fix new file path and error page

2025-08-25 18:43:21 +01:00
parent a306bf2cfd
commit e97e24699e
2 changed files with 109 additions and 24 deletions
--- a/internal/handlers/editor.go
+++ b/internal/handlers/editor.go
@@ -55,40 +55,62 @@ func (h *Handlers) CreateNoteHandler(c *gin.Context) {
 		return
 	}

+	// Normalize slashes: treat backslashes as folder separators
+	folderPath = strings.ReplaceAll(folderPath, "\\", "/")
+	title = strings.ReplaceAll(title, "\\", "/")
+
+	// Merge any subfolder segments included in title into folderPath
+	if strings.Contains(title, "/") {
+		dirPart := filepath.Dir(title)
+		base := filepath.Base(title)
+		if dirPart != "." && dirPart != "" {
+			if folderPath == "" {
+				folderPath = dirPart
+			} else {
+				folderPath = filepath.Join(folderPath, dirPart)
+			}
+		}
+		title = base
+	}
+
+	// Strip any leading separators that might imply absolute path
+	folderPath = strings.TrimPrefix(folderPath, "/")
+	title = strings.TrimPrefix(title, "/")
+
 	// Security check
 	if strings.Contains(folderPath, "..") || strings.Contains(title, "..") {
 		c.JSON(http.StatusBadRequest, gin.H{"error": "Invalid path or title"})
 		return
 	}

-	// Check if path is in skipped directories
+	// Check if path is in skipped directories (after merging title path)
 	if utils.IsPathInSkippedDirs(folderPath, h.config.NotesDirSkip) {
 		c.JSON(http.StatusForbidden, gin.H{"error": "Cannot create notes in this directory"})
 		return
 	}

-    // Determine extension logic
-    ext := strings.TrimPrefix(strings.ToLower(filepath.Ext(title)), ".")
-    if ext == "" {
-        // No extension provided: default to markdown
-        title += ".md"
-        ext = "md"
-    } else {
-        // Has extension: allow if md or in allowed file extensions
-        allowed := ext == "md"
-        if !allowed {
-            for _, a := range h.config.AllowedFileExtensions {
-                if strings.EqualFold(a, ext) {
-                    allowed = true
-                    break
-                }
-            }
-        }
-        if !allowed {
-            c.JSON(http.StatusBadRequest, gin.H{"error": "File extension not allowed"})
-            return
-        }
-    }
+	// Determine extension logic
+	ext := strings.TrimPrefix(strings.ToLower(filepath.Ext(title)), ".")
+	if ext == "" {
+		// No extension provided: default to markdown
+		title += ".md"
+		ext = "md"
+	} else {
+		// Has extension: allow if md or in allowed file extensions
+		allowed := ext == "md"
+		if !allowed {
+			for _, a := range h.config.AllowedFileExtensions {
+				if strings.EqualFold(a, ext) {
+					allowed = true
+					break
+				}
+			}
+		}
+		if !allowed {
+			c.JSON(http.StatusBadRequest, gin.H{"error": "File extension not allowed"})
+			return
+		}
+	}

 	// Create full path
 	var notePath string