Portions created by the Initial Developer are Copyright (C) 2008-2023 the Initial Developer. All Rights Reserved. Contributor(s): Mark J Crane James Rose */ //disable this feature exit; //includes files require_once dirname(__DIR__, 2) . "/resources/require.php"; require_once "resources/check_auth.php"; //check permissions if (permission_exists('edit_save')) { //access granted } else { echo "access denied"; exit; } //add multi-lingual support $language = new text; $text = $language->get(); //preparing the directory $folder = $_REQUEST["folder"]; $folder = str_replace ("\\", "/", $folder); $foldername = $_REQUEST["foldername"]; //create the directory or show the html form if (strlen($folder) > 0 && strlen($foldername) > 0) { //compare the tokens $key_name = '/app/edit/folder_new'; $hash = hash_hmac('sha256', $key_name, $_SESSION['keys'][$key_name]); if (!hash_equals($hash, $_POST['token'])) { echo "access denied"; exit; } //create new folder mkdir($folder.'/'.$foldername); //, 0700 header("Location: file_options.php"); } else { //create a token $key_name = '/app/edit/folder_new'; $_SESSION['keys'][$key_name] = bin2hex(random_bytes(32)); $_SESSION['token'] = hash_hmac('sha256', $key_name, $_SESSION['keys'][$key_name]); //show the footer require_once "header.php"; //show the content echo "
"; echo "
"; echo "
"; echo ""; echo " "; echo " "; echo " "; echo " "; echo " "; echo " "; echo "
".$text['label-path']."
".$folder."
"; echo "
"; echo ""; echo " "; echo " "; echo " "; echo " "; echo " "; echo " "; echo " "; echo " "; echo " "; echo "
".$text['label-folder-name']."
"; echo " "; echo " "; echo " "; echo "
"; echo "
"; echo "
"; //show the footer require_once "footer.php"; }