-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathdrop.php
executable file
·85 lines (77 loc) · 2.49 KB
/
drop.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
<?php
require_once 'connection.php';
if(!empty($_POST['title']) && !empty($_POST['text']) && !empty($_POST['language']) ) {
$title = mysql_real_escape_string($_POST['title']);
$text = mysql_real_escape_string($_POST['text']);
$language = mysql_real_escape_string($_POST['language']);
//$post_as = $_POST['psot'];
$type = $_POST['type'];
if(isset($_POST['editable'])) $editable = 1;
else $editable = 0;
if(isset($_POST['private'])) $private = 1;
else $private = 0;
if (getenv("HTTP_X_FORWARDED_FOR")) $ip = getenv("HTTP_X_FORWARDED_FOR");
else $ip = getenv("REMOTE_ADDR");
if(isset($_POST['drop_id'])) {
$id = mysql_real_escape_string($_POST['drop_id']);
$drop_result = mysql_query('UPDATE `drops` SET `summary` = \''. $title .'\', `date` = NOW(), `text` = \''. $text .'\', `ip` = \''. $ip .'\', `lang` = \''. $language .'\' WHERE `id` = '. $id .' LIMIT 1;');
if(!(isset($_POST['drop_passkey']))) {
die(header("Location: /".$id));
} else {
die(header("Location: /".$id."?pkey=".$_POST['drop_passkey']));
}
}
// This grabs the ip, and sets variable to $ip
function generatePasskey ()
{
$length = 24;
$password = "";
$possible = "0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ";
$i = 0;
while ($i < $length) {
$char = substr($possible, mt_rand(0, strlen($possible)-1), 1);
if (!strstr($password, $char)) {
$password .= $char;
$i++;
}
}
return $password;
}
$passkey = generatePasskey();
if($private == 1) $passkey = "'" . $passkey . "'";
else $passkey = "NULL";
// This opens up db to submit to
$result = mysql_query("INSERT INTO drops (
summary ,
date ,
text ,
ip ,
lang ,
editable ,
private ,
passkey
)
VALUES (
'$title', NOW(), '$text', '$ip', '$language', '$editable', '$private', $passkey )") or $error_a = mysql_error();
$id = mysql_insert_id();
$passkey = substr($passkey, 0, -1);
$passkey = substr($passkey, 1);
?>
<div id="success">
<p>Your text was successfully dropped. View it here: <a href="/<?php echo $id;?><?php if(isset($_POST['private'])) {?>?pkey=<?php echo $passkey; }?>">#<?php echo $id;?></a></p>
</div>
<?php
} else {
?>
<div class="error" id="error">
<p>There was an error in dropping your text. Please see the highlighted boxes below.</p>
<p id="error_what" style="display:none;">
<?php
if(empty($_POST['title'])) echo "title+";
if(empty($_POST['text'])) echo "text+";
if(empty($_POST['language'])) echo "highlight+";
?>
</p></div>
<?php
}
?>