daily pastebin goal
22%
SHARE
TWEET

SiteEditor.php

a guest Dec 17th, 2014 30 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. <?php
  2.  
  3. class SiteEditor {
  4.     private $userPasswordHash;
  5.     private $contentPath;
  6.     private $post = array();
  7.  
  8.     public function __construct($userPasswordHash, $contentPath) {
  9.         $this->userPasswordHash = strtolower($userPasswordHash);
  10.         $this->contentPath = $contentPath;
  11.         session_start();
  12.     }
  13.  
  14.     public function handleRequest(array $post) {
  15.         $this->post = $post;
  16.         $this->assertLoggedIn();
  17.         if($this->isRequestChangeContent()) {
  18.             $this->changeContent();
  19.         } elseif ($this->isRequestTypeChanges()) {
  20.             $this->typeChanges();
  21.         }
  22.         $this->echoChooseSite();
  23.     }
  24.  
  25.     private function getTxtFilesAsOptions() {
  26.         $sites = '';
  27.         foreach (glob($this->contentPath . '*.txt') as $site) {
  28.             $site = substr($site, strrpos($site, '/') + 1);
  29.             $sites.= '<option value="' . $site . '">' . $site . '</option>';
  30.         }
  31.         return $sites;
  32.     }
  33.  
  34.     private function typeChanges() {
  35.         $file = $this->contentPath . $this->form('file');
  36.         $this->assertValidTxtFile($file);
  37.         $content = $this->decodeContent($this->readFile($file));
  38.         $this->echoTypeChangesPage($file, $content);
  39.     }
  40.  
  41.     private function readFile($file) {
  42.         if (($result = file_get_contents($file)) === false) {
  43.             throw new RuntimeException('Error while reading file: ' . $file);
  44.         }
  45.         return $result;
  46.     }
  47.  
  48.     private function decodeContent($content) {
  49.         return str_replace('<br>', "\n", $content);
  50.     }
  51.  
  52.     private function isRequestTypeChanges() {
  53.         return $this->form('chooseSite') && $this->form('file');
  54.     }
  55.  
  56.     private function changeContent() {
  57.         $file = $this->contentPath . $this->form('file');
  58.         $this->assertValidTxtFile($file);
  59.         $content = $this->encodeContent($this->form('content'));
  60.         $this->writeToFile($file, $content);
  61.     }
  62.  
  63.     private function writeToFile($file, $content) {
  64.         if (@file_put_contents($file, $content) === false) {
  65.             throw new RuntimeException('Error while writing file: ' . $file);
  66.         }
  67.     }
  68.  
  69.     private function encodeContent($content) {
  70.         $content = html_entity_decode($content, ENT_QUOTES);
  71.         return str_replace(array("\r\n", "\n", "\r"), '<br>', $content);
  72.     }
  73.  
  74.     private function assertValidTxtFile($file) {
  75.         $file = str_replace('/', '_', $file);
  76.         if ($this->isInvalidFile($file)) {
  77.             throw new RuntimeException('Invalid file:' . $file);
  78.         }
  79.     }
  80.  
  81.     private function isInvalidFile($file) {
  82.         return substr($file, -4) == '.txt' && is_file($file) && is_writable($file) && is_readable($file);
  83.     }
  84.  
  85.     private function isRequestChangeContent() {
  86.         return $this->form('changeContent') && $this->form('file') && $this->form('content');
  87.     }
  88.  
  89.     private function assertLoggedIn() {
  90.         if ($this->isLoggedIn()) {
  91.             return;
  92.         }
  93.         if ($this->form('login')) {
  94.             if ($this->validateLoginForm()) {
  95.                 $this->login();
  96.                 $this->post = array();
  97.             } else {
  98.                 throw new Exception('Invalid login data provided');
  99.             }
  100.         }
  101.         $this->echoLoginPage();
  102.     }
  103.  
  104.     private function login() {
  105.         $_SESSION['login'] = true;
  106.     }
  107.  
  108.     private function isLoggedIn() {
  109.         return isset($_SESSION['login']);
  110.     }
  111.  
  112.     private function validateLoginForm() {
  113.         return
  114.             $this->form('user') && $this->form('password') &&
  115.             $this->validateHash($this->form('user'), $this->form('password'))
  116.             ;
  117.     }
  118.  
  119.     private function validateHash($user, $password) {
  120.         return hash('sha512', $user . 'XX' . $password) == $this->userPasswordHash;
  121.     }
  122.  
  123.     private function form($index) {
  124.         return isset($this->post[$index]) ? $this->post[$index] : null;
  125.     }
  126.  
  127.     private function echoLoginPage() {
  128.         ?>
  129.             <!-- I am a login page-->
  130.             <form action="fsb.php" method="post"><input type="text" name="user"> <input type="password" name="password"><input type="submit" name="login" value="login"></form>
  131.         <?php
  132.         exit(0);
  133.     }
  134.  
  135.     private function echoTypeChangesPage($file, $content) {
  136.         ?>
  137.             <!-- I am a site-editing page-->
  138.             <form action="fsb.php" method="post">site: <?php echo $file ?> <input type="hidden" name="file" value="<?php echo $_POST['file'] ?>"><textarea name="content"><?php echo $content ?></textarea><input type="submit" name="changeContent" value="edit"></form>
  139.         <?php
  140.         exit(0);
  141.     }
  142.  
  143.     private function echoChooseSite() {
  144.         $sites = $this->getTxtFilesAsOptions();
  145.         ?>
  146.             <!-- I am a site-choosing page-->
  147.             <form action="fsb.php" method="post"><select name="file"><?php echo $sites ?></select><input type="submit" name="chooseSite" value="next"></form>
  148.         <?php
  149.         exit(0);
  150.     }
  151. }
RAW Paste Data
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy. OK, I Understand