Skip to content

Commit

Permalink
add xss clean to create media dir method
Browse files Browse the repository at this point in the history
  • Loading branch information
@bobimicroweber
bobimicroweber committed Feb 25, 2022
1 parent 7d3e768 commit c897d0d
Showing 1 changed file with 6 additions and 1 deletion.
7 changes: 6 additions & 1 deletion src/MicroweberPackages/Media/MediaManager.php
View file
Expand Up @@ -4,6 +4,7 @@

use Conner\Tagging\Model\Tagged;
use \Intervention\Image\ImageManagerStatic as Image;
use MicroweberPackages\Helper\HTMLClean;
use MicroweberPackages\Media\Models\Media;
use MicroweberPackages\Media\Models\MediaThumbnail;
use MicroweberPackages\Utils\Media\Thumbnailer;
Expand Down Expand Up @@ -1184,6 +1185,10 @@ public function thumbnail_img($params)

public function create_media_dir($params)
{

$clean = new HTMLClean();
$_REQUEST = $clean->cleanArray($_REQUEST);

must_have_access();
$resp = array();
// $target_path = media_base_path() . 'uploaded' . DS;
Expand All @@ -1198,7 +1203,7 @@ public function create_media_dir($params)

$target_path = $fn_path;
}
if (!isset($_REQUEST['name'])) {
if (!isset($_REQUEST['name']) || empty($_REQUEST['name'])) {
$resp = array('error' => 'You must send new_folder parameter');
} else {
$fn_new_folder_path = $_REQUEST['name'];
Expand Down

0 comments on commit c897d0d

Please sign in to comment.