pk
/
palm-paste
mirror of https://github.com/pikami/palm-paste.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Users now have the ability to edit their own pastes

This commit is contained in:
pikami 2017-04-02 11:49:39 +00:00
parent 352f24fcd9
commit b37b3264d7
8 changed files with 142 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
.htaccess
View File

@ -6,4 +6,5 @@ RewriteBase "/paste/"
RewriteRule ^u/([A-Za-z0-9-]+)/?$ index.php?user=$1
RewriteRule ^delete/([A-Za-z0-9-]+)/?$ delete.php?id=$1
RewriteRule ^edit/([A-Za-z0-9-]+)/?$ index.php?page=edit&id=$1
RewriteRule ^([A-Za-z0-9-]+)/?$ index.php?page=$1

7
MyPastes.php
View File

@ -41,7 +41,12 @@ if($stmt->rowCount()>0){
//Paste url
printf('<td style="text-align: right;"><a href="'.htmlspecialchars($row["uid"], ENT_QUOTES, 'UTF-8').'">'.htmlspecialchars($row["uid"], ENT_QUOTES, 'UTF-8').'</a></td>');
//Actions
printf('<td style="text-align: right;"><a href="delete/'.htmlspecialchars($row["uid"], ENT_QUOTES, 'UTF-8').'"><span class="glyphicon glyphicon-trash" aria-hidden="true"></span></s></td></tr>');
printf('<td style="text-align: right;">');
//delete paste
printf('<a href="delete/'.htmlspecialchars($row["uid"], ENT_QUOTES, 'UTF-8').'"><span class="glyphicon glyphicon-trash" title="Delete paste" aria-hidden="true"></span>');
//edit paste
printf('<a href="edit/'.htmlspecialchars($row["uid"], ENT_QUOTES, 'UTF-8').'"><span class="glyphicon glyphicon-edit" title="Edit paste" aria-hidden="true"></span>');
printf('</td></tr>');
}
printf('</tbody></talbe>');
} else {

43
NewPastePanel.php
View File

@ -1,15 +1,35 @@
<div class="panel panel-default">
<div class="panel-body">
<form role="form" method="post" action="post.php" onsubmit="document.getElementById('submit').disabled=true;document.getElementById('submit').value='Please wait...';">
<?php
$edit_mode = false;
if(isset($_GET['page']) && $_GET['page']=='edit'){
$edit_mode = true;
printf('You are editing paste '.$_GET['id']);
printf('<form role="form" method="post" action="../post.php" onsubmit="document.getElementById(\'submit\').disabled=true;document.getElementById(\'submit\').value=\'Please wait...\';">');
}else printf('<form role="form" method="post" action="post.php" onsubmit="document.getElementById(\'submit\').disabled=true;document.getElementById(\'submit\').value=\'Please wait...\';">');
?>
<div class="form-group">
<label for="title">Paste title:</label>
<input type="title" class="form-control" id="title" name="title">
<?php
if($edit_mode == true){
printf('<input type="title" class="form-control" value="'.$row['title'].'" id="title" name="title">');
} else printf('<input type="title" class="form-control" id="title" name="title">');
?>
</div>
<div class="form-group">
<label for="text">New paste:</label>
<textarea class="form-control" rows="5" id="text" name="text"></textarea>
<?php
if($edit_mode == true){
printf('<textarea class="form-control" rows="5" id="text" name="text">'.$row['text'].'</textarea>');
} else printf('<textarea class="form-control" rows="5" id="text" name="text"></textarea>');
?>
</div>
<input type='hidden' name='type' value='paste'></input>
<?php
if($edit_mode == true){
printf("<input type='hidden' name='type' value='edit_paste'></input>");
printf("<input type='hidden' name='uid' value='".$row['uid']."'></input>");
} else printf("<input type='hidden' name='type' value='paste'></input>");
?>
<div class="container-fluid">
<div class="row">
<div class="col-sm-6">
@ -36,6 +56,10 @@
<div class="form-group">
<label for="syntax">Syntax Highlight:</label>
<select data-placeholder="None" class="form-control chosen-select" id="syntax" name="syntax">
<?php
if($edit_mode == true)
print '<option value="'.$row['highlight'].'">Current ('.$row['highlight'].')</option>';
?>
<option value="plain">Plain</option>
<option value="applescript">AppleScript</option>
<option value="as3">ActionScript3 (AS3)</option>
@ -61,23 +85,28 @@
<option value="sql">Sql</option>
<option value="vb">VB</option>
<option value="xml">Xml</option>
</select>
</div>
<!-- Type -->
<div class="form-group">
<label for="exposure">Type:</label>
<select class="form-control" id="exposure" name="exposure">
<option value="0">Public</option>
<option value="1">Unlisted</option>
<?php
print '<option value="0">Public</option>';
if($edit_mode == true && $row['exposure'] == 1)
print '<option selected="selected" value="1">Unlisted</option>';
else print '<option value="1">Unlisted</option>';
include_once "includes/user.php";
$userID = -1;
if(isset($_COOKIE["pp_sid"]) && isset($_COOKIE["pp_skey"]))
$userID = GetUsersIDBySession($_COOKIE["pp_sid"],$_COOKIE["pp_skey"]);
if($userID==-1)
print '<option value="2" disabled>Private (Members only)</option>';
else {
if($edit_mode === true && $row['exposure'] === 2)
print '<option selected="selected" value="2" >Private</option>';
else print '<option value="2" >Private</option>';
}
?>
</select>
</div>

35
edit.php Normal file
View File

@ -0,0 +1,35 @@
<div class="container">
<div class="panel panel-default">
<div class="panel-body">
<?php
if(isset($_GET['id']) && isset($_COOKIE["pp_sid"]) && isset($_COOKIE["pp_skey"])){
include_once "includes/user.php";
$uid = GetUsersIDBySession($_COOKIE["pp_sid"],$_COOKIE["pp_skey"]);
$paste = $_GET['id'];
//connect to db and get paste info
$conn = GetConnectionToDB();
$stmt = $conn->prepare('SELECT * FROM pastes WHERE uid=:uid');
$stmt->bindParam(':uid', $paste);
$stmt->execute();
if($stmt->rowCount()>0){
while($row = $stmt->fetch(PDO::FETCH_ASSOC)) {
if($row['owner'] === $uid){
include "NewPastePanel.php";
} else {
$conn = null;
echo '<center><h4>You are not the owner of the paste '.$row["uid"].'</h4></center>';
echo '<meta http-equiv="refresh" content="2;url=../index.php">';
die();
}
}
} else {
$conn = null;
echo '<center><h4>The paste '.$row["uid"].' does not exist</h4></center>';
echo '<meta http-equiv="refresh" content="2;url=../index.php">';
}
$conn = null;
}
?>
</div>
</div>
</div>

8
index.php
View File

@ -12,7 +12,7 @@ if(isset($_GET["page"]) && $_GET["page"] == "login" && isset($_POST["type"]) &&
<?php
echo '<meta name="viewport" content="width=device-width, initial-scale=1">';
$dir = "";
if (isset($_GET["user"]))$dir="../";
if (isset($_GET["user"]) || isset($_GET["page"]) && $_GET["page"]=="edit")$dir="../";
echo '<link rel="stylesheet" href="'.$dir.'css/bootstrap.min.css">';
echo '<script src="https://ajax.googleapis.com/ajax/libs/jquery/1.12.0/jquery.min.js"></script>';
@ -41,7 +41,7 @@ if(isset($_GET["page"]) && $_GET["page"] == "login" && isset($_POST["type"]) &&
<div class="navbar-header">
<?php
$dir = "";
if (isset($_GET["user"]))$dir="../";
if (isset($_GET["user"]) || isset($_GET["page"]) && $_GET["page"]=="edit")$dir="../";
echo '<a class="navbar-brand" href="'.$dir.'index.php">Palm-Paste</a>';
?>
</div>
@ -54,7 +54,7 @@ if(isset($_GET["page"]) && $_GET["page"] == "login" && isset($_POST["type"]) &&
<?php
include_once "includes/user.php";
$dir = "";
if (isset($_GET["user"]))$dir="../";
if (isset($_GET["user"]) || isset($_GET["page"]) && $_GET["page"]=="edit")$dir="../";
$userID = -1;
if(isset($_COOKIE["pp_sid"]) && isset($_COOKIE["pp_skey"]))
$userID = GetUsersIDBySession($_COOKIE["pp_sid"],$_COOKIE["pp_skey"]);
@ -129,6 +129,8 @@ if (isset($_GET["page"])){
die();
} else if($_GET["page"] == "signup"){
include_once "signup.php";
} else if($_GET["page"] == "edit"){
include_once "edit.php";
} else {
$uid = $_GET["page"];
include_once "ViewPaste.php";

1
nginx_cfg.txt
View File

@ -3,6 +3,7 @@ location /paste {
if ( $uri !~ ^/paste/(index\.php|css|js|robots\.txt|favicon\.ico|$) ) {
rewrite ^/paste/u/(.*)$ /paste/index.php?user=$1? last;
rewrite ^/paste/delete/(.*)$ /paste/delete.php?id=$1? last;
rewrite ^/paste/([^/]+)/(.*)$ /paste/index.php?page=$1&id=$2? last;
rewrite ^/paste/(.*)$ /paste/index.php?page=$1? last;
}
if ( $uri ~* ^/paste/u/(css|js) ) {

53
post.php
View File

@ -69,6 +69,59 @@ if(isset($_POST["type"])){
$conn = null; //close connection to database
header("Location: ".$uid);
die();
} else if($_POST["type"]=="edit_paste" && isset($_POST["text"])){
/* Set paste details */
$title = "Untitled";
$text = $_POST["text"];
$exposure = 0;
if(isset($_POST["title"]))
$title = $_POST["title"];
if(isset($_POST["exposure"]) && is_numeric($_POST["exposure"]))
$exposure = $_POST["exposure"];
$uid = $_POST["uid"];
$created = time();
$expire = 0;
if(isset($_POST["expire"]) && is_numeric($_POST["expire"]))
$expire = $created + $_POST["expire"];
$owner = 0;
$syntax = "plain";
if(isset($_POST["syntax"]))
$syntax=$_POST["syntax"];
if(isset($_POST["asguest"]) && $_POST["asguest"]=="on")
$owner = 0;
else if(isset($_COOKIE["pp_sid"]) && isset($_COOKIE["pp_skey"])){
include "includes/user.php";
$owner = GetUsersIDBySession($_COOKIE["pp_sid"],$_COOKIE["pp_skey"]);
}
/* Get the owner of the paste */
$paste_owner = 0;
$conn = GetConnectionToDB();
$stmt = $conn->query('SELECT owner FROM pastes WHERE uid="'.$uid.'"');
if($result = $stmt->fetch(PDO::FETCH_ASSOC)){
$paste_owner = $result['owner'];
}
/* Edit paste in database */
if($owner === $paste_owner && $owner !== 0){
$QuerySTR = " UPDATE pastes SET title=:tit,text=:txt,created=:cre,expire=:exp,exposure=:exposure,owner=:own,highlight=:hl
WHERE uid=:uid";
$stmt = $conn->prepare($QuerySTR);
$stmt->bindParam(':exp', $expire);
$stmt->bindParam(':uid', $uid);
$stmt->bindParam(':tit', $title);
$stmt->bindParam(':txt', $text);
$stmt->bindParam(':cre', $created);
$stmt->bindParam(':exposure', $exposure);
$stmt->bindParam(':own', $owner);
$stmt->bindParam(':hl', $syntax);
$stmt->execute();
$conn = null; //close connection to database
header("Location: ".$uid);
die();
} else {
$conn = null; //close connection to database
echo "<h1>This paste does not belong to you!</h1>";
die();
}
}
}
?>