-
Notifications
You must be signed in to change notification settings - Fork 0
/
index.php
executable file
·88 lines (74 loc) · 2.34 KB
/
index.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
<?php
// Base URL of the website, without trailing slash.
$base_url = 'http://convergence.uvpce.ac.in/panel';
$base_url = '/panel';
// Directory to save user documents.
$data_directory = '_tmp';
/**
* Sanitizes a string to include only alphanumeric characters.
*
* @param string $string the string to sanitize
* @return string the sanitized string
*/
function sanitizeString($string) {
return preg_replace('/[^a-zA-Z0-9]+/', '', $string);
}
/**
* Generates a random string.
*
* @param integer $length the length of the string
* @return string the new string
*
* Initially based on http://stackoverflow.com/a/4356295/1391963
*/
function generateRandomString($length = 5) {
// Do not generate ambiguous characters. See http://ux.stackexchange.com/a/53345/25513
$characters = '23456789abcdefghjkmnpqrstuvwxyzABCDEFGHJKMNPQRSTUVWXYZ';
$randomString = '';
for ($i = 0; $i < $length; $i++) {
$randomString .= $characters[rand(0, strlen($characters) - 1)];
}
return $randomString;
}
// Disable caching.
header('Cache-Control: no-cache, no-store, must-revalidate');
header('Pragma: no-cache');
header('Expires: 0');
if (empty($_GET['f']) || sanitizeString($_GET['f']) !== $_GET['f']) {
// User has not specified a valid name, generate one.
header('Location: ' . $base_url . '/' . generateRandomString());
die();
}
$name = sanitizeString($_GET['f']);
$path = $data_directory . DIRECTORY_SEPARATOR . $name;
if (isset($_POST['t'])) {
// Update file.
file_put_contents($path, $_POST['t']);
die();
}
if (strpos($_SERVER['HTTP_USER_AGENT'], 'curl') === 0) {
// Output raw file if client is curl.
print file_get_contents($path);
die();
}
?><!DOCTYPE html>
<html>
<head>
<meta charset="utf-8" />
<meta name="viewport" content="width=device-width, initial-scale=1.0" />
<title><?php print $name; ?></title>
<link rel="shortcut icon" href="<?php print $base_url; ?>/favicon.ico" />
<link href="<?php print $base_url; ?>/styles.css" rel="stylesheet" />
</head>
<body>
<div class="container">
<textarea id="content"><?php
if (file_exists($path)) {
print htmlspecialchars(file_get_contents($path), ENT_QUOTES, 'UTF-8');
}
?></textarea>
<pre id="printable"></pre>
</div>
<script src="script.js"></script>
</body>
</html>