Commit 0a5db944 authored by Richard Mansfield's avatar Richard Mansfield
Browse files

Handle directory names with quotes properly

parent c91f13f7
......@@ -53,28 +53,24 @@ function formatname(r) {
var cell = r.name;
}
if (r.artefacttype == 'folder') {
paths[cwd + r.name + '/'] = r.id;
var link = A({'href':''},r.name);
link.onclick = function () {
stop();
return changedir(cwd + r.name + '/');
}
var dir = cwd + r.name + '/';
pathids[dir] = r.id;
var link = A({'href':'', 'onclick':"return changedir('" + dir.replace("'","\\\'") + "')"},r.name);
var cell = link;
}
return TD(null, cell);
}
function changedir(path) {
alert(path);
cwd = path;
linked_path(path);
uploader.updatedestination(paths[path], path);
var args = paths[cwd] ? {'folder':paths[cwd]} : null;
linked_path();
uploader.updatedestination(pathids[path], path);
var args = path == '/' ? null : {'folder':pathids[path]};
filelist.doupdate(args);
return false;
}
function linked_path(path) {
function linked_path() {
var dirs = cwd.split('/');
var homedir = A({'href':'', 'onclick':"return changedir('/')"}, get_string('home'));
var sofar = '/';
......@@ -82,26 +78,25 @@ function linked_path(path) {
for (i=0; i<dirs.length; i++) {
if (dirs[i] != '') {
sofar = sofar + dirs[i] + '/';
var dir = A({'href':'', 'onclick':'return changedir(\'' + sofar + '\')'}, dirs[i]);
var dir = A({'href':'', 'onclick':"return changedir('" + sofar.replace("'","\\\'") + "')"}, dirs[i]);
folders.push(' / ');
folders.push(dir);
}
}
replaceChildNodes(filelist.thead,TR(null,TD({'colspan':2},folders)));
replaceChildNodes($('foldernav'),folders);
}
filelist.emptycontent = {$getstring['nofilesfound']};
filelist.paginate = false;
filelist.statevars.push('folder');
filelist.updateOnLoad();
paths = {'/':null};
pathids = {'/':null};
cwd = '/';
var uploader = new FileUploader('uploader', 'upload.json.php', filelist.doupdate);
JAVASCRIPT;
addLoadEvent(function () { changedir(cwd); });
JAVASCRIPT;
$smarty = smarty(array('tablerenderer','fileuploader'));
$smarty->assign('INLINEJAVASCRIPT', $javascript);
......
......@@ -40,7 +40,7 @@ else {
}
$prefix = get_config('dbprefix');
$filedata = get_records_sql_array('SELECT a.id, a.artefacttype, a.title, a.mtime, f.name, f.size
$filedata = get_records_sql_array('SELECT a.id, a.artefacttype, a.mtime, f.name, f.size
FROM ' . $prefix . 'artefact_file_files f
INNER JOIN ' . $prefix . 'artefact a ON f.artefact = a.id
WHERE a.owner = ' . $userid . '
......@@ -49,7 +49,11 @@ $filedata = get_records_sql_array('SELECT a.id, a.artefacttype, a.title, a.mtime
if (!$filedata) {
$filedata = array();
}
else {
foreach ($filedata as $item) {
$item->mtime = strftime(get_string('strftimedatetime'),strtotime($item->mtime));
}
}
$result = array(
'count' => count($filedata),
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment