scratch
/quickload/config.php.dist |
@@ -8,8 +8,10 @@ |
# uploaded. |
$STORE_FOLDER = '/var/www/incoming/'; |
|
# Set this to the URL path of the folder where the files can be |
# retrieved. |
# Temporary editor file shared by all clients. |
$SHARED_EDITOR_FILE = 'share.html'; |
|
# Set this to the URL path of the folder where the files can be retrieved. |
$URL_PATH = 'http://my.tld/incoming/'; |
|
# A list of allowed files by extension that the template will accept. |
@@ -29,6 +31,8 @@ |
"BZ2", |
"TXT", |
"CSV", |
"HTML", |
"HTM", |
"DOC", |
"DOCX", |
"XLS", |
@@ -35,3 +39,4 @@ |
"MP4", |
"MP3" |
]; |
|
/quickload/store-text.php |
@@ -0,0 +1,43 @@ |
<?php |
|
########################################################################### |
## Copyright (C) Wizardry and Steamworks 2017 - License: GNU GPLv3 ## |
########################################################################### |
|
require_once('inc/pseudocrypt.php'); |
require_once('inc/functions.php'); |
require_once('config.php'); |
|
#### Retrieve uploaded file. |
if (!isset($_POST['data']) or empty($_POST['data']) or |
!isset($_POST['action']) or empty($_POST['action'])) |
return; |
|
#### Build the user path. |
$userPath = join( |
DIRECTORY_SEPARATOR, |
array( |
$STORE_FOLDER, |
$SHARED_EDITOR_FILE |
) |
); |
|
#### Check for path traversals |
$pathPart = pathinfo($userPath); |
if (strcasecmp( |
realpath($pathPart['dirname']), realpath($STORE_FOLDER)) != 0) |
return; |
|
$data = $_POST['data']; |
|
switch(strtoupper($_POST['action'])) { |
case 'SAVE': |
#### Store the file. |
atomized_put_contents($userPath, $data); |
break; |
case 'LOAD': |
header('Content-Type: text/html; charset=utf-8'); |
echo atomized_get_contents($userPath, $data); |
break; |
} |
|
/quickload/text.html |
@@ -74,10 +74,11 @@ |
}).on("tbwchange", () => { |
$.post("store-text.php", |
{ |
text: $('#trumbowyg').trumbowyg('html') |
text: $('#trumbowyg').trumbowyg('html'), |
action: 'save' |
}, |
function(data, status){ |
alert("Data: " + data + "\nStatus: " + status); |
//alert("Data: " + data + "\nStatus: " + status); |
}); |
}); |
}); |