new.php (3271B)
1 <?php
2
3 /* Load library functions */
4 foreach (glob($_SERVER["DOCUMENT_ROOT"] . "/lib/*.php") as $lib) {
5 include($lib);
6 }
7
8 /* Load configurations */
9 foreach (glob($_SERVER["DOCUMENT_ROOT"] . "/config/*.php") as $conf) {
10 include($conf);
11 }
12
13 /* Gather POST input and validate if necessary */
14 $category = validate_input_string(gather_post("category"));
15 $filename = validate_input_string(gather_post("filename"));
16 $content = gather_post("content");
17 $return = gather_post("return");
18 $user = validate_input_string(gather_post("user"));
19 $token = validate_input_string(gather_post("token"));
20
21 /* Fallback to GET request, if no POST was found */
22 if (empty($category)) {
23 $category = validate_input_string(gather_get("category"));
24 }
25 if (empty($return)) {
26 $return = validate_input_string(gather_get("return"));
27 }
28 if (empty($filename)) {
29 $filename = validate_input_string(gather_get("filename"));
30 }
31 if (empty($content)) {
32 $content = gather_get("content");
33 }
34 if (empty($user)) {
35 $user = validate_input_string(gather_get("user"));
36 }
37 if (empty($token)) {
38 $token = validate_input_string(gather_get("token"));
39 }
40
41 /* read information from cookie */
42 if (
43 (empty($user) || empty($token)) &&
44 (array_key_exists("session", $_COOKIE))
45 ) {
46 $user = explode("|", $_COOKIE["session"])[0];
47 $token = explode("|", $_COOKIE["session"])[1];
48 }
49
50 /* if category is unset, set it! */
51 if (empty($category)) {
52 $category = "unknown";
53 }
54
55 /* run authentification method. exit immediately if it fails */
56 $auth = auth_user($user, $token);
57 if ($auth !== true) {
58 http_response_code(401); // unauthorized
59 api_error($return, $GLOBALS["i18n_noauth"]);
60 exit(1);
61 }
62
63 /* if filename is empty, figure it out */
64 if (empty($filename)) {
65 $filename = generate_filename($content);
66 }
67
68 /* ensure the given filename has a valid extension */
69 if (count(preg_grep("/\.txt$/", array($filename), PREG_GREP_INVERT)) > 0) {
70 $filename = $filename . ".txt";
71 }
72
73 /* rename file if it already exists */
74 $file_path = $GLOBALS["data_dir"] . "/" .
75 $user . "/" .
76 $category . "/" .
77 $filename;
78 /* find new unique filename by adding a counter in front */
79 if (file_exists($filepath)) {
80 $file_counter = 0;
81 while (file_exists($filepath)) {
82 $file_counter++;
83 $filepath = $GLOBALS["data_dir"] . $user . "/" . $category . "/" .
84 $file_counter . "_" . $filename;
85 }
86 /* update filename, once we found a unique one */
87 $filename = $file_counter . "_" . $filename;
88 }
89
90 /* write note */
91 $written = write_note(
92 $user,
93 $category,
94 $filename,
95 $content
96 );
97
98 if ($written === true) {
99 http_response_code(200); // successful
100 api_write_success($return, $user . "/" . $category . "/" . $filename);
101 exit(0);
102 } else {
103 http_response_code(500); // internal server error
104 api_write_error($return, $GLOBALS["i18n_unknown_error"]);
105 exit(1);
106 }
107
108 ?>