git.shiar.nl
/
minimedit.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
page: wrap menu in header container
[minimedit.git]
/
edit.php
diff --git
a/edit.php
b/edit.php
index 12859595de865444baf29dd94a8f1eaa1b61ca57..fe80528a7d1c83faca00ef8e751cf5e271baae72 100755
(executable)
--- a/
edit.php
+++ b/
edit.php
@@
-5,12
+5,16
@@
function abort($status, $body) {
exit;
}
exit;
}
+require 'auth.inc.php';
+if (!$Admin)
+ abort('401 unauthorised', "geen beheersrechten");
+
if (!$_POST)
abort('405 post error', "niets te doen");
if (!isset($_SERVER['PATH_INFO']) or strlen($_SERVER['PATH_INFO']) <= 1)
abort('409 input error', "geen bestand aangeleverd");
if (!$_POST)
abort('405 post error', "niets te doen");
if (!isset($_SERVER['PATH_INFO']) or strlen($_SERVER['PATH_INFO']) <= 1)
abort('409 input error', "geen bestand aangeleverd");
-$filename =
preg_replace('/(?:\.php)?$/', '.php', ltrim($_SERVER['PATH_INFO'], '/'), 1)
;
+$filename =
ltrim($Args, '/').'.html'
;
if (file_exists($filename) and !is_writable($filename))
abort('403 input error', "ongeldige bestandsnaam: $filename");
if (is_executable($filename))
if (file_exists($filename) and !is_writable($filename))
abort('403 input error', "ongeldige bestandsnaam: $filename");
if (is_executable($filename))
@@
-29,11
+33,7
@@
if (!strlen($upload)) {
exit;
}
exit;
}
-$rootpath = str_repeat('../', substr_count($filename, '/'));
-$prepend = "<?php include '${rootpath}head.inc.php'; ?>\n\n";
-$append = "\n";
-
-if (!file_put_contents($filename, $prepend . $upload . $append))
+if (!file_put_contents($filename, $upload))
abort('500 save error', "fout bij schrijven van $filename");
print "Bestand opgeslagen";
abort('500 save error', "fout bij schrijven van $filename");
print "Bestand opgeslagen";