<?php
-if (!$User->admin("edit $Page$Args"))
+if (!$User->admin("edit {$Page->link}"))
abort("geen beheersrechten", '401 unauthorised');
if ($_FILES) {
$response = ['uploaded' => 0];
try {
require_once('upload.inc.php');
- $datadir = implode('/', ['data', date('Y')]);
- if ($Args) $datadir .= $Args;
+ $datadir = implode('/', ['data', date('Y'), $User->login]);
+ if ($Page->path) $datadir .= $Page->path;
$target = userupload(@$_FILES['upload'], $datadir);
if ($target) {
+ $target = "/thumb/640x/$target";
$response['fileName'] = $_FILES['upload']['name'];
$response['url'] = str_replace('%2F', '/', urlencode($target));
$response['uploaded']++;
if (!$_POST)
abort("niets te doen", '405 post error');
-if (!$Args)
- abort("geen bestand aangeleverd", '409 input error');
-$filename = trim($Args, '/');
-if (preg_match('{^\.}', $filename))
- abort("ongeldige bestandsnaam: $filename", '403 input error');
+$request = trim($Page->path, '/') ?: 'index';
+if (preg_match('{^\.}', $request))
+ abort("ongeldige bestandsnaam: $request", '403 input error');
+$filename = $request;
if (is_dir($filename) && !file_exists("$filename.html"))
$filename .= '/index';
$filename .= '.html';
if (!file_exists(dirname($filename)) and !mkdir(dirname($filename), 0777, TRUE))
abort("fout bij aanmaken van map voor $filename", '500 save error');
+if (file_exists($filename) and file_get_contents($filename) === $upload)
+ abort('niet aangepast', '200 unaltered');
+
if (!file_put_contents($filename, $upload))
abort("fout bij schrijven van $filename", '500 save error');
-if (is_writable('../.git')) {
- $gitmsg = preg_replace('/\.html$/', '', $filename).": edit from {$_SERVER['REMOTE_ADDR']}";
+if (is_writable('.git')) {
+ $gitmsg = "$request: edit from {$_SERVER['REMOTE_ADDR']}";
$gitcmd = 'git';
$gitcmd .= ' -c user.name='.escapeshellarg($User->name ?: $User->login);
$gitcmd .= ' -c user.email='.escapeshellarg($User->email ?: "{$User->login}@lijtweg.nl");