Project

General

Profile

1
<?php
2
/**
3
 *
4
 * @category        admin
5
 * @package         admintools
6
 * @author          WebsiteBaker Project
7
 * @copyright       Ryan Djurovich
8
 * @copyright       WebsiteBaker Org. e.V.
9
 * @link            http://websitebaker.org/
10
 * @license         http://www.gnu.org/licenses/gpl.html
11
 * @platform        WebsiteBaker 2.8.3
12
 * @requirements    PHP 5.3.6 and higher
13
 * @version         $Id: delete.php 2 2017-07-02 15:14:29Z Manuela $
14
 * @filesource      $HeadURL: svn://isteam.dynxs.de/wb/2.10.x/branches/main/admin/media/delete.php $
15
 * @lastmodified    $Date: 2017-07-02 17:14:29 +0200 (Sun, 02 Jul 2017) $
16
 *
17
 */
18

    
19
require(dirname(dirname(__DIR__)).'/config.php');
20
// Create admin object
21
require_once(WB_PATH.'/framework/class.admin.php');
22
$admin = new admin('Media', 'media_delete', false);
23

    
24
// Include the WB functions file
25
require_once(WB_PATH.'/framework/functions.php');
26

    
27
// Get the current dir
28
$directory = $admin->get_get('dir');
29
$directory = ($directory == '/') ?  '' : $directory;
30

    
31
$dirlink = 'browse.php?dir='.$directory;
32
$rootlink = 'browse.php?dir=';
33

    
34
// Check to see if it contains ..
35
if (!check_media_path($directory)) {
36
    // $admin->print_header();
37
    $admin->print_error($MESSAGE['MEDIA_DIR_DOT_DOT_SLASH'],$rootlink,false );
38
}
39

    
40
// Get the file id
41
$file_id = intval($admin->checkIDKEY('id', false, $_SERVER['REQUEST_METHOD']))-1;
42
if ($file_id===false) {
43
    $admin->print_error($MESSAGE['GENERIC_SECURITY_ACCESS'], $dirlink,false);
44
}
45

    
46
// Get home folder not to show
47
$home_folders = get_home_folders();
48
$usedFiles = array();
49
// feature freeze
50
// require_once(ADMIN_PATH.'/media/dse.php');
51
/*
52

    
53
if(!empty($currentdir)) {
54
    $usedFiles = $Dse->getMatchesFromDir( $directory, DseTwo::RETURN_USED);
55
}
56
*/
57

    
58
$DIR  = array();
59
$FILE = array();
60
// Check for potentially malicious files
61
$forbidden_file_types  = preg_replace( '/\s*[,;\|#]\s*/','|',RENAME_FILES_ON_UPLOAD);
62
//$aDirList = glob (WB_PATH.MEDIA_DIRECTORY.'/'.$directory.'/*',GLOB_MARK|GLOB_NOSORT);
63
// Figure out what folder name the temp id is
64
if($handle = opendir(WB_PATH.MEDIA_DIRECTORY.'/'.$directory)) {
65
    // Loop through the files and dirs an add to list
66
   while (false !== ($file = readdir($handle))) {
67
        $info = pathinfo($file);
68
        $ext = isset($info['extension']) ? $info['extension'] : '';
69
        if(substr($file, 0, 1) != '.' AND $file != '.svn' AND $file != 'index.php') {
70
            if( !preg_match('/'.$forbidden_file_types.'$/i', $ext) ) {
71
                if(is_dir(WB_PATH.MEDIA_DIRECTORY.$directory.'/'.$file)) {
72
                    if(!isset($home_folders[$directory.'/'.$file])) {
73
                        $DIR[] = $file;
74
                    }
75
                } else {
76
                    $FILE[] = $file;
77
                }
78
            }
79
        }
80
    }
81
closedir($handle);
82
}
83

    
84
    $iSortFlags = ((version_compare(PHP_VERSION, '5.4.0', '<'))?SORT_REGULAR:SORT_NATURAL|SORT_FLAG_CASE);
85
    sort($DIR, $iSortFlags);
86
    sort($FILE, $iSortFlags);
87
    $aListDir = array_merge($DIR,$FILE);
88
    $temp_id = 0;
89
    if(isset($aListDir)) {
90
        foreach($aListDir AS $name) {
91
            if(!isset($delete_file) AND $file_id == $temp_id) {
92
                $delete_file = $name;
93
                $type = is_dir(WB_PATH.MEDIA_DIRECTORY.$directory.'/'.$delete_file)?'folder':'file';
94
            }
95
            $temp_id++;
96
        }
97
    }
98

    
99
// Check to see if we could find an id to match
100
if(!isset($delete_file)) {
101
    $admin->print_error($MESSAGE['MEDIA_FILE_NOT_FOUND'], $dirlink, false);
102
}
103
$relative_path = WB_PATH.MEDIA_DIRECTORY.'/'.$directory.'/'.$delete_file;
104
// Check if the file/folder exists
105
if(!file_exists($relative_path)) {
106
    $admin->print_error($MESSAGE['MEDIA_FILE_NOT_FOUND'], $dirlink, false);
107
}
108

    
109
// Find out whether its a file or folder
110
/**/
111
if($type == 'folder') {
112
    // Try and delete the directory
113
    if(rm_full_dir($relative_path)) {
114
        $admin->print_success($MESSAGE['MEDIA_DELETED_DIR'], $dirlink);
115
    } else {
116
        $admin->print_error($MESSAGE['MEDIA_CANNOT_DELETE_DIR'], $dirlink, false);
117
    }
118
} else {
119
    // Try and delete the file
120
    if(unlink($relative_path)) {
121
        $admin->print_success($MESSAGE['MEDIA_DELETED_FILE'], $dirlink);
122
    } else {
123
        $admin->print_error($MESSAGE['MEDIA_CANNOT_DELETE_FILE'], $dirlink, false);
124
    }
125
}
(5-5/16)