From f8ba1094a448a17f9ccae6ab9dacbb64e3a02842 Mon Sep 17 00:00:00 2001
From: Usman Nasir <usman@cyberpersons.com>
Date: Sat, 18 Jan 2020 21:07:40 +0500
Subject: [PATCH] path check to upload

---
 filemanager/filemanager.py | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/filemanager/filemanager.py b/filemanager/filemanager.py
index c894aa213..4ded5fb57 100755
--- a/filemanager/filemanager.py
+++ b/filemanager/filemanager.py
@@ -334,8 +334,9 @@ class FileManager:
             fs = FileSystemStorage()
             filename = fs.save(myfile.name, myfile)
             finalData['fileName'] = fs.url(filename)
+            pathCheck = '/home/%s' % (self.data['domainName'])
 
-            if not self.data['completePath'].find(self.data['home']) > -1:
+            if self.data['completePath'].find(pathCheck) == -1:
                 return self.ajaxPre(0, 'Not allowed to move in this path, please choose location inside home!')
 
             command = 'mv ' + self.returnPathEnclosed('/home/cyberpanel/media/' + myfile.name) + ' ' + self.returnPathEnclosed(self.data['completePath'] + '/' + myfile.name)