Skip to content

Commit f23d234

Browse files
committed
Prevent double-slash in file paths and clear XHR reference
- Strip trailing slashes from dir before constructing file path - Clear currentXhr reference in stopUpload for clean state - Use consistent filePath variable in both upload and cancel
1 parent 3b0cfe7 commit f23d234

1 file changed

Lines changed: 4 additions & 2 deletions

File tree

emhttp/plugins/dynamix/Browse.page

Lines changed: 4 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -868,6 +868,7 @@ function doActions(action, title) {
868868

869869
function stopUpload(file,error,errorType) {
870870
window.onbeforeunload = null;
871+
currentXhr = null;
871872
$.post('/webGui/include/Control.php',{mode:'stop',file:encodeURIComponent(dfm_htmlspecialchars(file))});
872873
$('#dfm_uploadButton').val("_(Upload)_").prop('onclick',null).off('click').click(function(){$('#dfm_upload').click();});
873874
$('#dfm_uploadStatus').html('');
@@ -901,7 +902,8 @@ function uploadFile(files,index,start,time) {
901902

902903
var xhr = new XMLHttpRequest();
903904
currentXhr = xhr; // Store for abort capability
904-
var url = '/webGui/include/Control.php?mode=upload&file=' + encodeURIComponent(dir + '/' + dfm_htmlspecialchars(file.name)) + '&start=' + start + '&cancel=' + cancel;
905+
var filePath = dir.replace(/\/+$/, '') + '/' + dfm_htmlspecialchars(file.name);
906+
var url = '/webGui/include/Control.php?mode=upload&file=' + encodeURIComponent(filePath) + '&start=' + start + '&cancel=' + cancel;
905907
xhr.open('POST', url, true);
906908
xhr.setRequestHeader('Content-Type', 'application/octet-stream');
907909
xhr.setRequestHeader('X-CSRF-Token', '<?=$var['csrf_token']?>');
@@ -944,7 +946,7 @@ function uploadFile(files,index,start,time) {
944946
// User cancelled upload - trigger deletion via cancel=1 parameter
945947
$.post('/webGui/include/Control.php', {
946948
mode: 'upload',
947-
file: dir + '/' + dfm_htmlspecialchars(file.name),
949+
file: filePath,
948950
start: 0,
949951
cancel: 1
950952
}).always(function() {

0 commit comments

Comments
 (0)