diff options
author | Frank Bergkemper <frank.bergkemper@bareos.com> | 2018-02-13 20:43:11 +0300 |
---|---|---|
committer | Frank Bergkemper <frank.bergkemper@bareos.com> | 2018-02-13 20:43:11 +0300 |
commit | ee232a6f04eaf2a7c1084fee981f011ede000e8a (patch) | |
tree | 93d9559d4165ac04a798aebe1b068d1b38f6b876 | |
parent | 85483ba7b3dcaac545a4de5b79fa9224aca33ccd (diff) |
Fix to bugreport #905 and #893
Regarding #905:
When returning an Ajax result, inside a json string value don't use addslashes.
You don't want both " and ' escaped at the same time. Instead just use
str_replace('"','\"',$Str).
Regarding #893:
A misplaced dir and file separator ',' lead to malformed json which could result in
a non loadable subtree.
Fixes #893: webui cannot list dirs with only files in them
Fixes #905: Restore WebUI - Enable to browse directory when a file name contain a single quote
-rw-r--r-- | module/Restore/src/Restore/Controller/RestoreController.php | 10 |
1 files changed, 5 insertions, 5 deletions
diff --git a/module/Restore/src/Restore/Controller/RestoreController.php b/module/Restore/src/Restore/Controller/RestoreController.php index d432981..e4080d9 100644 --- a/module/Restore/src/Restore/Controller/RestoreController.php +++ b/module/Restore/src/Restore/Controller/RestoreController.php @@ -346,7 +346,7 @@ class RestoreController extends AbstractActionController --$dnum; $items .= '{'; $items .= '"id":"-' . $dir['pathid'] . '"'; - $items .= ',"text":"' . preg_replace('/[\x00-\x1F\x7F]/', '', $dir["name"]) . '"'; + $items .= ',"text":"' . preg_replace('/[\x00-\x1F\x7F]/', '', str_replace('"', '\"', $dir["name"])) . '"'; $items .= ',"icon":"glyphicon glyphicon-folder-close"'; $items .= ',"state":""'; $items .= ',"data":' . \Zend\Json\Json::encode($dir, \Zend\Json\Json::TYPE_OBJECT); @@ -358,10 +358,10 @@ class RestoreController extends AbstractActionController } } - } + if($fnum > 0) { + $items .= ","; + } - if( $tmp > 2 && $fnum > 0 ) { - $items .= ","; } if($fnum > 0) { @@ -369,7 +369,7 @@ class RestoreController extends AbstractActionController foreach($this->files as $file) { $items .= '{'; $items .= '"id":"' . $file["fileid"] . '"'; - $items .= ',"text":"' . preg_replace('/[\x00-\x1F\x7F]/', '', addslashes($file["name"])) . '"'; + $items .= ',"text":"' . preg_replace('/[\x00-\x1F\x7F]/', '', str_replace('"', '\"', $file["name"])) . '"'; $items .= ',"icon":"glyphicon glyphicon-file"'; $items .= ',"state":""'; $items .= ',"data":' . \Zend\Json\Json::encode($file, \Zend\Json\Json::TYPE_OBJECT); |