$path=substr($request['path'], strlen($basedir));
header( 'Location: '.$_SERVER['PHP_SELF'].'?path='.$path);
}
+
+} elseif (@$_POST['tools']=="mkdir" && isset($_GET['path']) && isset($_POST['newname']) && $_SESSION['creds']['user_level'] > 99) {
+ $path = $_GET['path'];
+ $newname = $_POST['newname'];
+ $subs = explode('/', $path);
+ if (in_array('..', $subs))
+ die(); // Hard fails when trying to play above basedir
+ if ($squashweb->got_rights_array_admin($path) > 0) {
+ umask(002); // don't remove g+w
+ mkdir($basedir.'/'.$path.'/'.$newname);
+ }
+ header( 'Location: ?path='.$path.'/'.$newname) ;
+
+} elseif (@$_POST['tools']=="rmdir" && isset($_GET['path']) && $_SESSION['creds']['user_level'] > 99) {
+ $path = $_GET['path'];
+ $subs = explode('/', $path);
+ if (in_array('..', $subs))
+ die(); // Hard fails when trying to play above basedir
+ if ($squashweb->got_rights_array_admin($path) > 0) {
+ rmdir($basedir.$path);
+ }
+ array_pop($subs);
+ $path=implode("/", $subs);
+ header( 'Location: ?path='.$path) ;
+
} elseif (@$_GET['tools']=='access' && $_SESSION['creds']['user_level'] > 100) {
require_once(SQUASHER_SMARTY);
aSelect.options[i].selected = true;
}
}
+ function deleteFolder(foldername) {
+ if (!confirm('Are you sure you want to delete folder '+foldername+' ?'))
+ return;
+ document.rmdir.submit();
+ }
+ function deleteFolderNotEmpty(foldername) {
+ alert(foldername+' in not empty. Please empty it first');
+ }
+ function createFolder() {
+ var folder = prompt("New folder name");
+ if (folder == null)
+ return; // canceled
+ if (folder.indexOf('/')>=0 || folder=='.' || folder=='..') {
+ // detect the most common errors
+ alert('Invalid name');
+ return;
+ }
+ document.mkdir.newname.value = folder;
+ document.mkdir.submit();
+ }
{/literal}</script>
</head>
<body>
<div class="menuhead">current folder</div>
{foreach item=crumb key=cookie from=$base}<a href="?path={$cookie|escape:'url'}">{$crumb|escape}</a>{/foreach}
-
+
+ {if $user_level > 99 AND count($base)>1 }
+ <form name=rmdir method=post>
+ <input type=hidden name=tools value=rmdir>
+ <a href="javascript:deleteFolder{if count($squashed)>0 || count($subfolders)>0}NotEmpty{/if}('{$currentfolder|escape:'javascript'|escape}');" class=tool>delete this folder</a>
+ </form>
+ {/if}
+
</div>
<div class="menu">
-
+
<div class="menuhead">subfolders</div>
-
+
{foreach item=folder key=folderpath from=$subfolders}<a href="?path={$folderpath|escape:'url'}">{$folder|escape}</a>{/foreach}
-
+
+ {if $user_level > 99}
+ <form name=mkdir method=post>
+ <input type=hidden name=tools value=mkdir>
+ <input type=hidden name=newname>
+ <a href="javascript:createFolder();" class=tool>new subfolder</a>
+ </form>
+ {/if}
+
</div>
-
+
</div>
<div class="content">