From: dongsheng <dongsheng>
Date: Wed, 8 Jul 2009 07:45:51 +0000 (+0000)
Subject: "MDL-19733, directory name need to be cleaned before saving into database"
X-Git-Url: http://git.mjollnir.org/gw?a=commitdiff_plain;h=b2f8adf4e5cf519f9cf98e2d8b5e0489725fc163;p=moodle.git

"MDL-19733, directory name need to be cleaned before saving into database"
---

diff --git a/repository/filesystem/repository.class.php b/repository/filesystem/repository.class.php
index c0dc239625..2d54ff8609 100644
--- a/repository/filesystem/repository.class.php
+++ b/repository/filesystem/repository.class.php
@@ -14,7 +14,9 @@ class repository_filesystem extends repository {
         global $CFG;
         parent::__construct($repositoryid, $context, $options);
         $this->root_path = $CFG->dataroot.'/repository/';
-        $this->root_path .= ($this->options['fs_path'] . '/');
+        if (!empty($options['fs_path'])) {
+            $this->root_path .= ($this->options['fs_path'] . '/');
+        }
         if (!empty($options['ajax'])) {
             if (!is_dir($this->root_path)) {
                 $created = mkdir($this->root_path, 0700);
@@ -118,6 +120,11 @@ class repository_filesystem extends repository {
     }
     public function type_config_form(&$mform) {
     }
+    public function set_option($options = array()) {
+        $options['fs_path'] = clean_param($options['fs_path'], PARAM_PATH);
+        $ret = parent::set_option($options);
+        return $ret;
+    }
     public function instance_config_form(&$mform) {
         global $CFG;
         $path = $CFG->dataroot . '/repository/';