-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathindex.php
67 lines (57 loc) · 2.06 KB
/
index.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
<?php
// Base URL of the website, without trailing slash.
$base_url = 'https://notes.orga.cat';
// Path to the directory to save the notes in, without trailing slash.
// Should be outside of the document root, if possible.
$save_path = '_tmp';
// Disable caching.
header('Cache-Control: no-cache, no-store, must-revalidate');
header('Pragma: no-cache');
header('Expires: 0');
// If no name is provided or it contains invalid characters or it is too long.
if (!isset($_GET['note']) || !preg_match('/^[a-zA-Z0-9_-]+$/', $_GET['note']) || strlen($_GET['note']) > 64) {
// Generate a name with 5 random unambiguous characters. Redirect to it.
header("Location: $base_url/" . substr(str_shuffle('234579abcdefghjkmnpqrstwxyz'), -5));
die;
}
$path = $save_path . '/' . $_GET['note'];
if (isset($_POST['text'])) {
// Update file.
file_put_contents($path, $_POST['text']);
// If provided input is empty, delete file.
if (!strlen($_POST['text'])) {
unlink($path);
}
die;
}
// Print raw file if the client is curl, wget, or when explicitly requested.
if (isset($_GET['raw']) || strpos($_SERVER['HTTP_USER_AGENT'], 'curl') === 0 || strpos($_SERVER['HTTP_USER_AGENT'], 'Wget') === 0) {
if (is_file($path)) {
header('Content-type: text/plain');
print file_get_contents($path);
} else {
header('HTTP/1.0 404 Not Found');
}
die;
}
?><!DOCTYPE html>
<html>
<head>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title><?php print $_GET['note']; ?></title>
<link rel="icon" href="<?php print $base_url; ?>/favicon.svg" type="image/svg+xml">
<link rel="stylesheet" href="<?php print $base_url; ?>/styles.css">
</head>
<body>
<div class="container">
<textarea id="content"><?php
if (is_file($path)) {
print htmlspecialchars(file_get_contents($path), ENT_QUOTES, 'UTF-8');
}
?></textarea>
</div>
<pre id="printable"></pre>
<script src="<?php print $base_url; ?>/script.js"></script>
</body>
</html>