mirror of
https://github.com/pikami/palm-paste.git
synced 2024-11-27 06:05:44 +00:00
Users now have the ability to edit their own pastes
This commit is contained in:
parent
352f24fcd9
commit
b37b3264d7
@ -6,4 +6,5 @@ RewriteBase "/paste/"
|
|||||||
|
|
||||||
RewriteRule ^u/([A-Za-z0-9-]+)/?$ index.php?user=$1
|
RewriteRule ^u/([A-Za-z0-9-]+)/?$ index.php?user=$1
|
||||||
RewriteRule ^delete/([A-Za-z0-9-]+)/?$ delete.php?id=$1
|
RewriteRule ^delete/([A-Za-z0-9-]+)/?$ delete.php?id=$1
|
||||||
|
RewriteRule ^edit/([A-Za-z0-9-]+)/?$ index.php?page=edit&id=$1
|
||||||
RewriteRule ^([A-Za-z0-9-]+)/?$ index.php?page=$1
|
RewriteRule ^([A-Za-z0-9-]+)/?$ index.php?page=$1
|
||||||
|
@ -41,7 +41,12 @@ if($stmt->rowCount()>0){
|
|||||||
//Paste url
|
//Paste url
|
||||||
printf('<td style="text-align: right;"><a href="'.htmlspecialchars($row["uid"], ENT_QUOTES, 'UTF-8').'">'.htmlspecialchars($row["uid"], ENT_QUOTES, 'UTF-8').'</a></td>');
|
printf('<td style="text-align: right;"><a href="'.htmlspecialchars($row["uid"], ENT_QUOTES, 'UTF-8').'">'.htmlspecialchars($row["uid"], ENT_QUOTES, 'UTF-8').'</a></td>');
|
||||||
//Actions
|
//Actions
|
||||||
printf('<td style="text-align: right;"><a href="delete/'.htmlspecialchars($row["uid"], ENT_QUOTES, 'UTF-8').'"><span class="glyphicon glyphicon-trash" aria-hidden="true"></span></s></td></tr>');
|
printf('<td style="text-align: right;">');
|
||||||
|
//delete paste
|
||||||
|
printf('<a href="delete/'.htmlspecialchars($row["uid"], ENT_QUOTES, 'UTF-8').'"><span class="glyphicon glyphicon-trash" title="Delete paste" aria-hidden="true"></span>');
|
||||||
|
//edit paste
|
||||||
|
printf('<a href="edit/'.htmlspecialchars($row["uid"], ENT_QUOTES, 'UTF-8').'"><span class="glyphicon glyphicon-edit" title="Edit paste" aria-hidden="true"></span>');
|
||||||
|
printf('</td></tr>');
|
||||||
}
|
}
|
||||||
printf('</tbody></talbe>');
|
printf('</tbody></talbe>');
|
||||||
} else {
|
} else {
|
||||||
|
@ -1,21 +1,41 @@
|
|||||||
<div class="panel panel-default">
|
<div class="panel panel-default">
|
||||||
<div class="panel-body">
|
<div class="panel-body">
|
||||||
<form role="form" method="post" action="post.php" onsubmit="document.getElementById('submit').disabled=true;document.getElementById('submit').value='Please wait...';">
|
<?php
|
||||||
|
$edit_mode = false;
|
||||||
|
if(isset($_GET['page']) && $_GET['page']=='edit'){
|
||||||
|
$edit_mode = true;
|
||||||
|
printf('You are editing paste '.$_GET['id']);
|
||||||
|
printf('<form role="form" method="post" action="../post.php" onsubmit="document.getElementById(\'submit\').disabled=true;document.getElementById(\'submit\').value=\'Please wait...\';">');
|
||||||
|
}else printf('<form role="form" method="post" action="post.php" onsubmit="document.getElementById(\'submit\').disabled=true;document.getElementById(\'submit\').value=\'Please wait...\';">');
|
||||||
|
?>
|
||||||
<div class="form-group">
|
<div class="form-group">
|
||||||
<label for="title">Paste title:</label>
|
<label for="title">Paste title:</label>
|
||||||
<input type="title" class="form-control" id="title" name="title">
|
<?php
|
||||||
|
if($edit_mode == true){
|
||||||
|
printf('<input type="title" class="form-control" value="'.$row['title'].'" id="title" name="title">');
|
||||||
|
} else printf('<input type="title" class="form-control" id="title" name="title">');
|
||||||
|
?>
|
||||||
</div>
|
</div>
|
||||||
<div class="form-group">
|
<div class="form-group">
|
||||||
<label for="text">New paste:</label>
|
<label for="text">New paste:</label>
|
||||||
<textarea class="form-control" rows="5" id="text" name="text"></textarea>
|
<?php
|
||||||
|
if($edit_mode == true){
|
||||||
|
printf('<textarea class="form-control" rows="5" id="text" name="text">'.$row['text'].'</textarea>');
|
||||||
|
} else printf('<textarea class="form-control" rows="5" id="text" name="text"></textarea>');
|
||||||
|
?>
|
||||||
</div>
|
</div>
|
||||||
<input type='hidden' name='type' value='paste'></input>
|
<?php
|
||||||
|
if($edit_mode == true){
|
||||||
|
printf("<input type='hidden' name='type' value='edit_paste'></input>");
|
||||||
|
printf("<input type='hidden' name='uid' value='".$row['uid']."'></input>");
|
||||||
|
} else printf("<input type='hidden' name='type' value='paste'></input>");
|
||||||
|
?>
|
||||||
<div class="container-fluid">
|
<div class="container-fluid">
|
||||||
<div class="row">
|
<div class="row">
|
||||||
<div class="col-sm-6">
|
<div class="col-sm-6">
|
||||||
<!-- Posting as guest -->
|
<!-- Posting as guest -->
|
||||||
<div class="checkbox">
|
<div class="checkbox">
|
||||||
<label><input type="checkbox" name="asguest">Post as guest</label>
|
<label><input type="checkbox" name="asguest">Post as guest</label>
|
||||||
</div>
|
</div>
|
||||||
<!-- Submit -->
|
<!-- Submit -->
|
||||||
<button type="submit" class="btn btn-default">Submit</button>
|
<button type="submit" class="btn btn-default">Submit</button>
|
||||||
@ -36,6 +56,10 @@
|
|||||||
<div class="form-group">
|
<div class="form-group">
|
||||||
<label for="syntax">Syntax Highlight:</label>
|
<label for="syntax">Syntax Highlight:</label>
|
||||||
<select data-placeholder="None" class="form-control chosen-select" id="syntax" name="syntax">
|
<select data-placeholder="None" class="form-control chosen-select" id="syntax" name="syntax">
|
||||||
|
<?php
|
||||||
|
if($edit_mode == true)
|
||||||
|
print '<option value="'.$row['highlight'].'">Current ('.$row['highlight'].')</option>';
|
||||||
|
?>
|
||||||
<option value="plain">Plain</option>
|
<option value="plain">Plain</option>
|
||||||
<option value="applescript">AppleScript</option>
|
<option value="applescript">AppleScript</option>
|
||||||
<option value="as3">ActionScript3 (AS3)</option>
|
<option value="as3">ActionScript3 (AS3)</option>
|
||||||
@ -61,23 +85,28 @@
|
|||||||
<option value="sql">Sql</option>
|
<option value="sql">Sql</option>
|
||||||
<option value="vb">VB</option>
|
<option value="vb">VB</option>
|
||||||
<option value="xml">Xml</option>
|
<option value="xml">Xml</option>
|
||||||
|
|
||||||
</select>
|
</select>
|
||||||
</div>
|
</div>
|
||||||
<!-- Type -->
|
<!-- Type -->
|
||||||
<div class="form-group">
|
<div class="form-group">
|
||||||
<label for="exposure">Type:</label>
|
<label for="exposure">Type:</label>
|
||||||
<select class="form-control" id="exposure" name="exposure">
|
<select class="form-control" id="exposure" name="exposure">
|
||||||
<option value="0">Public</option>
|
<?php
|
||||||
<option value="1">Unlisted</option>
|
print '<option value="0">Public</option>';
|
||||||
<?php
|
if($edit_mode == true && $row['exposure'] == 1)
|
||||||
|
print '<option selected="selected" value="1">Unlisted</option>';
|
||||||
|
else print '<option value="1">Unlisted</option>';
|
||||||
include_once "includes/user.php";
|
include_once "includes/user.php";
|
||||||
$userID = -1;
|
$userID = -1;
|
||||||
if(isset($_COOKIE["pp_sid"]) && isset($_COOKIE["pp_skey"]))
|
if(isset($_COOKIE["pp_sid"]) && isset($_COOKIE["pp_skey"]))
|
||||||
$userID = GetUsersIDBySession($_COOKIE["pp_sid"],$_COOKIE["pp_skey"]);
|
$userID = GetUsersIDBySession($_COOKIE["pp_sid"],$_COOKIE["pp_skey"]);
|
||||||
if($userID==-1)
|
if($userID==-1)
|
||||||
print '<option value="2" disabled>Private (Members only)</option>';
|
print '<option value="2" disabled>Private (Members only)</option>';
|
||||||
else print '<option value="2" >Private</option>';
|
else {
|
||||||
|
if($edit_mode === true && $row['exposure'] === 2)
|
||||||
|
print '<option selected="selected" value="2" >Private</option>';
|
||||||
|
else print '<option value="2" >Private</option>';
|
||||||
|
}
|
||||||
?>
|
?>
|
||||||
</select>
|
</select>
|
||||||
</div>
|
</div>
|
||||||
|
35
edit.php
Normal file
35
edit.php
Normal file
@ -0,0 +1,35 @@
|
|||||||
|
<div class="container">
|
||||||
|
<div class="panel panel-default">
|
||||||
|
<div class="panel-body">
|
||||||
|
<?php
|
||||||
|
if(isset($_GET['id']) && isset($_COOKIE["pp_sid"]) && isset($_COOKIE["pp_skey"])){
|
||||||
|
include_once "includes/user.php";
|
||||||
|
$uid = GetUsersIDBySession($_COOKIE["pp_sid"],$_COOKIE["pp_skey"]);
|
||||||
|
$paste = $_GET['id'];
|
||||||
|
//connect to db and get paste info
|
||||||
|
$conn = GetConnectionToDB();
|
||||||
|
$stmt = $conn->prepare('SELECT * FROM pastes WHERE uid=:uid');
|
||||||
|
$stmt->bindParam(':uid', $paste);
|
||||||
|
$stmt->execute();
|
||||||
|
if($stmt->rowCount()>0){
|
||||||
|
while($row = $stmt->fetch(PDO::FETCH_ASSOC)) {
|
||||||
|
if($row['owner'] === $uid){
|
||||||
|
include "NewPastePanel.php";
|
||||||
|
} else {
|
||||||
|
$conn = null;
|
||||||
|
echo '<center><h4>You are not the owner of the paste '.$row["uid"].'</h4></center>';
|
||||||
|
echo '<meta http-equiv="refresh" content="2;url=../index.php">';
|
||||||
|
die();
|
||||||
|
}
|
||||||
|
}
|
||||||
|
} else {
|
||||||
|
$conn = null;
|
||||||
|
echo '<center><h4>The paste '.$row["uid"].' does not exist</h4></center>';
|
||||||
|
echo '<meta http-equiv="refresh" content="2;url=../index.php">';
|
||||||
|
}
|
||||||
|
$conn = null;
|
||||||
|
}
|
||||||
|
?>
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
</div>
|
@ -12,7 +12,7 @@ if(isset($_GET["page"]) && $_GET["page"] == "login" && isset($_POST["type"]) &&
|
|||||||
<?php
|
<?php
|
||||||
echo '<meta name="viewport" content="width=device-width, initial-scale=1">';
|
echo '<meta name="viewport" content="width=device-width, initial-scale=1">';
|
||||||
$dir = "";
|
$dir = "";
|
||||||
if (isset($_GET["user"]))$dir="../";
|
if (isset($_GET["user"]) || isset($_GET["page"]) && $_GET["page"]=="edit")$dir="../";
|
||||||
|
|
||||||
echo '<link rel="stylesheet" href="'.$dir.'css/bootstrap.min.css">';
|
echo '<link rel="stylesheet" href="'.$dir.'css/bootstrap.min.css">';
|
||||||
echo '<script src="https://ajax.googleapis.com/ajax/libs/jquery/1.12.0/jquery.min.js"></script>';
|
echo '<script src="https://ajax.googleapis.com/ajax/libs/jquery/1.12.0/jquery.min.js"></script>';
|
||||||
@ -41,7 +41,7 @@ if(isset($_GET["page"]) && $_GET["page"] == "login" && isset($_POST["type"]) &&
|
|||||||
<div class="navbar-header">
|
<div class="navbar-header">
|
||||||
<?php
|
<?php
|
||||||
$dir = "";
|
$dir = "";
|
||||||
if (isset($_GET["user"]))$dir="../";
|
if (isset($_GET["user"]) || isset($_GET["page"]) && $_GET["page"]=="edit")$dir="../";
|
||||||
echo '<a class="navbar-brand" href="'.$dir.'index.php">Palm-Paste</a>';
|
echo '<a class="navbar-brand" href="'.$dir.'index.php">Palm-Paste</a>';
|
||||||
?>
|
?>
|
||||||
</div>
|
</div>
|
||||||
@ -54,7 +54,7 @@ if(isset($_GET["page"]) && $_GET["page"] == "login" && isset($_POST["type"]) &&
|
|||||||
<?php
|
<?php
|
||||||
include_once "includes/user.php";
|
include_once "includes/user.php";
|
||||||
$dir = "";
|
$dir = "";
|
||||||
if (isset($_GET["user"]))$dir="../";
|
if (isset($_GET["user"]) || isset($_GET["page"]) && $_GET["page"]=="edit")$dir="../";
|
||||||
$userID = -1;
|
$userID = -1;
|
||||||
if(isset($_COOKIE["pp_sid"]) && isset($_COOKIE["pp_skey"]))
|
if(isset($_COOKIE["pp_sid"]) && isset($_COOKIE["pp_skey"]))
|
||||||
$userID = GetUsersIDBySession($_COOKIE["pp_sid"],$_COOKIE["pp_skey"]);
|
$userID = GetUsersIDBySession($_COOKIE["pp_sid"],$_COOKIE["pp_skey"]);
|
||||||
@ -129,6 +129,8 @@ if (isset($_GET["page"])){
|
|||||||
die();
|
die();
|
||||||
} else if($_GET["page"] == "signup"){
|
} else if($_GET["page"] == "signup"){
|
||||||
include_once "signup.php";
|
include_once "signup.php";
|
||||||
|
} else if($_GET["page"] == "edit"){
|
||||||
|
include_once "edit.php";
|
||||||
} else {
|
} else {
|
||||||
$uid = $_GET["page"];
|
$uid = $_GET["page"];
|
||||||
include_once "ViewPaste.php";
|
include_once "ViewPaste.php";
|
||||||
|
@ -3,6 +3,7 @@ location /paste {
|
|||||||
if ( $uri !~ ^/paste/(index\.php|css|js|robots\.txt|favicon\.ico|$) ) {
|
if ( $uri !~ ^/paste/(index\.php|css|js|robots\.txt|favicon\.ico|$) ) {
|
||||||
rewrite ^/paste/u/(.*)$ /paste/index.php?user=$1? last;
|
rewrite ^/paste/u/(.*)$ /paste/index.php?user=$1? last;
|
||||||
rewrite ^/paste/delete/(.*)$ /paste/delete.php?id=$1? last;
|
rewrite ^/paste/delete/(.*)$ /paste/delete.php?id=$1? last;
|
||||||
|
rewrite ^/paste/([^/]+)/(.*)$ /paste/index.php?page=$1&id=$2? last;
|
||||||
rewrite ^/paste/(.*)$ /paste/index.php?page=$1? last;
|
rewrite ^/paste/(.*)$ /paste/index.php?page=$1? last;
|
||||||
}
|
}
|
||||||
if ( $uri ~* ^/paste/u/(css|js) ) {
|
if ( $uri ~* ^/paste/u/(css|js) ) {
|
||||||
|
53
post.php
53
post.php
@ -69,6 +69,59 @@ if(isset($_POST["type"])){
|
|||||||
$conn = null; //close connection to database
|
$conn = null; //close connection to database
|
||||||
header("Location: ".$uid);
|
header("Location: ".$uid);
|
||||||
die();
|
die();
|
||||||
|
} else if($_POST["type"]=="edit_paste" && isset($_POST["text"])){
|
||||||
|
/* Set paste details */
|
||||||
|
$title = "Untitled";
|
||||||
|
$text = $_POST["text"];
|
||||||
|
$exposure = 0;
|
||||||
|
if(isset($_POST["title"]))
|
||||||
|
$title = $_POST["title"];
|
||||||
|
if(isset($_POST["exposure"]) && is_numeric($_POST["exposure"]))
|
||||||
|
$exposure = $_POST["exposure"];
|
||||||
|
$uid = $_POST["uid"];
|
||||||
|
$created = time();
|
||||||
|
$expire = 0;
|
||||||
|
if(isset($_POST["expire"]) && is_numeric($_POST["expire"]))
|
||||||
|
$expire = $created + $_POST["expire"];
|
||||||
|
$owner = 0;
|
||||||
|
$syntax = "plain";
|
||||||
|
if(isset($_POST["syntax"]))
|
||||||
|
$syntax=$_POST["syntax"];
|
||||||
|
if(isset($_POST["asguest"]) && $_POST["asguest"]=="on")
|
||||||
|
$owner = 0;
|
||||||
|
else if(isset($_COOKIE["pp_sid"]) && isset($_COOKIE["pp_skey"])){
|
||||||
|
include "includes/user.php";
|
||||||
|
$owner = GetUsersIDBySession($_COOKIE["pp_sid"],$_COOKIE["pp_skey"]);
|
||||||
|
}
|
||||||
|
/* Get the owner of the paste */
|
||||||
|
$paste_owner = 0;
|
||||||
|
$conn = GetConnectionToDB();
|
||||||
|
$stmt = $conn->query('SELECT owner FROM pastes WHERE uid="'.$uid.'"');
|
||||||
|
if($result = $stmt->fetch(PDO::FETCH_ASSOC)){
|
||||||
|
$paste_owner = $result['owner'];
|
||||||
|
}
|
||||||
|
/* Edit paste in database */
|
||||||
|
if($owner === $paste_owner && $owner !== 0){
|
||||||
|
$QuerySTR = " UPDATE pastes SET title=:tit,text=:txt,created=:cre,expire=:exp,exposure=:exposure,owner=:own,highlight=:hl
|
||||||
|
WHERE uid=:uid";
|
||||||
|
$stmt = $conn->prepare($QuerySTR);
|
||||||
|
$stmt->bindParam(':exp', $expire);
|
||||||
|
$stmt->bindParam(':uid', $uid);
|
||||||
|
$stmt->bindParam(':tit', $title);
|
||||||
|
$stmt->bindParam(':txt', $text);
|
||||||
|
$stmt->bindParam(':cre', $created);
|
||||||
|
$stmt->bindParam(':exposure', $exposure);
|
||||||
|
$stmt->bindParam(':own', $owner);
|
||||||
|
$stmt->bindParam(':hl', $syntax);
|
||||||
|
$stmt->execute();
|
||||||
|
$conn = null; //close connection to database
|
||||||
|
header("Location: ".$uid);
|
||||||
|
die();
|
||||||
|
} else {
|
||||||
|
$conn = null; //close connection to database
|
||||||
|
echo "<h1>This paste does not belong to you!</h1>";
|
||||||
|
die();
|
||||||
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
?>
|
?>
|
Loading…
Reference in New Issue
Block a user