From a09a01a49fbbb7e821c0e9d259586930d51a87d5 Mon Sep 17 00:00:00 2001
From: Bjoern Schiessle <schiessle@owncloud.com>
Date: Mon, 25 Jun 2012 12:44:54 +0200
Subject: [PATCH] sanitizeHTML() has to be called later to keep the path
 unchanged

---
 apps/gallery/index.php           | 2 +-
 apps/gallery/templates/index.php | 4 ++--
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/apps/gallery/index.php b/apps/gallery/index.php
index 52a5b81a23..b8aadacb47 100644
--- a/apps/gallery/index.php
+++ b/apps/gallery/index.php
@@ -94,7 +94,7 @@ for($i = 0; $i<count($root_images); $i++) {
 }
 
 $tmpl = new OCP\Template( 'gallery', 'index', 'user' );
-$tmpl->assign('root', $root);
+$tmpl->assign('root', $root, false);
 $tmpl->assign('tl', $tl, false);
 $tmpl->printPage();
 ?>
diff --git a/apps/gallery/templates/index.php b/apps/gallery/templates/index.php
index c3b4a17854..c90932cefd 100644
--- a/apps/gallery/templates/index.php
+++ b/apps/gallery/templates/index.php
@@ -1,6 +1,6 @@
 <script type="text/javascript">
 
-var root = "<?php echo OCP\Util::sanitizeHTML($_['root']); ?>";
+var root = "<?php echo $_['root']; ?>";
 
 $(document).ready(function() {
 		$("a[rel=images]").fancybox({
@@ -18,7 +18,7 @@ $(document).ready(function() {
 		for ($i = 0; $i < count($paths); $i++) {
 			$path .= urlencode($paths[$i]).'/';
 			$classess = 'crumb'.($i == count($paths)-1?' last':'');
-			echo '<div class="'.$classess.'" style="background-image:url(\''.\OCP\image_path('core','breadcrumb.png').'\')"><a href="'.\OCP\Util::linkTo('gallery', 'index.php').'&root='.$path.'">'.$paths[$i].'</a></div>';
+			echo '<div class="'.$classess.'" style="background-image:url(\''.\OCP\image_path('core','breadcrumb.png').'\')"><a href="'.\OCP\Util::linkTo('gallery', 'index.php').'&root='.$path.'">'.OCP\Util::sanitizeHTML($paths[$i]).'</a></div>';
 		}
 	}
 		
-- 
GitLab