2 if (!$User->admin("edit {$Page->link}"))
3 abort("geen beheersrechten", '401 unauthorised');
6 $response = ['uploaded' => 0];
8 require_once('upload.inc.php');
9 $datadir = implode('/', ['data', date('Y')]);
10 if ($Page->path) $datadir .= $Page->path;
11 $target = userupload(@$_FILES['upload'], $datadir);
13 $response['fileName'] = $_FILES['upload']['name'];
14 $response['url'] = str_replace('%2F', '/', urlencode($target));
15 $response['uploaded']++;
18 catch (Exception $e) {
19 $response['error'] = ['message' => $e->getMessage()];
22 switch (@$_GET['output']) {
24 print json_encode($response);
27 if (empty($response['url'])) break;
28 printf('<script>window.parent.CKEDITOR.tools.callFunction(%s)</script>',
29 "{$_GET['CKEditorFuncNum']}, '{$response['url']}'"
33 if (empty($response['url'])) break;
37 if (isset($response['error'])) {
38 abort($response['error']['message'], '409 upload error');
44 abort("niets te doen", '405 post error');
46 $filename = trim($Page->path, '/') ?: 'index';
47 if (preg_match('{^\.}', $filename))
48 abort("ongeldige bestandsnaam: $filename", '403 input error');
49 if (is_dir($filename) && !file_exists("$filename.html"))
50 $filename .= '/index';
52 if (file_exists($filename) and !is_writable($filename))
53 abort("onwijzigbaar bestand: $filename", '403 input error');
55 if (!isset($_POST['body']))
56 abort("geen inhoud aangeleverd", '409 input error');
58 $upload = $_POST['body'];
60 if (!strlen($upload)) {
61 if (file_exists($filename) and !unlink($filename))
62 abort("fout bij het verwijderen van $filename", '500 delete error');
64 abort("Bestand verwijderd");
67 if (!file_exists(dirname($filename)) and !mkdir(dirname($filename), 0777, TRUE))
68 abort("fout bij aanmaken van map voor $filename", '500 save error');
70 if (!file_put_contents($filename, $upload))
71 abort("fout bij schrijven van $filename", '500 save error');
73 if (is_writable('../.git')) {
74 $gitmsg = preg_replace('/\.html$/', '', $filename).": edit from {$_SERVER['REMOTE_ADDR']}";
76 $gitcmd .= ' -c user.name='.escapeshellarg($User->name ?: $User->login);
77 $gitcmd .= ' -c user.email='.escapeshellarg($User->email ?: "{$User->login}@lijtweg.nl");
78 $gitcmd .= ' commit -q';
79 $gitcmd .= ' -m '.escapeshellarg($gitmsg);
80 $gitcmd .= ' -- '.escapeshellarg($filename);
81 exec("$gitcmd 2>&1", $gitlog, $gitstatus);
83 trigger_error("git commit failure $gitstatus: ".implode("\n", $gitlog), E_USER_WARNING);
87 abort("Bestand opgeslagen");