From 0b56e775342f4a25d343c4a2aa3133aac91b7fe4 Mon Sep 17 00:00:00 2001
From: FusionPBX <markjcrane@gmail.com>
Date: Mon, 8 Jul 2019 22:27:48 -0600
Subject: [PATCH] Update folderdelete.php

---
 app/edit/folderdelete.php | 89 ++++++++++++++++++++++++++++++---------
 1 file changed, 69 insertions(+), 20 deletions(-)

diff --git a/app/edit/folderdelete.php b/app/edit/folderdelete.php
index db22dad949..6e384c47f5 100644
--- a/app/edit/folderdelete.php
+++ b/app/edit/folderdelete.php
@@ -17,30 +17,79 @@
 
 	The Initial Developer of the Original Code is
 	Mark J Crane <markjcrane@fusionpbx.com>
-	Portions created by the Initial Developer are Copyright (C) 2008-2012
+	Portions created by the Initial Developer are Copyright (C) 2008-2019
 	the Initial Developer. All Rights Reserved.
 
 	Contributor(s):
-	Mark J Crane <markjcrane@fusionpbx.com>
+	'Mark J Crane <markjcrane@fusionpbx.com>
 */
-include "root.php";
-require_once "resources/require.php";
-require_once "resources/check_auth.php";
-if (permission_exists('script_editor_save')) {
-	//access granted
-}
-else {
-	echo "access denied";
-	exit;
-}
 
-$folder = $_GET["folder"];
-$folder = str_replace ("\\", "/", $folder);
+//includes
+	include "root.php";
+	require_once "resources/require.php";
+	require_once "resources/check_auth.php";
 
-if (strlen($folder) > 0) {
-    //delete the folder
-    rmdir($folder); //, 0700
-    header("Location: fileoptions.php");
-}
+//check the permissions
+	if (permission_exists('script_editor_save')) {
+		//access granted
+	}
+	else {
+		echo "access denied";
+		exit;
+	}
 
-?>
\ No newline at end of file
+//set the variables
+	$folder = $_GET["folder"];
+	$folder = str_replace ("\\", "/", $folder);
+
+//delete the directory
+	if (strlen($folder) > 0 && isset($_POST['token'])) {
+		//compare the tokens
+		$key_name = '/app/edit/folder_delete';
+		$hash = hash_hmac('sha256', $key_name, $_SESSION['keys'][$key_name]);
+		if (!hash_equals($hash, $_POST['token'])) {
+			echo "access denied";
+			exit;
+		}
+
+		//delete the folder
+		rmdir($folder); //, 0700
+		header("Location: fileoptions.php");
+	}
+	else {
+		//create the token
+		$key_name = '/app/edit/folder_delete';
+		$_SESSION['keys'][$key_name] = bin2hex(random_bytes(32));
+		$_SESSION['token'] = hash_hmac('sha256', $key_name, $_SESSION['keys'][$key_name]);
+
+		//display form
+		require_once "header.php";
+		echo "<br>";
+		echo "<div align='left'>";
+		echo "	<form method='POST' action=''>";
+		echo "		<table>";
+		echo "			<tr>";
+		echo "				<td>".$text['label-path']."</td>";
+		echo "			</tr>";
+		echo "			<tr>";
+		echo "				<td>".$folder."</td>";
+		echo "			</tr>";
+		echo "		</table>";
+		echo "		<br />";
+		echo "		<table>";
+		echo "			<tr>";
+		echo "				<td colspan='1' align='right'>";
+		echo "					<input type='hidden' name='folder' value='$folder'>";
+		echo "					<input type='hidden' name='token' id='token' value='". $_SESSION['token']. "'>";
+		echo "					<input type='submit' value='".$text['button-del-dir']."'>";
+		echo "				</td>";
+		echo "			</tr>";
+		echo "		</table>";
+		echo "	</form>";
+		echo "</div>";
+
+		//include the footer
+		require_once "footer.php";
+	}
+
+?>