targetdir = request.form['targetdir'].strip()
if targetdir == '':
targetdir = 'uploads/'
- elif '..' in targetdir:
+ elif '../' in targetdir:
return redirect("./", code=406)
- print('Uploading file:')
- print('filename:', filename)
- print('targetdir:', targetdir)
- print('mimetype:', file.mimetype)
+ #print('Uploading file:')
+ #print('filename:', filename)
+ #print('targetdir:', targetdir)
+ #print('mimetype:', file.mimetype)
if "audio" in file.mimetype:
storagepath = os.path.abspath(os.path.join(var.music_folder, targetdir))
<form action="./upload" method="post" enctype="multipart/form-data">
<input type="file" name="file" value="Browse Music file"/>
Upload into
- <input list="targetdirs" id="targetdir" name="targetdir" />
+ <input list="targetdirs" id="targetdir" name="targetdir" placeholder="uploads" />
<datalist id="targetdirs">
+ <option value="uploads">
{% for dir in music_library.get_subdirs_recursively() %}
<option value="{{ dir }}">
{% endfor %}