/
edit.php
113 lines (93 loc) · 4.56 KB
/
edit.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
<?php
if (file_exists('config.php'))
include 'config.php';
else
$password = 'test123';
session_set_cookie_params(30 * 24 * 3600, dirname($_SERVER['SCRIPT_NAME'])); session_start(); // remember me
$siteroot = substr($_SERVER['PHP_SELF'], 0, - strlen(basename($_SERVER['PHP_SELF'])));
if (isset($_POST['pass']) && $_POST['pass'] === $password) { $_SESSION['logged'] = 1; } //header('Location: .'); // reload page to prevent form resubmission popup when refreshing / this works even if no .htaccess RewriteRule
if (!isset($_SESSION['logged']) || !($_SESSION['logged'] == 1)) { echo '<html><head><meta name="viewport" content="width=device-width, initial-scale=1.0"><base href="' . htmlspecialchars($siteroot, ENT_QUOTES, 'UTF-8') . '"></head><body><form action="edit" method="post"><input type="password" name="pass" value="" autofocus><input type="submit" value="Submit"></form></body></html>'; exit; }
// STOPS HERE IF UNLOGGED
// POSTING A POST
if (isset($_POST['main']))
{
$url = empty($_POST['url']) ? ('randomurl' . rand()) : preg_replace("/[^a-zA-Z0-9-]+/", "", $_POST['url']);
$date = preg_replace("/[^0-9]+/", "", $_POST['date']);
$tags = preg_replace("/[^a-zA-Z0-9\s]+/", "", trim($_POST['tags']));
if (strlen($tags) != 0)
$tags = "#" . preg_replace("/\s/", "#", $tags);
$fname = "articles/{$date}-{$url}{$tags}.txt";
file_put_contents($fname, $_POST['main']);
if (isset($_POST['old']))
{
$old = preg_replace("/[^a-zA-Z0-9#-]+/", "", $_POST['old']);
$oldfname = "articles/{$old}.txt";
if ($oldfname !== $fname)
unlink($oldfname);
}
if (empty($_POST['stayedit']))
header("Location: {$siteroot}{$url}");
else
header("Location: {$siteroot}edit/{$url}");
exit;
}
$main = ''; $date = date("Y-m-d"); $tags = ''; $url = '';
// EDITING EXISTING POST
if (isset($_GET['url']))
{
$url = preg_replace("/[^a-zA-Z0-9-]+/", "", $_GET['url']);
$fname = glob("./articles/*-{$url}{#*,}.txt", GLOB_BRACE)[0];
$main = file_get_contents($fname);
preg_match('/.*?(#.*)\.txt/', $fname, $matches);
$tags = ltrim(str_replace('#', ' #', $matches[1]));
$date = date("Y-m-d", strtotime(explode('-', pathinfo($fname, PATHINFO_FILENAME))[0]));
$old = pathinfo($fname, PATHINFO_FILENAME);
}
// DELETING EXISTING POST
if (isset($_GET['url']) && isset($_GET['action']) && ($_GET['action'] === 'delete'))
{
$url = preg_replace("/[^a-zA-Z0-9-]+/", "", $_GET['url']);
$fname = glob("./articles/*-{$url}{#*,}.txt", GLOB_BRACE)[0];
unlink($fname);
header('Location: .');
exit;
}
?>
<!DOCTYPE html>
<html lang="en" class="htmleditor">
<head>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Editor</title>
<base href="<?php echo htmlspecialchars($siteroot, ENT_QUOTES, 'UTF-8'); ?>">
<link rel="stylesheet" type="text/css" href="style.css">
</head>
<body class="fullheight">
<!-- <a href="index.php?action=logout" id="logout">✕</a> -->
<form method="POST" action="edit" class="fullheight" id="form">
<textarea class="editor" id="main" name="main" autofocus><?php echo $main; ?></textarea><input class="editor" id="date" name="date" value="<?php echo $date; ?>" autocomplete="off"/>
<input class="editor" id="tags" name="tags" placeholder="#tag1 #tag2" value="<?php echo $tags; ?>" autocomplete="off"/>
<input class="editor" id="url" name="url" placeholder="urlofthearticle" value="<?php echo $url; ?>" autocomplete="off"/>
<input type="hidden" name="stayedit" id="stayedit" value="" />
<?php if (isset($old)) echo '<input type="hidden" name="old" value="' . $old. '" />'; ?>
<input type="submit" id="submitbtn" value="Post" />
</form>
<div id="smallcommands"><a href="#" id="savestayedit">save</a><a href="" id="deletepost">delete</a><a href="logout" id="">logout</a></div>
<script>
unsaved = false;
window.onbeforeunload = function() { if (unsaved) return 'You have not saved your article, closing or reloading the page will reset all changes.'; };
document.getElementById('deletepost').onclick = function(e) {
e.preventDefault();
if (confirm('Are you sure to want to delete this article?'))
window.location.href = "edit.php?action=delete&url=<?php echo $url; ?>";
return false;
}
document.getElementById('savestayedit').onclick = function(e) {
e.preventDefault();
document.getElementById('stayedit').value = 1;
document.getElementById('form').submit();
return false;
}
</script>
</body>
</html>