SECURE_WRITING

<!DOCTYPE html><html lang="en"><title>Admin</title><meta name="viewport" content="width=device-width, initial-scale=1.0"><?php

//PHP writing software. This is basic, but it works well for me
//Just save the file as "writer.php"
//It should be easy to use, but questions (and comments) can be sent to
//aera23@protonmail.com


//Replies can take a few days, but typically occur within 20-30 hours

//Prevents password guessing. If the security file is not blank, STOP the script, and tell the user what happened
if(@file_get_contents('security.tmp')!=""){echo file_get_contents('security.tmp')."</html>"; exit;}


$data = file("wd.txt");
if($data[2]==""){$data[2]="#993300";}if($data[3]==""){$data[3]="#ffff99";}
if($data[0]=="" || $data[1]=="" || $data[2]==""|| $data[3]==""|| $data[4]=="" || crc32($_REQUEST['code'])== $data[4] && $_REQUEST['code']!=""){

if($_GET['set']!=3)
{$data = file("wd.txt");

echo '<style>html{font-family:corbel; background:'.$data[3].'; color:'.$data[2].';}*{padding:0.2em}</style><h1>Welcome :)</h1><p><br>
<form action="writer.php?set=3" method="post">
This edition includes a security kill switch.
Title:<input name="cn" placeholder="@Nick\'s writer" value="'.str_replace("<br />","",nl2br($data[1])).'"><br>
Text:<input type="color" name="fg" value="'.str_replace("\n","",$data[2]).'"><br>
Page:<input type="color" name="bg" value="'.str_replace("\n","",$data[3]).'"><br>
Secret (to access writer): <input name="ws" required><br><br>
Confirm it: <input name="sc" required><br><input type="submit" value="Save"><br>
Rest assured that the secret is not stored in plaintext.<br>
Then hit enter.</p></form><h3>This simplified software is provided by Aera23<mark>:)</mark>.<br>To protect yourself, I\'ve included a "Cache".</h3>';exit;}


elseif($_GET['set']==3 && $_REQUEST['sc'] == $_REQUEST['ws']){
$set = fopen("wd.txt", "w");
$txt = time()."
".$_REQUEST['cn']."
".$_REQUEST['fg']."
".$_REQUEST['bg']."
".crc32($_REQUEST['ws']);
fwrite($set,$txt); fclose($set);}}

//Retrieves config
$nick = $data[1];
$fg = $data[2]; $bg = $data[3];
$pass = $data[4];

//Send login
if(crc32($_REQUEST['pass'])!=$pass){
echo "<style>body{background:$bg; color:$fg; font-family:corbel;margin:3em;}a{color:$fg}</style><body><h1><mark>🔑</mark> Admin <small>(file editor) <a href='index.php'>... or go Back</small></h1><p><a href='source.php'>🧿 File viewer</a></p>";echo'
<form action="writer.php?auth='.date("H").'" method="post">
Key:<input type="text" name="pass" autofocus style="padding:0.4em;font-size:1.1em;background:#e22;color:#fff;">
<input type="hidden" name="f" value="'.$_GET['f'].'">
<br><br>Final attempt: Tap Enter to login.</form></body>';

if($_REQUEST['pass']!=""){file_put_contents("security.tmp", 'GUESS: '.date("j @ H:i:s ")).' by '.$_SERVER['HTTP_USER_AGENT'];}


if($_REQUEST['x']!="")file_put_contents("security.tmp","WARN: ".(time()-$_REQUEST['x']));}

else{if($_REQUEST['f']!=""){$fs = filesize($_REQUEST['f']);}

//The writing part
if($_REQUEST['f']!="" && $_REQUEST['data']!="")
{$file = $_REQUEST['f'];$data = $_REQUEST['data'];
rename($_REQUEST['f'],"backup.tmp");
if ($data == 'clear'){unlink($_REQUEST['f']);}
else{$w = fopen($file, "w");fwrite($w, $data); fclose($w);}
$t = "Done";}
if($_REQUEST['f']!=""){$fs = filesize($_REQUEST['f']);}
else{$t = "File writer";}

//bg 448, fg 9f9
if($_REQUEST['f']!=""){$x = 'style="background:#ff0;padding:0.5em"';}else{$x = 'style="padding:0.5em; autofocus"';}

echo '<style>body{background:'.$bg.'; color:'.$fg.'; font-family:calibri}mark,input{background:#bff;font-size:110%}
a{background:'.$fg.'; color:'.$bg.'}mark,code{color:inherit}
pre{white-space:pre-wrap;       /* CSS 2.1+ */
  white-space:-moz-pre-wrap;  /* Mozilla, since 1999 */
  white-space:-o-pre-wrap;    /* Opera 7 */}
.un{color:#fff;}
form{display:inline}
input{font-family:corbel,times new roman;}
</style><title>'.$nick.'</title>
<p class="un"><form action="writer.php" method="post" id="x">
<input type="submit" name="exit" value=" ❎ Sign Out"><a href="backup.tmp">📑Original file</a><a href="source.php?f='.$_REQUEST["f"].'"> 🔮 Safe mode</a></form>

<form id="w" action="writer.php" method="post" accept-charset="UTF-8">
<input type="text" class="int" name="f" size="15" placeholder="File name" value="'.$_REQUEST["f"].'" '.$x.'><br><br>';

echo'<textarea id="q" form="w" class="int" name="data" width="99%" rows="20" cols="150" placeholder="Contents"></textarea><br>

<script>
document.getElementById(\'q\').innerHTML=document.getElementById(\'aa\').innerText;
</script>


<input type="hidden" name="pass" value="'.$_REQUEST['pass'].'">
<input type="submit" class="int" value=" 🧧 Send"></form><form action="writer.php" method="post" id="x">
<input type="hidden" name="pass" value="'.$_REQUEST['pass'].'">
<input type="submit" value=" ✔ Edit another "></form>

<form action="writer.php?f=wd.txt" method="post" id="x">
<input type="hidden" name="pass" value="'.$_REQUEST['pass'].'">
<input type="hidden" name="data" value="clear">
<input type="submit" value=" 🧨 Reset"></form><br><a href="'.$_REQUEST['f'].'" target="blank">'.$_REQUEST['f'].'</a> ('.$fs.')<br><pre style="background:#fff" id="aa">';

if ($_REQUEST['f']!=""){
$source = show_source($_REQUEST['f'], true);
$source = str_replace("<br />","",$source);
$source = str_replace("&lt;","<mark>&lt;</mark>",$source);
$source = str_replace("&gt;","<mark>&gt;</mark>",$source);
echo $source;}
else{echo"This will show you the source code, unless the file is an image.<br><br>Type 'clear' to clear the contents of a file.<br><br>The previous copy of a file can typically be accessed by clicking on '📑 Original file'.";}
echo'</pre>';}
?>