From dc806dabbc23a621995133538a77d907b66cc465 Mon Sep 17 00:00:00 2001
From: Mischa POSLAWSKY <perl@shiar.org>
Date: Fri, 29 Sep 2017 14:08:26 +0200
Subject: [PATCH] edit: store file uploads to data/$year/

---
 edit.php | 11 +++++++++++
 1 file changed, 11 insertions(+)

diff --git a/edit.php b/edit.php
index 1b81ccf..75b80b3 100644
--- a/edit.php
+++ b/edit.php
@@ -10,6 +10,17 @@ function abort($body, $status = NULL) {
 if (!@$User['admin'])
 	abort("geen beheersrechten", '401 unauthorised');
 
+if ($_FILES) {
+	$img = @$_FILES['upload'];
+	if (!$img or $img['error'] !== UPLOAD_ERR_OK)
+		abort('bestand niet goed ontvangen: '.$img['error'], '409 upload error');
+
+	$datadir = 'data/' . date('Y');
+	$target = $datadir.'/'.$img['name'];
+	move_uploaded_file($img['tmp_name'], $target);
+	abort($target);
+}
+
 if (!$_POST)
 	abort("niets te doen", '405 post error');
 if (!$Args)
-- 
2.30.0