$_FILES['files']['name'][$i], 'type' => $_FILES['files']['type'][$i], 'tmp_name' => $_FILES['files']['tmp_name'][$i], 'error' => $_FILES['files']['error'][$i], 'size' => $_FILES['files']['size'][$i], ]; } if (count($files) > 1) { $note = ''; $custom_name = ''; } foreach ($files as $f) { if ($f['error']) redirect('/uploads/?error='.urlencode('error code '.$f['error'])); if (!$f['size']) redirect('/uploads/?error='.urlencode('received empty file')); $ext = extension($f['name']); if (!uploads::isExtensionAllowed($ext)) redirect('/uploads/?error='.urlencode('extension not allowed')); $upload_id = uploads::add( $f['tmp_name'], $custom_name ?: $f['name'], $note); if (!$upload_id) redirect('/uploads/?error='.urlencode('failed to create upload')); } redirect('/uploads/'); } function GET_upload_delete() { list($id) = input('i:id'); $upload = uploads::get($id); if (!$upload) redirect('/uploads/?error='.urlencode('upload not found')); csrf_check('delupl'.$id); uploads::delete($id); redirect('/uploads/'); } function POST_upload_edit_note() { list($id, $note) = input('i:id, note'); $upload = uploads::get($id); if (!$upload) redirect('/uploads/?error='.urlencode('upload not found')); csrf_check('editupl'.$id); $upload->setNote($note); redirect('/uploads/'); } function POST_ajax_md_preview() { list($md, $title, $use_image_previews) = input('md, title, b:use_image_previews'); $html = markup::markdownToHtml($md, $use_image_previews); $ctx = new SkinContext('\\skin\\admin'); $html = $ctx->markdownPreview( unsafe_html: $html, title: $title ); ajax_ok(['html' => $html]); } function GET_page_add() { list($name) = input('short_name'); $page = pages::getByName($name); if ($page) not_found(); return $this->_get_pageAdd($name); } function POST_page_add() { csrf_check('addpage'); list($name, $text, $title) = input('short_name, text, title'); $page = pages::getByName($name); if ($page) not_found(); $error_code = null; if (!$title) { $error_code = 'no_title'; } else if (!$text) { $error_code = 'no_text'; } if ($error_code) { return $this->_get_pageAdd( name: $name, title: $title, text: $text, error_code: $error_code ); } if (!pages::add([ 'short_name' => $name, 'title' => $title, 'md' => $text ])) { return $this->_get_pageAdd( name: $name, title: $title, text: $text, error_code: 'db_err' ); } $page = pages::getByName($name); redirect($page->getUrl()); } function GET_post_add() { return $this->_get_postAdd(); } function POST_post_add() { csrf_check('addpost'); list($text, $title, $tags, $visible, $short_name) = input('text, title, tags, b:visible, short_name'); $tags = tags::splitString($tags); $error_code = null; if (!$title) { $error_code = 'no_title'; } else if (!$text) { $error_code = 'no_text'; } else if (empty($tags)) { $error_code = 'no_tags'; } else if (empty($short_name)) { $error_code = 'no_short_name'; } if ($error_code) return $this->_get_postAdd( title: $title, text: $text, tags: $tags, short_name: $short_name, error_code: $error_code ); $id = posts::add([ 'title' => $title, 'md' => $text, 'visible' => (int)$visible, 'short_name' => $short_name, ]); if (!$id) $this->_get_postAdd( title: $title, text: $text, tags: $tags, short_name: $short_name, error_code: 'db_err' ); // set tags $post = posts::get($id); $tag_ids = array_values(tags::getTags($tags)); $post->setTagIds($tag_ids); redirect($post->getUrl()); } function GET_auto_delete() { list($name) = input('short_name'); $post = posts::getByName($name); if ($post) { csrf_check('delpost'.$post->id); posts::delete($post); redirect('/'); } $page = pages::getByName($name); if ($page) { csrf_check('delpage'.$page->shortName); pages::delete($page); redirect('/'); } not_found(); } function GET_auto_edit() { list($short_name, $saved) = input('short_name, b:saved'); $post = posts::getByName($short_name); if ($post) { $tags = $post->getTags(); return $this->_get_postEdit($post, title: $post->title, text: $post->md, tags: $post->getTags(), visible: $post->visible, toc: $post->toc, short_name: $post->shortName, saved: $saved, ); } $page = pages::getByName($short_name); if ($page) { return $this->_get_pageEdit($page, title: $page->title, text: $page->md, saved: $saved, visible: $page->visible, ); } not_found(); } function POST_auto_edit() { list($short_name) = input('short_name'); $post = posts::getByName($short_name); if ($post) { csrf_check('editpost'.$post->id); list($text, $title, $tags, $visible, $toc, $short_name) = input('text, title, tags, b:visible, b:toc, new_short_name'); $tags = tags::splitString($tags); $error_code = null; if (!$title) { $error_code = 'no_title'; } else if (!$text) { $error_code = 'no_text'; } else if (empty($tags)) { $error_code = 'no_tags'; } else if (empty($short_name)) { $error_code = 'no_short_name'; } if ($error_code) $this->_get_postEdit($post, title: $title, text: $text, tags: $tags, visible: $visible, toc: $toc, short_name: $short_name, error_code: $error_code ); $post->edit([ 'title' => $title, 'md' => $text, 'visible' => (int)$visible, 'toc' => (int)$toc, 'short_name' => $short_name ]); $tag_ids = array_values(tags::getTags($tags)); $post->setTagIds($tag_ids); redirect($post->getUrl().'edit/?saved=1'); } $page = pages::getByName($short_name); if ($page) { csrf_check('editpage'.$page->shortName); list($text, $title, $visible, $short_name) = input('text, title, b:visible, new_short_name'); $text = trim($text); $title = trim($title); $error_code = null; if (!$title) { $error_code = 'no_title'; } else if (!$text) { $error_code = 'no_text'; } else if (!$short_name) { $error_code = 'no_short_name'; } if ($error_code) { return $this->_get_pageEdit($page, title: $title, text: $text, visible: $visible, error_code: $error_code ); } $page->edit([ 'title' => $title, 'md' => $text, 'visible' => (int)$visible, 'short_name' => $short_name, ]); redirect($page->getUrl().'edit/?saved=1'); } not_found(); } protected static function setWidePage() { set_skin_opts([ 'full_width' => true, 'no_footer' => true ]); } protected function _get_pageAdd( string $name, string $title = '', string $text = '', ?string $error_code = null ) { add_skin_strings_re('/^(err_)?pages_/'); set_title(lang('pages_create_title', $name)); static::setWidePage(); render('admin/pageForm', short_name: $name, title: $title, text: $text, error_code: $error_code); } protected function _get_pageEdit( Page $page, string $title = '', string $text = '', bool $saved = false, bool $visible = false, ?string $error_code = null ) { add_skin_strings_re('/^(err_)?pages_/'); set_title(lang('pages_page_edit_title', $page->shortName.'.html')); static::setWidePage(); render('admin/pageForm', is_edit: true, short_name: $page->shortName, title: $title, text: $text, visible: $visible, saved: $saved, error_code: $error_code); } protected function _get_postEdit( Post $post, string $title = '', string $text = '', ?array $tags = null, bool $visible = false, bool $toc = false, string $short_name = '', ?string $error_code = null, bool $saved = false, ) { add_skin_strings_re('/^(err_)?blog_/'); set_title(lang('blog_post_edit_title', $post->title)); static::setWidePage(); render('admin/postForm', is_edit: true, post_id: $post->id, post_url: $post->getUrl(), title: $title, text: $text, tags: $tags ? implode(', ', $tags) : '', visible: $visible, toc: $toc, saved: $saved, short_name: $short_name, error_code: $error_code ); } protected function _get_postAdd( string $title = '', string $text = '', ?array $tags = null, string $short_name = '', ?string $error_code = null ) { add_skin_strings_re('/^(err_)?blog_/'); set_title('$blog_write'); static::setWidePage(); render('admin/postForm', title: $title, text: $text, tags: $tags ? implode(', ', $tags) : '', short_name: $short_name, error_code: $error_code); } }