You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@shindig.apache.org by li...@apache.org on 2010/06/02 10:28:15 UTC

svn commit: r950418 - /shindig/trunk/php/src/gadgets/servlet/FilesServlet.php

Author: lindner
Date: Wed Jun  2 08:28:15 2010
New Revision: 950418

URL: http://svn.apache.org/viewvc?rev=950418&view=rev
Log:
SHINDIG-1332 | Patch from Ram Sharma | wrong replacement in FileContainer

Modified:
    shindig/trunk/php/src/gadgets/servlet/FilesServlet.php

Modified: shindig/trunk/php/src/gadgets/servlet/FilesServlet.php
URL: http://svn.apache.org/viewvc/shindig/trunk/php/src/gadgets/servlet/FilesServlet.php?rev=950418&r1=950417&r2=950418&view=diff
==============================================================================
--- shindig/trunk/php/src/gadgets/servlet/FilesServlet.php (original)
+++ shindig/trunk/php/src/gadgets/servlet/FilesServlet.php Wed Jun  2 08:28:15 2010
@@ -36,7 +36,7 @@ class FilesServlet extends HttpServlet {
    * but doesn't exist a 404 error is returned
    */
   public function doGet() {
-    $file = str_replace(Config::get('web_prefix') . '/gadgets/files/', '', $_SERVER["REQUEST_URI"]);
+    $file = str_replace(Config::get('web_prefix'), '', $_SERVER["REQUEST_URI"]);
     $file = Config::get('javascript_path') . $file;
     // make sure that the real path name is actually in the javascript_path, so people can't abuse this to read
     // your private data from disk .. otherwise this would be a huge privacy and security issue