2023-08-09 18:11:29 +02:00
|
|
|
<?php
|
2023-08-09 17:57:29 +02:00
|
|
|
|
2023-08-09 20:13:44 +02:00
|
|
|
switch ($_SERVER["REQUEST_METHOD"]) {
|
|
|
|
case "GET":
|
2023-08-11 17:55:30 +02:00
|
|
|
handle_get();
|
2023-08-09 20:13:44 +02:00
|
|
|
break;
|
|
|
|
case "POST":
|
2023-08-11 17:55:30 +02:00
|
|
|
handle_post();
|
2023-08-09 20:13:44 +02:00
|
|
|
break;
|
2023-08-10 19:47:55 +02:00
|
|
|
case "PATCH":
|
2023-08-11 17:55:30 +02:00
|
|
|
handle_patch();
|
|
|
|
break;
|
2023-08-09 20:13:44 +02:00
|
|
|
case "DELETE":
|
2023-08-11 17:55:30 +02:00
|
|
|
handle_delete();
|
2023-08-09 20:13:44 +02:00
|
|
|
break;
|
2023-08-11 19:01:10 +02:00
|
|
|
default:
|
|
|
|
http_response_code(405);
|
|
|
|
echo "Unsupported method";
|
2023-08-09 20:13:44 +02:00
|
|
|
}
|
2023-08-10 19:47:55 +02:00
|
|
|
|
2023-08-11 17:55:30 +02:00
|
|
|
function handle_get(): void {
|
|
|
|
parse_str($_SERVER["QUERY_STRING"], $query);
|
|
|
|
$content = file_get_contents(get_markdown_path($query["id"]));
|
2023-08-11 19:01:10 +02:00
|
|
|
if ($content === false) {
|
2023-08-11 17:55:30 +02:00
|
|
|
http_response_code(404);
|
|
|
|
echo "Not found";
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
echo $content;
|
|
|
|
}
|
|
|
|
|
|
|
|
function handle_post(): void {
|
|
|
|
$content = get_markdown_content();
|
2023-08-11 19:01:10 +02:00
|
|
|
if ($content === null)
|
2023-08-11 17:55:30 +02:00
|
|
|
return;
|
|
|
|
|
|
|
|
try {
|
|
|
|
// generate id and deletion/edit password
|
|
|
|
$id = bin2hex(random_bytes(4));
|
|
|
|
$password = bin2hex(random_bytes(16));
|
|
|
|
} catch (Exception $e) {
|
|
|
|
http_response_code(500);
|
|
|
|
echo $e->getMessage();
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
|
|
|
|
$meta = json_encode([
|
|
|
|
"id" => $id,
|
2023-08-11 19:01:10 +02:00
|
|
|
"password" => $password
|
2023-08-11 17:55:30 +02:00
|
|
|
]);
|
|
|
|
|
|
|
|
// store markdown and metadata in data path
|
|
|
|
file_put_contents(get_markdown_path($id), $content);
|
|
|
|
file_put_contents(get_meta_path($id), $meta);
|
|
|
|
|
|
|
|
echo $meta;
|
|
|
|
}
|
|
|
|
|
|
|
|
function handle_patch(): void {
|
|
|
|
$info = get_patch_delete_info();
|
|
|
|
$content = get_markdown_content();
|
2023-08-11 19:01:10 +02:00
|
|
|
if (!$info || $content === null)
|
2023-08-11 17:55:30 +02:00
|
|
|
return;
|
|
|
|
[$id, $password] = $info;
|
|
|
|
if (!check_password($id, $password))
|
|
|
|
return;
|
|
|
|
|
|
|
|
file_put_contents(get_markdown_path($id), $content);
|
|
|
|
}
|
|
|
|
|
|
|
|
function handle_delete(): void {
|
|
|
|
$info = get_patch_delete_info();
|
|
|
|
if (!$info)
|
|
|
|
return;
|
|
|
|
[$id, $password] = $info;
|
|
|
|
if (!check_password($id, $password))
|
|
|
|
return;
|
|
|
|
|
|
|
|
// delete content and meta
|
|
|
|
unlink(get_markdown_path($id));
|
|
|
|
unlink(get_meta_path($id));
|
|
|
|
}
|
|
|
|
|
|
|
|
function check_password(string $id, string $password): bool {
|
|
|
|
$meta = json_decode(file_get_contents(get_meta_path($id)), true);
|
2023-08-11 19:01:10 +02:00
|
|
|
if ($password != $meta["password"]) {
|
2023-08-11 17:55:30 +02:00
|
|
|
http_response_code(401);
|
|
|
|
echo "Unauthorized";
|
|
|
|
return false;
|
|
|
|
}
|
|
|
|
return true;
|
|
|
|
}
|
|
|
|
|
|
|
|
function get_patch_delete_info(): ?array {
|
|
|
|
parse_str($_SERVER["QUERY_STRING"], $query);
|
|
|
|
$id = $query["id"];
|
|
|
|
$password = $_SERVER["HTTP_PASSWORD"];
|
|
|
|
if (!$id || !$password) {
|
|
|
|
http_response_code(400);
|
|
|
|
echo "No id or password";
|
|
|
|
return null;
|
|
|
|
}
|
|
|
|
return [$id, $password];
|
|
|
|
}
|
|
|
|
|
2023-08-11 19:01:10 +02:00
|
|
|
function get_markdown_content(): ?string {
|
2023-08-11 17:55:30 +02:00
|
|
|
$body = json_decode(file_get_contents("php://input"), true);
|
2023-08-11 19:01:10 +02:00
|
|
|
if (!array_key_exists("content", $body)) {
|
2023-08-11 17:55:30 +02:00
|
|
|
http_response_code(400);
|
|
|
|
echo "No content";
|
2023-08-11 19:01:10 +02:00
|
|
|
return null;
|
2023-08-11 17:55:30 +02:00
|
|
|
}
|
2023-08-11 19:01:10 +02:00
|
|
|
return $body["content"];
|
2023-08-11 17:55:30 +02:00
|
|
|
}
|
|
|
|
|
2023-08-10 19:47:55 +02:00
|
|
|
function get_markdown_path(string $id): string {
|
|
|
|
return get_data_path() . $id . ".md";
|
|
|
|
}
|
|
|
|
|
|
|
|
function get_meta_path(string $id): string {
|
|
|
|
return get_data_path() . $id . ".json";
|
|
|
|
}
|
|
|
|
|
|
|
|
function get_data_path(): string {
|
|
|
|
return dirname(getcwd()) . "/data/";
|
|
|
|
}
|