diff options
Diffstat (limited to 'src/editor/simple/upload.cgi')
| -rw-r--r-- | src/editor/simple/upload.cgi | 26 |
1 files changed, 26 insertions, 0 deletions
diff --git a/src/editor/simple/upload.cgi b/src/editor/simple/upload.cgi index f7dd936f9..ec262a062 100644 --- a/src/editor/simple/upload.cgi +++ b/src/editor/simple/upload.cgi @@ -153,6 +153,32 @@ case "$REQUEST_METHOD" in *) error400 esac ;; + rmdir=*) + dir=$(qparse "$QUERY_STRING" rmdir) + case "$dir" in + /tmp/gfse.*) # shouldn't allow .. in path !!! + path="$documentRoot$dir" + if [ -d "$path" ] ; then + ContentType="text/plain; charset=$charset" + cgiheaders + cd "$path" + rm *.gf *.gfo *-*.json *.pgf grammars.cgi + cd .. + rmdir "$path" + newdir=$(qparse "$QUERY_STRING" newdir) + case "$newdir" in + /tmp/gfse.*) # shouldn't allow .. in path !!! + newnode="${newdir##*/}" + oldnode="${path##*/}" + ln -s "$newnode" "$oldnode" + esac + else + error404 + fi + ;; + *) error400 + esac + ;; download=*) file=$(qparse "$QUERY_STRING" download) case "$file" in |