+ my $cgi = $data->{'cgi'};
+
+ my @files = $cgi->param('files');
+ my $x = 0;
+
+ if(@files)
+ {
+ foreach my $file(@files)
+ {
+ # Filter out some "bad" files (e.g. files going up in the
+ # directory hierarchy or files containing slashes (it's too
+ # dangerous...)
+
+ splice(@files,$x,1) if($file =~ m!^\.+$!);
+ splice(@files,$x,1) if($file =~ m!/!);
+ splice(@files,$x,1) if($file =~ m!\\!);
+
+ $x++;
+ }
+ }
+
+ if(@files)
+ {
+ if($cgi->param('confirmed'))
+ {
+ #die 'Noch nicht!';
+
+ my @success;
+ my @failed;
+
+ foreach my $file(@files)
+ {
+ my $file_path = clean_path($physical.'/'.$file);
+
+ if(-e $file_path)
+ {
+ if(-d $file_path && not -l $file_path)
+ {
+ # Remove a directory
+
+ if(rmtree($file_path))
+ {
+ push(@success,clean_path($file));
+ }
+ else
+ {
+ push(@failed,clean_path($file));
+ }
+ }
+ else
+ {
+ # Remove a file
+
+ if(unlink($file_path))
+ {
+ push(@success,clean_path($file));
+ }
+ else
+ {
+ push(@failed,clean_path($file));
+ }
+ }
+ }
+ else
+ {
+ push(@failed,clean_path($file));
+ }
+ }
+
+ my $tpl = new Template;
+ $tpl->read_file($config->{'templates'}->{'rmmulti'});
+
+ if(scalar(@success) > 0)
+ {
+ $tpl->parse_if_block('success',1);
+
+ foreach my $file_success(@success)
+ {
+ $tpl->add_loop_data('SUCCESS',{FILE => encode_html($file_success),
+ FILE_PATH => encode_html(clean_path($virtual.'/'.$file_success))});
+ }
+ }
+ else
+ {
+ $tpl->parse_if_block('success',0);
+ }
+
+ if(scalar(@failed) > 0)
+ {
+ $tpl->parse_if_block('failed',1);
+
+ foreach my $file_failed(@failed)
+ {
+ $tpl->add_loop_data('FAILED',{FILE => encode_html($file_failed),
+ FILE_PATH => encode_html(clean_path($virtual.'/'.$file_failed))});
+ }
+ }
+ else
+ {
+ $tpl->parse_if_block('failed',0);
+ }
+
+
+ $tpl->set_var('DIR',encode_html($virtual));
+ $tpl->set_var('SCRIPT',$script);
+
+ $tpl->parse;
+
+ my $output = header(-type => 'text/html');
+ $output .= $tpl->get_template;
+
+ return \$output;
+ }
+ else
+ {
+ my $tpl = new Template;
+ $tpl->read_file($config->{'templates'}->{'confirm_rmmulti'});