Added encodeuri parts...

This commit is contained in:
Maxim Stewart 2018-05-20 03:58:37 -05:00
parent d8619aa527
commit 0651d0e5d2
4 changed files with 17 additions and 11 deletions

View File

@ -51,7 +51,7 @@ function getDir(query) {
} }
formUlPth.value = path; // Setup upload path for form formUlPth.value = path; // Setup upload path for form
path = "dirQuery=" + path; path = "dirQuery=" + encodeURIComponent(path);
process(path); process(path);
} }

View File

@ -1,7 +1,9 @@
var itemObj = undefined;
function renameItem(obj) { function renameItem(obj) {
var path = document.getElementById("path").innerHTML; var path = encodeURIComponent(document.getElementById("path").innerHTML);
var oldName = formerFileName; var oldName = encodeURIComponent(formerFileName);
var newName = obj.value; var newName = encodeURIComponent(obj.value);
var formData = "renameItem=true&oldName=" + oldName + "&newName=" + newName + "&path=" + path; var formData = "renameItem=true&oldName=" + oldName + "&newName=" + newName + "&path=" + path;
var xhttp = new XMLHttpRequest(); var xhttp = new XMLHttpRequest();
@ -14,11 +16,12 @@ function renameItem(obj) {
} }
function createItem(type) { function createItem(type) {
var path = document.getElementById("path").innerHTML; var path = document.getElementById("path").innerHTML;
var newItem = document.getElementById("NewItem"); var newItem = document.getElementById("NewItem");
var fullPth = path + newItem.value; var fullPth = path + newItem.value;
var xhttp = new XMLHttpRequest(); var xhttp = new XMLHttpRequest();
newItem.value = ""; newItem.value = "";
fullPth = encodeURIComponent(fullPth);
xhttp.open("POST", "resources/php/filesystemActions.php", true); xhttp.open("POST", "resources/php/filesystemActions.php", true);
xhttp.setRequestHeader("Content-type", "application/x-www-form-urlencoded"); xhttp.setRequestHeader("Content-type", "application/x-www-form-urlencoded");
@ -30,12 +33,12 @@ function startDeleteItem(item) {
itemObj = item; itemObj = item;
} }
function deleteItem(item) { function deleteItem() {
var path = document.getElementById("path").innerHTML; var path = document.getElementById("path").innerHTML;
// Clicked yes to delete and there is an item // Clicked yes to delete and there is an item
if (itemObj != undefined && itemObj != null) { if (itemObj != undefined && itemObj != null) {
var fullPth = path + itemObj; var fullPth = path + itemObj;
fullPth = encodeURIComponent(fullPth);
var answer = confirm("Are you sure you want to delete: " + fullPth); var answer = confirm("Are you sure you want to delete: " + fullPth);
if (answer == true) { if (answer == true) {
var xhttp = new XMLHttpRequest(); var xhttp = new XMLHttpRequest();

View File

@ -1,6 +1,6 @@
const insertArea = document.getElementById('dynDiv'); const insertArea = document.getElementById('dynDiv');
function updateHTMLDirList(returnData) { async function updateHTMLDirList(returnData) {
var dirPath = returnData.getElementsByTagName('PATH_HEAD')[0].innerHTML; var dirPath = returnData.getElementsByTagName('PATH_HEAD')[0].innerHTML;
var dirs = returnData.getElementsByTagName('DIR'); var dirs = returnData.getElementsByTagName('DIR');
var videos = returnData.getElementsByTagName('VID_FILE'); var videos = returnData.getElementsByTagName('VID_FILE');

View File

@ -3,6 +3,9 @@ session_start();
// Create file or folder // Create file or folder
function createItem($FILE, $TYPE) { function createItem($FILE, $TYPE) {
$FILE = preg_replace('/[^.[:alnum:]_-]/','_',trim($FILE)); // converting all on alphanumeric chars to _
$FILE = preg_replace('/\.*$/','',$FILE); // removing dot . after file extension
if ($TYPE == "dir"){ if ($TYPE == "dir"){
mkdir($FILE, 0755); mkdir($FILE, 0755);
} else if ($TYPE == "file") { } else if ($TYPE == "file") {