aboutsummaryrefslogtreecommitdiffstats
path: root/Zotlabs
diff options
context:
space:
mode:
Diffstat (limited to 'Zotlabs')
-rw-r--r--Zotlabs/Module/Webpages.php56
-rw-r--r--Zotlabs/Storage/Directory.php1
2 files changed, 6 insertions, 51 deletions
diff --git a/Zotlabs/Module/Webpages.php b/Zotlabs/Module/Webpages.php
index c78109cb7..e85c49b44 100644
--- a/Zotlabs/Module/Webpages.php
+++ b/Zotlabs/Module/Webpages.php
@@ -262,61 +262,15 @@ class Webpages extends \Zotlabs\Web\Controller {
}
if (($_POST) && array_key_exists('path',$_POST) && isset($_POST['cloudsubmit'])) {
- $ret = [];
- // Warning: Do not edit the following line. The first symbol is UTF-8 @
- $path = str_replace('@','@',notags(trim($_REQUEST['path'])));
- $h = @parse_url($path);
-
- if(! $h || !x($h, 'path')) {
- return null;
- }
- if(substr($h['path'],-1,1) === '/') {
- $h['path'] = substr($h['path'],0,-1);
- }
- if(substr($h['path'],0,1) === '/') {
- $h['path'] = substr($h['path'],1);
- }
- $folders = explode('/', $h['path']);
- $f = array_shift($folders);
-
$channel = \App::get_channel();
- $nick = \App::$profile['channel_address'];
- //check to see if the absolute path was provided (/cloud/channelname/path/to/folder)
- if(($f === 'cloud') ) {
- $g = array_shift($folders);
- if( $g !== $nick) {
- // if nick does not follow "cloud", then the top level folder must be called "cloud"
- // and the given path must be relative to "/cloud/channelname/".
- $folders = array_unshift($f,array_unshift($g, $folders));
- }
+ $dirpath = get_dirpath_by_cloudpath($channel, $_POST['path']);
+ if(!$dirpath) {
+ notice( t('Invalid folder path.') . EOL);
+ return null;
}
- $clouddir = 'store/' . $nick . '/';
- $folder_path = $clouddir . implode('/', $folders);
-
+ info( t('Valid folder path.') . EOL);
-// if(!(is_dir($folder_path) && is_readable($folder_path))) {
-// logger('path is not readable: ' . $folder_path);
-// return null;
-// }
- $subdir = '/';
- $valid = true;
- while($folders && $valid && is_dir($clouddir . $subdir) && is_readable($clouddir . $subdir)) {
- logger('hashed path: ' . $clouddir . $subdir);
- $valid = false;
- $f = array_shift($folders);
- $items = array_diff(scandir($clouddir . $subdir), array('.', '..')); // hashed names
- foreach($items as $item) {
- $filename = find_filename_by_hash($channel['channel_id'], $item);
- if($filename === $f) {
- $subdir .= $item . '/';
- $valid = true;
- }
- }
- }
- if(!$valid) {
- logger('path is not valid: ' . $folder_path);
- }
return null;
diff --git a/Zotlabs/Storage/Directory.php b/Zotlabs/Storage/Directory.php
index b524b3cab..89f83c73c 100644
--- a/Zotlabs/Storage/Directory.php
+++ b/Zotlabs/Storage/Directory.php
@@ -371,6 +371,7 @@ class Directory extends DAV\Node implements DAV\ICollection, DAV\IQuota {
);
if ($r) {
+ require_once('include/attach.php');
$result = attach_mkdir($r[0], $this->auth->observer, array('filename' => $name, 'folder' => $this->folder_hash));
if($result['success']) {