git.shiar.nl
/
minimedit.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
page: move client authentication to php include
[minimedit.git]
/
edit.php
diff --git
a/edit.php
b/edit.php
index 94206bb054732b0410370b3b6bfe135f3c3bae77..9532e423e202291aa469397567f4a3246b90cc05 100755
(executable)
--- a/
edit.php
+++ b/
edit.php
@@
-5,6
+5,10
@@
function abort($status, $body) {
exit;
}
exit;
}
+require 'auth.inc.php';
+if (!$editable)
+ abort('401 unauthorised', "geen beheersrechten");
+
if (!$_POST)
abort('405 post error', "niets te doen");
if (!isset($_SERVER['PATH_INFO']) or strlen($_SERVER['PATH_INFO']) <= 1)
if (!$_POST)
abort('405 post error', "niets te doen");
if (!isset($_SERVER['PATH_INFO']) or strlen($_SERVER['PATH_INFO']) <= 1)
@@
-29,7
+33,8
@@
if (!strlen($upload)) {
exit;
}
exit;
}
-$prepend = "<?php include 'head.inc.php'; ?>\n\n";
+$rootpath = str_repeat('../', substr_count($filename, '/'));
+$prepend = "<?php include '${rootpath}head.inc.php'; ?>\n\n";
$append = "\n";
if (!file_put_contents($filename, $prepend . $upload . $append))
$append = "\n";
if (!file_put_contents($filename, $prepend . $upload . $append))