}
if (!defined('NOREQUIREHTML')) {
    define('NOREQUIREHTML', '1');
}
if (!defined('NOREQUIREAJAX')) {
    define('NOREQUIREAJAX', '1');
}
$res = @(include '../../main.inc.php');
include_once DOL_DOCUMENT_ROOT . '/core/lib/files.lib.php';
include_once DOL_DOCUMENT_ROOT . '/core/lib/functions2.lib.php';
include_once DOL_DOCUMENT_ROOT . '/core/lib/treeview.lib.php';
include_once DOL_DOCUMENT_ROOT . '/core/class/html.form.class.php';
include_once DOL_DOCUMENT_ROOT . '/ecm/class/ecmdirectory.class.php';
$openeddir = GETPOST('openeddir');
$modulepart = GETPOST('modulepart');
$selecteddir = jsUnEscape(GETPOST('dir'));
// relative path. We must decode using same encoding function used by javascript: escape()
if ($selecteddir != '/') {
    $selecteddir = preg_replace('/\\/$/', '', $selecteddir);
}
// We removed last '/' except if it is '/'
$langs->load("ecm");
// Define selecteddir (fullpath).
if ($modulepart == 'ecm') {
    $fullpathselecteddir = $conf->ecm->dir_output . '/' . ($selecteddir != '/' ? $selecteddir : '');
}
// Security:
// On interdit les remontees de repertoire ainsi que les pipe dans
// les noms de fichiers.
if (preg_match('/\\.\\./', $fullpathselecteddir) || preg_match('/[<>|]/', $fullpathselecteddir)) {
    dol_syslog("Refused to deliver file " . $original_file);
Beispiel #2
0
    /**
     * testJsUnEscape
     *
     * @return void
     */
    public function testJsUnEscape()
    {
        $result=jsUnEscape('%u03BD%u03B5%u03BF');
        print __METHOD__." result=".$result."\n";
        $this->assertEquals('νεο',$result);

        return;
    }