Optional online post upload

This commit is contained in:
mmk2410 2015-06-14 11:57:25 +02:00
parent 0ae529b163
commit 83b4d26752
5 changed files with 167 additions and 0 deletions

View file

@ -24,4 +24,6 @@ $blogdisqus = 'rangitaki';
$bloganalytics = '';
// Footer - set here the text for your footer (e.g. a copyright info). You can replace the whole text after the '=' with your own one.
$blogfooter = 'Rangitaki ' . date("Y") . ' <a href="https://github.com/mmk2410/Rangitaki" target="blank">github.com/mmk2410/Rangitaki</a>';
// This enables the optional online post upload. Please read the documentation before you enable it.
$post_upload = 'no'
?>

44
upload/genpas/index.php Normal file
View file

@ -0,0 +1,44 @@
<!DOCTYPE html>
<!--
The MIT License
Copyright 2015 mmk.
Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal
in the Software without restriction, including without limitation the rights
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
copies of the Software, and to permit persons to whom the Software is
furnished to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in
all copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
THE SOFTWARE.
-->
<html>
<head>
<meta charset="UTF-8">
<title></title>
</head>
<body>
<?php
if($_POST['passwd'] == ""){
?>
<form action="./" method="post">
<p>Password: <input type="password" name="passwd"/></p>
<input type="submit" value="Get password"/>
</form>
<?php
} else {
echo password_hash($_POST['passwd'], PASSWORD_DEFAULT);
}
?>
</body>
</html>

73
upload/index.php Normal file
View file

@ -0,0 +1,73 @@
<!DOCTYPE html>
<!--
The MIT License
Copyright 2015 mmk.
Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal
in the Software without restriction, including without limitation the rights
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
copies of the Software, and to permit persons to whom the Software is
furnished to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in
all copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
THE SOFTWARE.
-->
<html>
<head>
<meta charset="UTF-8">
<title>Rangitaki Upload</title>
</head>
<body>
<?php
include '../config.php';
if($post_upload == "yes"){
if($_POST['passwd'] == ""){
?>
<form action="./" method="post">
<p>Password: <input type="password" name="passwd"/></p>
<input type="Submit" value="Log in"/>
</form>
<?php
} else {
chmod("passwd.txt", 0644);
$hash = file_get_contents("passwd.txt");
chmod("passwd.txt", 0000);
if(password_verify($_POST['passwd'], $hash)){
?>
<form enctype="multipart/form-data" action="uploaded/" method="POST">
<select name="blog">
<?php
$blogs = scandir("../blogs/");
foreach ($blogs as $blog) {
if(strlen($blog) >= 3 && substr($blog, -3) == ".md"){
$blog = substr($blog, 0, -3);
echo "<option value='$blog'>$blog</option>";
}
}
?>
</select>
<input type="hidden" name="MAX_FILE_SIZE" value="100000" />
<input id="" name="userfile" type="file" value="Choose a file" />
<input id="button" type="submit" value="Upload" />
</form>
<?php
} else {
echo "Wrong password";
}
}
} else {
echo "Post upload is disabled.";
}
?>
</body>
</html>

1
upload/passwd.txt Normal file
View file

@ -0,0 +1 @@
$2y$10$vgN9txL19vvXKAT.ywFy5u0ApyZ3XAgExBtSff53RUJcnwbsNGBAm

47
upload/uploaded/index.php Normal file
View file

@ -0,0 +1,47 @@
<!DOCTYPE html>
<!--
The MIT License
Copyright 2015 mmk.
Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal
in the Software without restriction, including without limitation the rights
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
copies of the Software, and to permit persons to whom the Software is
furnished to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in
all copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
THE SOFTWARE.
-->
<html>
<head>
<meta charset="UTF-8">
<title></title>
</head>
<body>
<?php
if($_FILES['userfile']['name'] == ""){
echo "You have to choose a file!";
} else {
$blog = $_POST['blog'];
$uploaddir = "../..//articles/$blog/";
$uploadfile = $uploaddir . basename($_FILES['userfile']['name']);
if (move_uploaded_file($_FILES['userfile']['tmp_name'], $uploadfile)) {
echo "The post was successfully uploaded and is now published.";
} else {
echo "During the uploading process an error occured! <br> Error Code:" . ($_FILES['userfile']['error']);
}
}
?>
</body>
</html>