Skip to content

Commit

Permalink
Merge pull request #13325 from owncloud/kill-strip-slashes
Browse files Browse the repository at this point in the history 
Get rid of `stripslashes()`
  • Loading branch information
@MorrisJobke
MorrisJobke committed Jan 14, 2015
2 parents f367bbb + 3ff3f64 commit 65ee2b1
Show file tree
Hide file tree
Showing 5 changed files with 8 additions and 9 deletions.
2 changes: 1 addition & 1 deletion apps/files/ajax/delete.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,7 @@


// Get data
$dir = stripslashes($_POST["dir"]);
$dir = isset($_POST['dir']) ? $_POST['dir'] : '';
$allFiles = isset($_POST["allfiles"]) ? $_POST["allfiles"] : false;

// delete all files in dir ?
Expand Down
6 changes: 3 additions & 3 deletions apps/files/ajax/move.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,9 +5,9 @@
\OC::$server->getSession()->close();

// Get data
$dir = stripslashes($_POST["dir"]);
$file = stripslashes($_POST["file"]);
$target = stripslashes(rawurldecode($_POST["target"]));
$dir = isset($_POST['dir']) ? $_POST['dir'] : '';
$file = isset($_POST['file']) ? $_POST['file'] : '';
$target = isset($_POST['target']) ? rawurldecode($_POST['target']) : '';

$l = \OC::$server->getL10N('files');

Expand Down
1 change: 0 additions & 1 deletion apps/files/ajax/newfile.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -81,7 +81,6 @@ function progress($notification_code, $severity, $message, $message_code, $bytes
exit();
}

//TODO why is stripslashes used on foldername in newfolder.php but not here?
$target = $dir.'/'.$filename;

if (\OC\Files\Filesystem::file_exists($target)) {
Expand Down
4 changes: 2 additions & 2 deletions apps/files/ajax/newfolder.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -8,8 +8,8 @@
\OC::$server->getSession()->close();

// Get the params
$dir = isset( $_POST['dir'] ) ? stripslashes($_POST['dir']) : '';
$foldername = isset( $_POST['foldername'] ) ? stripslashes($_POST['foldername']) : '';
$dir = isset($_POST['dir']) ? $_POST['dir'] : '';
$foldername = isset($_POST['foldername']) ? $_POST['foldername'] : '';

$l10n = \OC::$server->getL10N('files');

Expand Down
4 changes: 2 additions & 2 deletions apps/files/ajax/upload.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -132,9 +132,9 @@
// $path needs to be normalized - this failed within drag'n'drop upload to a sub-folder
if ($resolution === 'autorename') {
// append a number in brackets like 'filename (2).ext'
$target = OCP\Files::buildNotExistingFileName(stripslashes($dir . $relativePath), $files['name'][$i]);
$target = OCP\Files::buildNotExistingFileName($dir . $relativePath, $files['name'][$i]);
} else {
$target = \OC\Files\Filesystem::normalizePath(stripslashes($dir . $relativePath).'/'.$files['name'][$i]);
$target = \OC\Files\Filesystem::normalizePath($dir . $relativePath.'/'.$files['name'][$i]);
}

// relative dir to return to the client
Expand Down

0 comments on commit 65ee2b1

Please sign in to comment.