Portions created by the Initial Developer are Copyright (C) 2008-2023 the Initial Developer. All Rights Reserved. Contributor(s): Mark J Crane James Rose */ //disable this feature exit; //includes files require_once dirname(__DIR__, 2) . "/resources/require.php"; require_once "resources/check_auth.php"; //check permissions if (permission_exists('edit_save')) { //access granted } else { echo "access denied"; exit; } //add multi-lingual support $language = new text; $text = $language->get(); //set the variables $folder = $_REQUEST["folder"]; //$folder = str_replace ("\\", "/", $folder); //if (substr($folder, -1) != "/") { $folder = $folder.'/'; } $new_file_name = $_REQUEST["new_file_name"]; $fil_ename = $_REQUEST["filename"]; //rename the file or show the html form if (strlen($folder) > 0 && strlen($newfilename) > 0) { //compare the tokens $key_name = '/app/edit/file_new'; $hash = hash_hmac('sha256', $key_name, $_SESSION['keys'][$key_name]); if (!hash_equals($hash, $_POST['token'])) { echo "access denied"; exit; } //rename the file //echo "new file: ".$newfilename."
"; //echo "folder: ".$folder."
"; //echo "orig filename: ".$file_name."
";; rename($folder.$file_name, $folder.$new_file_name); header("Location: file_options.php"); } else { //create the token $key_name = '/app/edit/file_new'; $_SESSION['keys'][$key_name] = bin2hex(random_bytes(32)); $_SESSION['token'] = hash_hmac('sha256', $key_name, $_SESSION['keys'][$key_name]); //display the form require_once "header.php"; echo "
"; echo "

"; echo ""; echo "

"; require_once "footer.php"; }