prevent creating files with a / the name
[owncloud:owncloud.git] / apps / files / ajax / newfolder.php
1 <?php
2
3 // Init owncloud
4
5
6 OCP\JSON::checkLoggedIn();
7
8 // Get the params
9 $dir = isset( $_POST['dir'] ) ? stripslashes($_POST['dir']) : '';
10 $foldername = isset( $_POST['foldername'] ) ? stripslashes($_POST['foldername']) : '';
11
12 if(trim($foldername) == '') {
13         OCP\JSON::error(array("data" => array( "message" => "Empty Foldername" )));
14         exit();
15 }
16 if(strpos($filename,'/')!==false){
17         OCP\JSON::error(array("data" => array( "message" => "Invalid Foldername" )));
18         exit();
19 }
20
21 if(OC_Files::newFile($dir, stripslashes($foldername), 'dir')) {
22         OCP\JSON::success(array("data" => array()));
23         exit();
24 }
25
26 OCP\JSON::error(array("data" => array( "message" => "Error when creating the folder" )));