Bug in Directory Protection in the User Panel

There are several bugs in the user panel under File Management / Directory Protection

The directory protection manipulates the .htaccess and .htpasswd files in a user directory in order to limit the access from the web to these directories.

1. The predefined .htaccess file contains a typo error "memebers only" instead of members only

2. The mechanism fails completely if there is a .htaccess file already present. Instead of scanning the existing .htaccess and appending the predefined blocking content, no action is performed at all. Only the .htpassword file is generated, which is useless as such without the blocking content in .htaccess

3. If removing the  block, an existing .htaccess file is not scanned and only the blocking content is removed. If there is additional content in the .htaccess file, again nothing happens.

4. If there is only the predefined content available, it will be removed. However, then a .htaccess file with length 0 remains on the server. This means all files in this directory and below are defined as unprotected regardless of the content of .htaccess files in upper directories. This is undesired and the .htaccess file should be deleted completely if empty (as it was before the protection action). Also, because of the bugs above this now prevents all further protection actions in this directory by CWP.

5. Unprotection actions leave the generated .htpassword files there as garbage. Those should be removed.

I hope you could fix those errors, as they generate needless trouble for the users who expected them to work flawlessly and for sure cannot understand, why a repeated protect/unprotect operation makes the whole process not only dysfunctional from now on at all but also generates an unwanted security risk by disabling higher directories global protection commands for this particular subdirectory from now on.