4 if (empty($User['admin']))
5 abort("geen beheersrechten", '401 unauthorised');
8 $response = ['uploaded' => 0];
10 $img = @$_FILES['upload'];
11 $response['fileName'] = $img['name'];
12 if (!$img or $img['error'] !== UPLOAD_ERR_OK)
13 throw new Exception('bestand niet goed ontvangen: '.$img['error']);
15 $datadir = implode('/', ['data', date('Y')]);
16 if ($Args) $datadir .= $Args;
17 if (!file_exists($datadir) and !@mkdir($datadir, 0777, TRUE)) {
18 throw new Exception("bestand kon niet geplaatst worden in $datadir");
21 $target = $datadir.'/'.$img['name'];
22 $response['url'] = str_replace('%2F', '/', urlencode($target));
23 if (!@move_uploaded_file($img['tmp_name'], $target)) {
24 throw new Exception('bestand kon niet worden opgeslagen');
26 $response['uploaded']++;
28 catch (Exception $e) {
29 $response['error'] = ['message' => $e->getMessage()];
32 switch (@$_GET['output']) {
34 print json_encode($response);
37 if (empty($response['url'])) break;
38 printf('<script>window.parent.CKEDITOR.tools.callFunction(%s)</script>',
39 "{$_GET['CKEditorFuncNum']}, '{$response['url']}'"
43 if (empty($response['url'])) break;
47 if (isset($response['error'])) {
48 abort($response['error']['message'], '409 upload error');
54 abort("niets te doen", '405 post error');
56 abort("geen bestand aangeleverd", '409 input error');
58 $filename = ltrim($Args, '/').'.html';
59 if (preg_match('{^\.}', $filename))
60 abort("ongeldige bestandsnaam: $filename", '403 input error');
61 if (file_exists($filename) and !is_writable($filename))
62 abort("onwijzigbaar bestand: $filename", '403 input error');
64 if (!isset($_POST['body']))
65 abort("geen inhoud aangeleverd", '409 input error');
67 $upload = $_POST['body'];
69 if (!strlen($upload)) {
70 if (file_exists($filename) and !unlink($filename))
71 abort("fout bij het verwijderen van $filename", '500 delete error');
73 abort("Bestand verwijderd");
76 if (!file_exists(dirname($filename)) and !mkdir(dirname($filename), 0777, TRUE))
77 abort("fout bij aanmaken van map voor $filename", '500 save error');
79 if (!file_put_contents($filename, $upload))
80 abort("fout bij schrijven van $filename", '500 save error');
82 if (is_writable('../.git')) {
83 $gitmsg = preg_replace('/\.html$/', '', $filename).": edit from {$_SERVER['REMOTE_ADDR']}";
85 $gitcmd .= ' -c user.name='.escapeshellarg($User['name']);
86 $gitcmd .= ' -c user.email='.escapeshellarg("{$User['name']}@lijtweg.nl");
87 $gitcmd .= ' commit -q';
88 $gitcmd .= ' -m '.escapeshellarg($gitmsg);
89 $gitcmd .= ' -- '.escapeshellarg($filename);
90 exec("$gitcmd 2>&1", $gitlog, $gitstatus);
92 trigger_error("git commit failure $gitstatus: ".implode("\n", $gitlog), E_USER_WARNING);
96 abort("Bestand opgeslagen");