scratch

Subversion Repositories:
Compare Path: Rev
With Path: Rev
?path1? @ 29  →  ?path2? @ 28
File deleted
/quickload/share-text.php
/quickload/store-text.php
@@ -0,0 +1,43 @@
<?php
 
###########################################################################
## Copyright (C) Wizardry and Steamworks 2017 - License: GNU GPLv3 ##
###########################################################################
 
require_once('inc/pseudocrypt.php');
require_once('inc/functions.php');
require_once('config.php');
 
#### Retrieve uploaded file.
if (!isset($_POST['data']) or empty($_POST['data']) or
!isset($_POST['action']) or empty($_POST['action']))
return;
 
#### Build the user path.
$userPath = join(
DIRECTORY_SEPARATOR,
array(
$STORE_FOLDER,
$SHARED_EDITOR_FILE
)
);
 
#### Check for path traversals
$pathPart = pathinfo($userPath);
if (strcasecmp(
realpath($pathPart['dirname']), realpath($STORE_FOLDER)) != 0)
return;
 
$data = $_POST['data'];
 
switch(strtoupper($_POST['action'])) {
case 'SAVE':
#### Store the file.
atomized_put_contents($userPath, $data);
break;
case 'LOAD':
header('Content-Type: text/html; charset=utf-8');
echo atomized_get_contents($userPath, $data);
break;
}
 
/quickload/text.html
@@ -70,25 +70,17 @@
<script>
$(document).ready(() => {
$('#trumbowyg').trumbowyg({
autogrow: true,
disabled: true
}).on('tbwchange', () => {
$('#editor').trumbowyg('disable');
$.post('share-text.php', {
data: $('#trumbowyg').trumbowyg('html'),
}).done((data) => {
$('#trumbowyg').trumbowyg('enable');
}).fail(() => {
$('#trumbowyg').trumbowyg('enable');
autogrow: true
}).on("tbwchange", () => {
$.post("store-text.php",
{
text: $('#trumbowyg').trumbowyg('html'),
action: 'save'
},
function(data, status){
//alert("Data: " + data + "\nStatus: " + status);
});
});
$.get('share-text.php').done((data) => {
$('#trumbowyg')
.trumbowyg('html', data);
$('#trumbowyg').trumbowyg('enable');
}).fail(() => {
$('#trumbowyg').trumbowyg('enable');
});
});
</script>
</body>