aboutsummaryrefslogtreecommitdiff
path: root/delete/confirm/index.php
diff options
context:
space:
mode:
Diffstat (limited to 'delete/confirm/index.php')
-rw-r--r--delete/confirm/index.php43
1 files changed, 43 insertions, 0 deletions
diff --git a/delete/confirm/index.php b/delete/confirm/index.php
new file mode 100644
index 0000000..dba2c1e
--- /dev/null
+++ b/delete/confirm/index.php
@@ -0,0 +1,43 @@
+<?php
+
+session_start();
+require_once $_SERVER['DOCUMENT_ROOT'] . "/private/session.php";
+
+$_CONF_URN = $_FULLNAME;
+$_CONF_UID = $_SUID;
+$_CONF_USP = json_decode(file_get_contents($_SERVER['DOCUMENT_ROOT'] . "/private/profiles/" . $_CONF_UID . ".json"), true);
+
+function fb() {
+ if (isset($_GET['i'])) {
+ header("Location: /delete/?i=" . $_GET['i']);
+ die();
+ } else {
+ header("Location: /files");
+ die();
+ }
+}
+
+if (isset($_GET['csrf']) && isset($_SESSION['csrf_token']) && $_GET['csrf'] === $_SESSION['csrf_token']) {
+ $selected = null;
+ foreach ($_CONF_USP['files'] as $file) {
+ if ($file['id'] === $_GET['i']) {
+ $selected = $file;
+ }
+ }
+
+ if ($selected === null) {
+ fb();
+ } else {
+ $file = $selected;
+ }
+} else {
+ fb();
+}
+
+unlink("./shares/" . $file['file']);
+if (array_search($file, $_CONF_USP['files']) !== false) {
+ unset($_CONF_USP['files'][array_search($file, $_CONF_USP['files'])]);
+}
+file_put_contents($_SERVER['DOCUMENT_ROOT'] . "/private/profiles/" . $_CONF_UID . ".json", json_encode($_CONF_USP, JSON_PRETTY_PRINT));
+header("Location: /files");
+die(); \ No newline at end of file
© Floofi Systems, Some rights reserved. Powered by cgit.