$tmpl->assign('filename', basename($path));
$tmpl->assign('mimetype', OC_Filesystem::getMimeType($path));
if ($type == 'file') {
$tmpl->assign('downloadURL', OCP\Util::linkToPublic('files').'&file='.$_GET['file'].'&download', false);
$tmpl->assign('downloadURL', OCP\Util::linkToPublic('files').'&file='.$_GET['file'].'&download');
} else {
if (isset($_GET['path'])) {
$getPath = $_GET['path'];
} else {
$getPath = '';
}
$tmpl->assign('downloadURL', OCP\Util::linkToPublic('files').'&download&dir='.$_GET['dir'].'&path='.$getPath, false);
$tmpl->assign('downloadURL', OCP\Util::linkToPublic('files').'&download&dir='.$_GET['dir'].'&path='.$getPath);
}
}
$tmpl->printPage();