From 7f77bd308784a55193a3d18bacf079df5494511c Mon Sep 17 00:00:00 2001
From: steckbrief <steckbrief@chefmail.de>
Date: Fri, 5 Feb 2016 14:13:19 +0100
Subject: php end tags added, rawurlencode optimized

---
 storage-backend/config/config.inc.php |  1 +
 storage-backend/index.php             | 11 ++++++-----
 2 files changed, 7 insertions(+), 5 deletions(-)

diff --git a/storage-backend/config/config.inc.php b/storage-backend/config/config.inc.php
index dd05a15..bfc2c9a 100644
--- a/storage-backend/config/config.inc.php
+++ b/storage-backend/config/config.inc.php
@@ -11,3 +11,4 @@ return [
   // Array of characters which are not allowed in filenames
   'invalid_characters_in_filename' => ['/'],
 ];
+?>
\ No newline at end of file
diff --git a/storage-backend/index.php b/storage-backend/index.php
index ab59617..5d70b79 100644
--- a/storage-backend/index.php
+++ b/storage-backend/index.php
@@ -44,7 +44,7 @@ switch ($method) {
     // parse post parameters
     // check if all parameters are present - return 400 (bad request) if a parameter is missing / empty
 	$xmppServerKey = getMandatoryPostParameter('xmpp_server_key');
-	$filename = getMandatoryPostParameter('filename');
+	$filename = rawurlencode(getMandatoryPostParameter('filename'));
 	$filesize = getMandatoryPostParameter('size');
 	$type = getOptionalPostParameter('content_type');
 	$userJid = getMandatoryPostParameter('user_jid');
@@ -128,13 +128,13 @@ function checkXmppServerKey($validXmppServerKeys, $xmppServerKey) {
 }
 
 function checkFilenameParameter($filename, $slotParameters) {
-  $filename = rawurldecode($filename); // the filename is a http get parameter and therefore encoded
+  $filename = $filename; // the filename is a http get parameter and therefore encoded
   return $slotParameters['filename'] == $filename;
 }
 
 function loadSlotParameters($slotUUID, $config) {
   $slotParameters = require(getSlotFilePath($slotUUID, $config));
-  $slotParameters['filename'] = rawurldecode($slotParameters['filename']);
+  $slotParameters['filename'] = $slotParameters['filename'];
   
   return $slotParameters;
 }
@@ -180,8 +180,8 @@ function getFilenameFromUri($uri) {
 
 function registerSlot($slotUUID, $filename, $filesize, $contentType, $userJid, $config) {
   $contents = "<?php\n/*\n * This is an autogenerated file - do not edit\n */\n\n";
-  $contents .= 'return [\'filename\' => \''.rawurlencode($filename).'\', \'filesize\' => \''.$filesize.'\', ';
-  $contents .= '\'content_type\' => \''.$contentType.'\', \'user_jid\' => \''.$userJid.'\'];';
+  $contents .= 'return [\'filename\' => \''.$filename.'\', \'filesize\' => \''.$filesize.'\', ';
+  $contents .= '\'content_type\' => \''.$contentType.'\', \'user_jid\' => \''.$userJid.'\'];\n?>';
   if (!file_put_contents(getSlotFilePath($slotUUID, $config), $contents)) {
     sendHttpReturnCodeAndMessage(500, "Could not create slot registry entry.");
   }
@@ -250,3 +250,4 @@ function generate_uuid() {
     mt_rand( 0, 0xffff ), mt_rand( 0, 0xffff ), mt_rand( 0, 0xffff )
   );
 }
+?>
\ No newline at end of file
-- 
cgit v1.2.3