zydronium/neocities
1
0
Fork 0
mirror of https://github.com/neocities/neocities.git synced 2025-07-20 01:26:03 +02:00
Code Issues Projects Releases Packages Wiki Activity

fix escaping issues for file deletion

Browse source
This commit is contained in:
Kyle Drake 2016-06-30 15:29:23 -07:00
parent 80d7536fe1
commit c33a8a86b1
5 changed files with 17 additions and 3 deletions
Download patch file Download diff file Expand all files Collapse all files

5
app/site_files.rb
View file

@ -134,10 +134,11 @@ end
post '/site_files/delete' do
require_login
current_site.delete_file params[:filename]
path = HTMLEntities.new.decode params[:filename]
current_site.delete_file path
flash[:success] = "Deleted #{params[:filename]}. Please note it can take up to 30 minutes for deleted files to stop being viewable on your site."
dirname = Pathname(params[:filename]).dirname
dirname = Pathname(path).dirname
dir_query = dirname.nil? || dirname.to_s == '.' ? '' : "?dir=#{Rack::Utils.escape dirname}"
redirect "/dashboard#{dir_query}"