diff --git a/app/classes/web/ajax_handler.py b/app/classes/web/ajax_handler.py index 61e2c40d..cdd67146 100644 --- a/app/classes/web/ajax_handler.py +++ b/app/classes/web/ajax_handler.py @@ -508,12 +508,12 @@ class AjaxHandler(BaseHandler): self.redirect("/panel/dashboard") elif page == "unzip_server": - path = urllib.parse.unquote(self.get_argument("path", None)) + path = urllib.parse.unquote(self.get_argument("path", "")) if not path: path = os.path.join( self.controller.project_root, "imports", - self.get_argument("file", ""), + urllib.parse.unquote(self.get_argument("file", "")), ) if Helpers.check_file_exists(path): self.helper.unzip_server(path, exec_user["user_id"]) diff --git a/app/classes/web/server_handler.py b/app/classes/web/server_handler.py index e6ecc719..62c549e5 100644 --- a/app/classes/web/server_handler.py +++ b/app/classes/web/server_handler.py @@ -319,15 +319,6 @@ class ServerHandler(BaseHandler): return import_type = bleach.clean(self.get_argument("create_type", "")) import_server_path = bleach.clean(self.get_argument("server_path", "")) - if not self.helper.is_subdir( - import_server_path, self.controller.project_root - ): - self.redirect( - "/panel/error?error=Loop Error: The selected path will cause" - " an infinite copy loop. Make sure Crafty's directory is not" - " in your server path." - ) - return import_server_jar = bleach.clean(self.get_argument("server_jar", "")) server_parts = server.split("|") captured_roles = [] @@ -340,6 +331,15 @@ class ServerHandler(BaseHandler): return if import_type == "import_jar": + if not self.helper.is_subdir( + import_server_path, self.controller.project_root + ): + self.redirect( + "/panel/error?error=Loop Error: The selected path will cause" + " an infinite copy loop. Make sure Crafty's directory is not" + " in your server path." + ) + return good_path = self.controller.verify_jar_server( import_server_path, import_server_jar ) @@ -477,13 +477,6 @@ class ServerHandler(BaseHandler): return import_type = bleach.clean(self.get_argument("create_type", "")) import_server_path = bleach.clean(self.get_argument("server_path", "")) - if self.helper.is_subdir(import_server_path, self.controller.project_root): - self.redirect( - "/panel/error?error=Loop Error: The selected path will cause" - " an infinite copy loop. Make sure Crafty's directory is not" - " in your server path." - ) - return import_server_exe = bleach.clean(self.get_argument("server_jar", "")) server_parts = server.split("|") captured_roles = [] @@ -496,6 +489,15 @@ class ServerHandler(BaseHandler): return if import_type == "import_jar": + if self.helper.is_subdir( + import_server_path, self.controller.project_root + ): + self.redirect( + "/panel/error?error=Loop Error: The selected path will cause" + " an infinite copy loop. Make sure Crafty's directory is not" + " in your server path." + ) + return good_path = self.controller.verify_jar_server( import_server_path, import_server_exe )