Changeset 1880 for sandbox/filemanager/inc/class.uifilemanager.inc.php
- Timestamp:
- 12/22/09 09:24:26 (14 years ago)
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
sandbox/filemanager/inc/class.uifilemanager.inc.php
r1879 r1880 616 616 $vars[css].='<link rel="stylesheet" type="text/css" href="phpgwapi/js/dftree/dftree.css">'; 617 617 $vars[preferences]='<input type="hidden" id="userPreferences" value=\''.serialize($_SESSION['phpgw_info']['user']['preferences']['filemanager']).'\'>'; 618 // Used for important operations that needs security 619 for ($key = ""; strlen($key) < 150; $key .= chr(rand(48,95))); 620 $_SESSION['phpgw_info']['filemanager']['user']['sec_key'] = $key; 621 $vars[sec_key]='<input type="hidden" id="userKey" value=\''.$key.'\'>'; 618 622 $vars[script]='<script>initDrawApi();</script>'; 619 623 … … 827 831 function removedir() 828 832 { 829 $now = intval(time() / 5); 830 for ($i=0;$i<20;$i++) 831 $now.=$now; 832 $toRemove = $this->path ^ $now; 833 $toRemove = $this->path ^ $_SESSION['phpgw_info']['filemanager']['user']['sec_key']; 833 834 if ( $this->bo->vfs->rm(array( 'string' => $toRemove, 834 835 'relatives' => array (RELATIVE_NONE)
Note: See TracChangeset
for help on using the changeset viewer.