X-Git-Url: http://git.shiar.net/minimedit.git/blobdiff_plain/d4fc5883a123ce28c56a963e77c700db04e26ac9..d1d031e348974975891a7ad232ef387e95abdd61:/edit.php

diff --git a/edit.php b/edit.php
index 9532e42..01d83df 100755
--- a/edit.php
+++ b/edit.php
@@ -5,8 +5,7 @@ function abort($status, $body) {
 	exit;
 }
 
-require 'auth.inc.php';
-if (!$editable)
+if (!$User['admin'])
 	abort('401 unauthorised', "geen beheersrechten");
 
 if (!$_POST)
@@ -14,7 +13,7 @@ if (!$_POST)
 if (!isset($_SERVER['PATH_INFO']) or strlen($_SERVER['PATH_INFO']) <= 1)
 	abort('409 input error', "geen bestand aangeleverd");
 
-$filename = preg_replace('/(?:\.php)?$/', '.php', ltrim($_SERVER['PATH_INFO'], '/'), 1);
+$filename = ltrim($Args, '/').'.html';
 if (file_exists($filename) and !is_writable($filename))
 	abort('403 input error', "ongeldige bestandsnaam: $filename");
 if (is_executable($filename))
@@ -33,11 +32,7 @@ if (!strlen($upload)) {
 	exit;
 }
 
-$rootpath = str_repeat('../', substr_count($filename, '/'));
-$prepend = "<?php include '${rootpath}head.inc.php'; ?>\n\n";
-$append  = "\n";
-
-if (!file_put_contents($filename, $prepend . $upload . $append))
+if (!file_put_contents($filename, $upload))
 	abort('500 save error', "fout bij schrijven van $filename");
 
 print "Bestand opgeslagen";