Portions created by the Initial Developer are Copyright (C) 2008-2023 the Initial Developer. All Rights Reserved. Contributor(s): Mark J Crane */ //disable this feature exit; //includes files require_once dirname(__DIR__, 2) . "/resources/require.php"; require_once "resources/check_auth.php"; //check the permissions if (permission_exists('edit_save')) { //access granted } else { echo "access denied"; exit; } //set the variables $folder = $_GET["folder"]; $folder = str_replace ("\\", "/", $folder); //delete the directory if (strlen($folder) > 0 && isset($_POST['token'])) { //compare the tokens $key_name = '/app/edit/folder_delete'; $hash = hash_hmac('sha256', $key_name, $_SESSION['keys'][$key_name]); if (!hash_equals($hash, $_POST['token'])) { echo "access denied"; exit; } //delete the folder rmdir($folder); //, 0700 header("Location: file_options.php"); } else { //create the token $key_name = '/app/edit/folder_delete'; $_SESSION['keys'][$key_name] = bin2hex(random_bytes(32)); $_SESSION['token'] = hash_hmac('sha256', $key_name, $_SESSION['keys'][$key_name]); //display form require_once "header.php"; echo "
"; echo "
"; echo "
"; echo " "; echo " "; echo " "; echo " "; echo " "; echo " "; echo " "; echo "
".$text['label-path']."
".$folder."
"; echo "
"; echo " "; echo " "; echo " "; echo " "; echo "
"; echo " "; echo " "; echo " "; echo "
"; echo "
"; echo "
"; //include the footer require_once "footer.php"; }