palm-paste/post.php

74 lines
2.4 KiB
PHP
Raw Normal View History

2016-06-09 09:22:48 +01:00
<?php
include_once "config/config.php";
function generate_uid () {
$conn = GetConnectionToDB();
$name = '';
// We start at N retries, and --N until we give up
$tries = 500;
do {
// Iterate until we reach the maximum number of retries
if ($tries-- == 0) throw new Exception('Gave up trying to find an unused name', 500);
$chars = 'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789';
$name = '';
for ($i = 0; $i < 8; $i++) {
$name .= $chars[mt_rand(0, 61)];
// $chars string length is hardcoded, should use a variable to store it?
}
// Check if a paste with the same uid does already exist in the database
$q = $conn->prepare('SELECT COUNT(uid) FROM pastes WHERE uid = (:name)');
$q->bindValue(':name', $name, PDO::PARAM_STR);
$q->execute();
$result = $q->fetchColumn();
// If it does, generate a new uid
} while($result > 0);
$conn = null;
return $name;
}
2016-06-09 09:22:48 +01:00
if(isset($_POST["type"])){
//===New_Paste===//
if($_POST["type"]=="paste" && isset($_POST["text"])){
/* Set paste details */
$title = "Untitled";
$text = $_POST["text"];
$exposure = 0;
2016-06-09 09:22:48 +01:00
if(isset($_POST["title"]))
$title = $_POST["title"];
if(isset($_POST["exposure"]) && is_numeric($_POST["exposure"]))
$exposure = $_POST["exposure"];
$uid = generate_uid();
$created = time();
$expire = 0;
if(isset($_POST["expire"]) && is_numeric($_POST["expire"]))
$expire = $created + $_POST["expire"];
$owner = 0;
$syntax = "plain";
if(isset($_POST["syntax"]))
$syntax=$_POST["syntax"];
if(isset($_POST["asguest"]) && $_POST["asguest"]=="on")
$owner = 0;
else if(isset($_COOKIE["pp_sid"]) && isset($_COOKIE["pp_skey"])){
include "includes/user.php";
$owner = GetUsersIDBySession($_COOKIE["pp_sid"],$_COOKIE["pp_skey"]);
}
2016-06-09 09:22:48 +01:00
/* Add paste to database */
$conn = GetConnectionToDB();
$QuerySTR = "INSERT INTO pastes (uid,title,text,created,expire,exposure,owner,highlight)
VALUES (:uid, :tit, :txt, :cre, :exp, :exposure, :own, :hl)";
$stmt = $conn->prepare($QuerySTR);
$stmt->bindParam(':exp', $expire);
$stmt->bindParam(':uid', $uid);
2016-06-09 09:22:48 +01:00
$stmt->bindParam(':tit', $title);
$stmt->bindParam(':txt', $text);
$stmt->bindParam(':cre', $created);
$stmt->bindParam(':exposure', $exposure);
$stmt->bindParam(':own', $owner);
$stmt->bindParam(':hl', $syntax);
2016-06-09 09:22:48 +01:00
$stmt->execute();
$conn = null; //close connection to database
header("Location: ".$uid);
2016-06-09 10:02:09 +01:00
die();
2016-06-09 09:22:48 +01:00
}
}
?>