Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- class SiteEditor {
- private $userPasswordHash;
- private $contentPath;
- private $post = array();
- public function __construct($userPasswordHash, $contentPath) {
- $this->userPasswordHash = strtolower($userPasswordHash);
- $this->contentPath = $contentPath;
- session_start();
- }
- public function handleRequest(array $post) {
- $this->post = $post;
- $this->assertLoggedIn();
- if($this->isRequestChangeContent()) {
- $this->changeContent();
- } elseif ($this->isRequestTypeChanges()) {
- $this->typeChanges();
- }
- $this->echoChooseSite();
- }
- private function getTxtFilesAsOptions() {
- $sites = '';
- foreach (glob($this->contentPath . '*.txt') as $site) {
- $site = substr($site, strrpos($site, '/') + 1);
- $sites.= '<option value="' . $site . '">' . $site . '</option>';
- }
- return $sites;
- }
- private function typeChanges() {
- $file = $this->contentPath . $this->form('file');
- $this->assertValidTxtFile($file);
- $content = $this->decodeContent($this->readFile($file));
- $this->echoTypeChangesPage($file, $content);
- }
- private function readFile($file) {
- if (($result = file_get_contents($file)) === false) {
- throw new RuntimeException('Error while reading file: ' . $file);
- }
- return $result;
- }
- private function decodeContent($content) {
- return str_replace('<br>', "\n", $content);
- }
- private function isRequestTypeChanges() {
- return $this->form('chooseSite') && $this->form('file');
- }
- private function changeContent() {
- $file = $this->contentPath . $this->form('file');
- $this->assertValidTxtFile($file);
- $content = $this->encodeContent($this->form('content'));
- $this->writeToFile($file, $content);
- }
- private function writeToFile($file, $content) {
- if (@file_put_contents($file, $content) === false) {
- throw new RuntimeException('Error while writing file: ' . $file);
- }
- }
- private function encodeContent($content) {
- $content = html_entity_decode($content, ENT_QUOTES);
- return str_replace(array("\r\n", "\n", "\r"), '<br>', $content);
- }
- private function assertValidTxtFile($file) {
- $file = str_replace('/', '_', $file);
- if ($this->isInvalidFile($file)) {
- throw new RuntimeException('Invalid file:' . $file);
- }
- }
- private function isInvalidFile($file) {
- return substr($file, -4) == '.txt' && is_file($file) && is_writable($file) && is_readable($file);
- }
- private function isRequestChangeContent() {
- return $this->form('changeContent') && $this->form('file') && $this->form('content');
- }
- private function assertLoggedIn() {
- if ($this->isLoggedIn()) {
- return;
- }
- if ($this->form('login')) {
- if ($this->validateLoginForm()) {
- $this->login();
- $this->post = array();
- } else {
- throw new Exception('Invalid login data provided');
- }
- }
- $this->echoLoginPage();
- }
- private function login() {
- $_SESSION['login'] = true;
- }
- private function isLoggedIn() {
- return isset($_SESSION['login']);
- }
- private function validateLoginForm() {
- return
- $this->form('user') && $this->form('password') &&
- $this->validateHash($this->form('user'), $this->form('password'))
- ;
- }
- private function validateHash($user, $password) {
- return hash('sha512', $user . 'XX' . $password) == $this->userPasswordHash;
- }
- private function form($index) {
- return isset($this->post[$index]) ? $this->post[$index] : null;
- }
- private function echoLoginPage() {
- ?>
- <!-- I am a login page-->
- <form action="fsb.php" method="post"><input type="text" name="user"> <input type="password" name="password"><input type="submit" name="login" value="login"></form>
- <?php
- exit(0);
- }
- private function echoTypeChangesPage($file, $content) {
- ?>
- <!-- I am a site-editing page-->
- <form action="fsb.php" method="post">site: <?php echo $file ?> <input type="hidden" name="file" value="<?php echo $_POST['file'] ?>"><textarea name="content"><?php echo $content ?></textarea><input type="submit" name="changeContent" value="edit"></form>
- <?php
- exit(0);
- }
- private function echoChooseSite() {
- $sites = $this->getTxtFilesAsOptions();
- ?>
- <!-- I am a site-choosing page-->
- <form action="fsb.php" method="post"><select name="file"><?php echo $sites ?></select><input type="submit" name="chooseSite" value="next"></form>
- <?php
- exit(0);
- }
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement