SF.net SVN: bzflag:[20564] trunk/web/submitimages

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 454-5900

Revision: 20564
          http://bzflag.svn.sourceforge.net/bzflag/?rev=20564&view=rev
Author:   blast007
Date:     2009-08-28 02:39:11 +0000 (Fri, 28 Aug 2009)

Log Message:
-----------
Properly handle directories and files with special characters.

Modified Paths:
--------------
    trunk/web/submitimages/directory.index.php
    trunk/web/submitimages/templates/directory.tpl

Modified: trunk/web/submitimages/directory.index.php
===================================================================

--- trunk/web/submitimages/directory.index.php	2009-08-27 19:29:47 UTC (rev 20563)
+++ trunk/web/submitimages/directory.index.php	2009-08-28 02:39:11 UTC (rev 20564)
@@ -7,6 +7,7 @@
   // Set up some variables for this session
   $data['filedirectory'] = $_SERVER['DOCUMENT_ROOT'].rtrim(urldecode($_SERVER['REQUEST_URI']), '/')."/";
   $data['httpdirectory'] = $_SERVER['REQUEST_URI'];
+  $data['httpdirectoryclean'] = urldecode($data['httpdirectory']);
   // Not even sure if Apache would handle a request that included .. in it, but
   // better safe than sorry.
   if (strstr('..', $_SERVER['REQUEST_URI'])) exit;

Modified: trunk/web/submitimages/templates/directory.tpl
===================================================================
--- trunk/web/submitimages/templates/directory.tpl	2009-08-27 19:29:47 UTC (rev 20563)
+++ trunk/web/submitimages/templates/directory.tpl	2009-08-28 02:39:11 UTC (rev 20564)
@@ -33,7 +33,7 @@
 <body>
   <a href="{$config.paths.baseURL}">Submit Images</a><hr>
 
-  <h1>Index of {$data.httpdirectory}</h1>
+  <h1>Index of {$data.httpdirectoryclean}</h1>
     
   <table>
     <tr><th>Name</th><th>Size</th><th>Author</th><th>Uploader</th><th>License</th></tr>
@@ -41,11 +41,11 @@
     <tr><td><a href="../">Parent Directory</a></td><td>&lt;DIR&gt;</td><td>N/A</td><td>N/A</td><td>N/A</td></tr>
 {/if}
 {foreach from=$data.directories item=directoryname name=directories}
-    <tr><td><a href="{$data.httpdirectory}{$directoryname}/">{$directoryname}</a></td><td>&lt;DIR&gt;</td><td>N/A</td><td>N/A</td><td>N/A</td></tr>
+    <tr><td><a href="{$data.httpdirectory}{$directoryname|escape:'url'}/">{$directoryname}</a></td><td>&lt;DIR&gt;</td><td>N/A</td><td>N/A</td><td>N/A</td></tr>
 {/foreach}
 {foreach from=$data.files item=file name=files}
     <tr>
-      <td><a href="{$data.httpdirectory}{$file.filename}">{$file.filename}</a></td>
+      <td><a href="{$data.httpdirectory}{$file.filename|escape:'url'}">{$file.filename}</a></td>
       <td>{$file.filesize}</td>
       <td>{if $file.authorname}{$file.authorname}{else}(Unknown){/if}</td>
       <td>{if $file.uploaderfirstname && $file.uploaderlastname}{$file.uploaderfirstname} {$file.uploaderlastname}{else}(Unknown){/if}</td>


This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.


