From 0b7c94775207f136ab81b1cf3bedfa2139d0373b Mon Sep 17 00:00:00 2001 From: exhnozoaa Date: Fri, 19 Jul 2013 01:24:07 -0400 Subject: [PATCH 1/2] Update pico_editor.php do_open(), do_save(), and do_delete() now support subdirectories and index.md files. Instead of using basename() on the URL, we are now using parse_url(). Currently, Pico does not support files with the same names as directories. This plugin will use the correct version based on a trailing slash being used for directories and no trailing slash being used for files. However, this will not fix that the directory will override the file on the Pico front end. --- pico_editor.php | 40 +++++++++++++++++++++++++++++----------- 1 file changed, 29 insertions(+), 11 deletions(-) diff --git a/pico_editor.php b/pico_editor.php index 01f1f2b..e2ab340 100644 --- a/pico_editor.php +++ b/pico_editor.php @@ -111,25 +111,37 @@ private function do_open() { if(!isset($_SESSION['pico_logged_in']) || !$_SESSION['pico_logged_in']) die(json_encode(array('error' => 'Error: Unathorized'))); $file_url = isset($_POST['file']) && $_POST['file'] ? $_POST['file'] : ''; - $file = basename(strip_tags($file_url)); - if(!$file) die('Error: Invalid file'); - $file .= CONTENT_EXT; - if(file_exists(CONTENT_DIR . $file)) die(file_get_contents(CONTENT_DIR . $file)); + $parse_file_url = parse_url($file_url); + $file = $parse_file_url['path']; // Get path from $file_url + if(!$file) die('Error: Invalid file'); + + $file = CONTENT_DIR . $file; // Get file system path + if(file_exists($file . CONTENT_EXT)) $file = $file . CONTENT_EXT; // Make sure samename/ doesn't override samename.md + else if (is_dir($file) && file_exists($file . '/index' . CONTENT_EXT)) $file = $file . '/index' . CONTENT_EXT; else die('Error: Invalid file'); + + die(file_get_contents($file)); } private function do_save() { if(!isset($_SESSION['pico_logged_in']) || !$_SESSION['pico_logged_in']) die(json_encode(array('error' => 'Error: Unathorized'))); $file_url = isset($_POST['file']) && $_POST['file'] ? $_POST['file'] : ''; - $file = basename(strip_tags($file_url)); + + $parse_file_url = parse_url($file_url); + $file = $parse_file_url['path']; // Get path from $file_url if(!$file) die('Error: Invalid file'); + $content = isset($_POST['content']) && $_POST['content'] ? $_POST['content'] : ''; if(!$content) die('Error: Invalid content'); - $file .= CONTENT_EXT; - file_put_contents(CONTENT_DIR . $file, $content); + $file = CONTENT_DIR . $file; // Get file system path + if(file_exists($file . CONTENT_EXT)) $file = $file . CONTENT_EXT; // Make sure samename/ doesn't override samename.md + else if (is_dir($file) && file_exists($file . '/index' . CONTENT_EXT)) $file = $file . '/index' . CONTENT_EXT; + else die('Error: Invalid file'); + + file_put_contents($file, $content); die($content); } @@ -137,11 +149,17 @@ private function do_delete() { if(!isset($_SESSION['pico_logged_in']) || !$_SESSION['pico_logged_in']) die(json_encode(array('error' => 'Error: Unathorized'))); $file_url = isset($_POST['file']) && $_POST['file'] ? $_POST['file'] : ''; - $file = basename(strip_tags($file_url)); + + $parse_file_url = parse_url($file_url); + $file = $parse_file_url['path']; // Get path from $file_url if(!$file) die('Error: Invalid file'); - $file .= CONTENT_EXT; - if(file_exists(CONTENT_DIR . $file)) die(unlink(CONTENT_DIR . $file)); + $file = CONTENT_DIR . $file; // Get file system path + if(file_exists($file . CONTENT_EXT)) $file = $file . CONTENT_EXT; // Make sure samename/ doesn't override samename.md + else if (is_dir($file) && file_exists($file . '/index' . CONTENT_EXT)) $file = $file . '/index' . CONTENT_EXT; + else die('Error: Invalid file'); + + die(unlink($file)); } private function slugify($text) @@ -171,4 +189,4 @@ private function slugify($text) } -?> \ No newline at end of file +?> From f63dbd8bb080e57803a44a8ac3cfe3891acd4276 Mon Sep 17 00:00:00 2001 From: exhnozoaa Date: Fri, 19 Jul 2013 01:25:31 -0400 Subject: [PATCH 2/2] Update pico_editor.php