From 2521dafde1cb7fe4a2b7864f30725b93e9c3da97 Mon Sep 17 00:00:00 2001
From: Matt Pass <matt@mattpass.com>
Date: Sat, 9 May 2015 09:42:21 +0100
Subject: [PATCH] Break into more if/elseif/else so can handle error

---
 lib/file-control-xhr.php | 15 ++++++++++-----
 1 file changed, 10 insertions(+), 5 deletions(-)

diff --git a/lib/file-control-xhr.php b/lib/file-control-xhr.php
index 89ec63d..9d1ebec 100644
--- a/lib/file-control-xhr.php
+++ b/lib/file-control-xhr.php
@@ -19,11 +19,16 @@ $errorMsg = "None";
 $saveType = isset($_GET['saveType']) ? strClean($_GET['saveType']) : "";
 
 // Establish the filename/new filename
-$file = str_replace("|","/",strClean(
-	isset($_POST['newFileName']) && $_POST['newFileName']!=""
-	? $_POST['newFileName']
-	: $_REQUEST['file']
-	));
+if (isset($_POST['newFileName']) && $_POST['newFileName']!="") {
+	$file = $_POST['newFileName'];	// New file
+} elseif (isset($_REQUEST['file'])) {
+	$file = $_REQUEST['file'];	// Existing file
+} else {
+	$file = "";			// Error
+};
+
+// Replace pipes with slashes, after cleaning the chars
+$file = str_replace("|","/",strClean($file));
 
 // Establish the actual name as we may have HTML entities in filename
 $file = html_entity_decode($file);