ObsidianJustSharePlease/server/public/share.php

82 lines
2.2 KiB
PHP
Raw Normal View History

2023-08-09 18:11:29 +02:00
<?php
2023-08-09 17:57:29 +02:00
2023-08-09 20:13:44 +02:00
switch ($_SERVER["REQUEST_METHOD"]) {
case "GET":
2023-08-10 19:47:55 +02:00
parse_str($_SERVER["QUERY_STRING"], $query);
$content = file_get_contents(get_markdown_path($query["id"]));
2023-08-09 20:13:44 +02:00
if (!$content) {
http_response_code(404);
2023-08-10 19:47:55 +02:00
echo "Not found";
2023-08-09 20:13:44 +02:00
break;
}
header("Content-Type: text/plain");
echo $content;
break;
case "POST":
2023-08-10 19:47:55 +02:00
$body = json_decode(file_get_contents("php://input"), true);
2023-08-10 20:03:53 +02:00
$content = $body["content"];
2023-08-10 19:47:55 +02:00
if (!$content) {
http_response_code(400);
echo "No content";
break;
}
try {
// generate id and deletion/edit password
$id = random_int(0, 65535);
$password = random_int(32, PHP_INT_MAX);
} catch (Exception $e) {
http_response_code(500);
echo $e->getMessage();
break;
}
$meta = json_encode([
"id" => $id,
"deletion_password" => $password
]);
// store markdown and metadata in data path
file_put_contents(get_markdown_path($id), $content);
file_put_contents(get_meta_path($id), $meta);
echo $meta;
2023-08-09 20:13:44 +02:00
break;
2023-08-10 19:47:55 +02:00
case "PATCH":
// TODO update using PATCH
2023-08-09 20:13:44 +02:00
case "DELETE":
2023-08-10 20:03:53 +02:00
parse_str($_SERVER["QUERY_STRING"], $query);
$id = $query["id"];
$password = $_SERVER["HTTP_PASSWORD"];
if (!$id || !$password) {
http_response_code(400);
echo "No id or password";
break;
}
// check deletion password match
$meta = json_decode(file_get_contents(get_meta_path($id)), true);
if ($password != $meta["deletion_password"]) {
http_response_code(401);
echo "Unauthorized";
break;
}
// delete content and meta
unlink(get_markdown_path($id));
unlink(get_meta_path($id));
2023-08-09 20:13:44 +02:00
break;
}
2023-08-10 19:47:55 +02:00
function get_markdown_path(string $id): string {
return get_data_path() . $id . ".md";
}
function get_meta_path(string $id): string {
return get_data_path() . $id . ".json";
}
function get_data_path(): string {
return dirname(getcwd()) . "/data/";
}