-
Notifications
You must be signed in to change notification settings - Fork 52
/
index.php
104 lines (90 loc) · 3.36 KB
/
index.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
<?php
// based on https://github.com/pereorga/minimalist-web-notepad
// configuration settings, edit settings in config.php as appropriate
// settings include the base url, the notes path and the menu items displayed
include('config.php');
// Disable caching.
header('Cache-Control: no-cache, no-store, must-revalidate');
header('Pragma: no-cache');
header('Expires: 0');
// If a note's name is not provided or contains non-alphanumeric/non-ASCII or a '-' characters.
if (!isset($_GET['note']) || !preg_match('/^([a-zA-Z0-9]+(-[a-zA-Z0-9]+)*)$/', $_GET['note'])) {
// Generate a name with 5 random unambiguous characters. Redirect to it.
header("Location: $base_url/" . substr(str_shuffle('2345679abcdefghjkmnpqrstwxyz'), -5));
die;
}
$path = $data_directory . $_GET['note'];
$include_Header = true; //required for password protected notes
include 'modules/header.php';
if (isset($_POST['text'])) {
// Update file.
$header = "";
$responseText = "";
if ($include_Header) { if (checkHeader($path, null) || isset($_POST['notepwd'])) { $header = setHeader($allow_password);} else $header = "";}
file_put_contents($path, $header . $_POST['text']);
$responseText = "saved"; //for lastsaved logic
// the following 3 lines can be commented out if you don't want to check write permissions
$filecheck = file_exists($path);
if ($filecheck) $responseText = "saved"; //for lastsaved logic
if (!is_writable($path)) $responseText = 'error';
// If provided input is empty, delete file.
if (!strlen($_POST['text'])) {
unlink($path);
$responseText = "deleted";
}
echo $responseText;
die();
}
// Output raw file if client is curl. No current handling of password protected notes
if (strpos($_SERVER['HTTP_USER_AGENT'], 'curl') === 0) {
if (is_file($path)) {
if ($include_Header) {
print getFileContents($path, 'curl');
}
else {
file_get_contents($path, 'curl');
}
}
die();
}
$content = '';
if (is_file($path)) {
if ($include_Header) {
// requires custom function instead of just file_get_contents to handle header data in first line of file
$content= htmlspecialchars(getFileContents($path), ENT_QUOTES, 'UTF-8');
}
else {
file_get_contents($path, ENT_QUOTES, 'UTF-8');
}
}
?>
<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<meta name="generator" content="Minimal Web Notepad (https://github.com/domorielton/minimal-web-notepad)">
<title><?php print $_GET['note']; ?></title>
<link rel="shortcut icon" href="favicon.ico">
<link rel="stylesheet" href="css/styles.min.css">
</head>
<body>
<div id="container" class="container">
<textarea id="content" class="content"><?php
echo $content;
?></textarea>
</div>
<pre id="printable"></pre>
<script src="js/script.min.js"></script>
<?php
if ($allow_menu) include 'modules/menu.php';
if ($allow_lastsaved) include 'modules/lastsaved.php';
// add this last to make sure modal handling is loaded
if ($allow_password) {
include 'modules/password.php';
echo '<script src="modules/js/modal.min.js"></script>'.PHP_EOL;
echo "<script src='modules/js/password.min.js'></script>".PHP_EOL;
}
if ($include_Header) { checkHeader($path, null, true); } //check if the removePassword be shown ?>
</body>
</html>