page: replace global variables by $Page object

[minimedit.git] / edit / page / index.php

diff --git a/edit/page/index.php b/edit/page/index.php
index 1daed8542c798f9b64e087c4afd523c7be933b1a..13ebd242ec9a91b939832313ce4974a947b02129 100644 (file)
--- a/edit/page/index.php
+++ b/edit/page/index.php
@@ -1,7 +1,5 @@
 <?php
-ob_clean();
-
-if (!$User or !$User->admin)
+if (!$User->admin("edit {$Page->link}"))
        abort("geen beheersrechten", '401 unauthorised');
 
 if ($_FILES) {
@@ -9,7 +7,7 @@ if ($_FILES) {
        try {
                require_once('upload.inc.php');
                $datadir = implode('/', ['data', date('Y')]);
-               if ($Args) $datadir .= $Args;
+               if ($Page->path) $datadir .= $Page->path;
                $target = userupload(@$_FILES['upload'], $datadir);
                if ($target) {
                        $response['fileName'] = $_FILES['upload']['name'];
@@ -44,12 +42,13 @@ if ($_FILES) {
 
 if (!$_POST)
        abort("niets te doen", '405 post error');
-if (!$Args)
-       abort("geen bestand aangeleverd", '409 input error');
 
-$filename = ltrim($Args, '/').'.html';
+$filename = trim($Page->path, '/') ?: 'index';
 if (preg_match('{^\.}', $filename))
        abort("ongeldige bestandsnaam: $filename", '403 input error');
+if (is_dir($filename) && !file_exists("$filename.html"))
+       $filename .= '/index';
+$filename .= '.html';
 if (file_exists($filename) and !is_writable($filename))
        abort("onwijzigbaar bestand: $filename", '403 input error');