diff --git a/files/js/fileactions.js b/files/js/fileactions.js index 1bdbc4ac0bb..b683dc0cd3a 100644 --- a/files/js/fileactions.js +++ b/files/js/fileactions.js @@ -86,7 +86,7 @@ FileActions.register('all','Download',function(filename){ FileActions.register('all','Delete',function(filename){ $.ajax({ url: 'ajax/delete.php', - data: "dir="+$('#dir').val()+"&file="+filename, + data: "dir="+encodeURIComponent($('#dir').val())+"&file="+encodeURIComponent(filename), complete: function(data){ boolOperationFinished(data, function(){ FileList.remove(filename); diff --git a/files/js/files.js b/files/js/files.js index c8cef87eb94..af0c344f18d 100644 --- a/files/js/files.js +++ b/files/js/files.js @@ -117,7 +117,7 @@ $(document).ready(function() { //send the browser to the download location var dir=$('#dir').val()||'/'; // alert(files); - window.location='ajax/download.php?files='+files+'&dir='+dir; + window.location='ajax/download.php?files='+encodeURIComponent(files)+'&dir='+encodeURIComponent(dir); return false; }); @@ -130,7 +130,7 @@ $(document).ready(function() { $.ajax({ url: 'ajax/delete.php', - data: "dir="+$('#dir').val()+"&files="+files, + data: "dir="+$('#dir').val()+"&files="+encodeURIComponent(files), complete: function(data){ boolOperationFinished(data, function(){ $('td.selection input:checkbox:checked').parent().parent().each(function(i,element){