Fork: 0
jryland / Import
Transfer to URL with SHA Find file
Newer
Older
Import / web / internal.subflexion.com / view.php
@John Ryland John Ryland on 22 Dec 2020 5 KB import NUC files
Raw Blame History 
<?php
  $CONFLICT = false;
  function startsWith($haystack, $needle)
  {
     $length = strlen($needle);
     return (substr($haystack, 0, $length) === $needle);
  }
  function authRequired($message)
  {
     header('WWW-Authenticate: Basic realm="My Realm"');
     header('HTTP/1.0 401 Unauthorized');
     echo "Failure.<br>You need to login to be able to edit pages!<br>$message";
     die();
  }
  function logged_exec($command)
  {
     return shell_exec($command);
  }
  if (isset($_GET['page']))
  {
    $SUBTITLE='SubflexionPages';
    $TITLE=$_GET['page'];
  }
  else
  {
    $SUBTITLE='Cloud/Mobile/Desktop';
    $TITLE="Subflexion";
  }
  if ( startsWith($TITLE, 'Admin') == true )
  {
    $hh = @fopen("http://{$_SERVER['PHP_AUTH_USER']}:{$_SERVER['PHP_AUTH_PW']}@{$_SERVER['SERVER_NAME']}/tests/admin/", "r");
    if (!$hh)
    {
      header('WWW-Authenticate: Basic realm="My Realm"');
      header('HTTP/1.0 401 Unauthorized');
      echo 'You need to login to access admin pages';
      exit;
      die();
    }
    fclose($hh);
  }

  $MD_FILE="pages/$TITLE.md";
  if (isset($_POST['content']))
  {
    // TODO: could check credentials - only authorized users can edit?
    // TODO: could make it commit to SVN. Could do the checkin as the user for page history.
    // Perhaps would need to have some kind of conflict resolution. If not careful, it
    // might not even detect the conflict. Perhaps one way to achieve detecting and resolving
    // edit conflicts would be to when delivering the content on which they begin the edit
    // to have a hidden input field set the current revision number which gets submitted with
    // the content of the edit. Then the SVN commit proceeds by syncing to that revision,
    // then applying the changing, and attempting to update and commit which will expose any
    // conflict for resolving in the normal way with SVN, although all of that needs exposing
    // through to the user.

    $credentials = "--username {$_SERVER['PHP_AUTH_USER']} --password {$_SERVER['PHP_AUTH_PW']}";
    if ( "{$_SERVER['PHP_AUTH_USER']}" == "" || "{$_SERVER['PHP_AUTH_PW']}" == "" )
    {
      authRequired("Please enter a valid username and password.");
    }

    file_put_contents("pages/page.tmp", $_POST['content']);
    $output = logged_exec("`pwd`/script.sh {$_SERVER['PHP_AUTH_USER']} {$_SERVER['PHP_AUTH_PW']} \"$MD_FILE\" {$_POST['revision']} pages/page.tmp \"{$_POST['commit_message']}\"");

    if ( shell_exec("echo '$output' | grep \"Committed revision\"") != "" )
    {
      echo "<html><head>";
      echo "<meta http-equiv=\"refresh\" content=\"2;URL=#\" />";
      echo "</head><body>Successful result: <pre>$output</pre></body></html>";
      #header("Location: #&result=Success");
      die();
    }
    if ( shell_exec("echo '$output' | grep \"Summary of conflicts\"") != "" )
    {
      $CONFLICT = true;
    }
    else
    {
      if ( shell_exec("echo '$output' | grep \"Authentication failed\"") != "" )
      {
        logged_exec("svn revert '$MD_FILE'");
        authRequired("Command output: $output.");
      }

      echo "<html><head>";
      echo "</head><body>Failure. Result: <pre>$output</pre></body></html>";
      die();
    }
  }
  echo '<html><head>';
  include('style.php');
  echo '</head><body><div class="content-wrapper">';
  include('navbar.php');
  include('heading.php');
  echo '<div class="container">
          <br>
          <form class="form-inline" method="post">';
  
  if ($CONFLICT == true || isset($_POST['edit']))
  {
  }
  else
  {
    echo "<input type=\"hidden\" name=\"edit\"></input>";
    echo "<input type=\"hidden\" name=\"page\" value=\"$TITLE\"></input>";
    echo "<button type=\"submit\" class=\"btn btn-primary col-sm-1\">Edit</button>";
    echo "<button type=\"submit\" formaction=\"history.php?page=$TITLE\" class=\"btn btn-primary col-sm-1\">History</button>";
    echo "<br>";
    echo "<br>";
    echo "<br>";
  }
/*
  if (isset($_GET['result']))
  {
    echo "<br> Result: '{$_GET['result']}'  <br>";
  }
*/
  $CONTENTS = file_get_contents($MD_FILE);

  if ($CONFLICT == true)
  {
    # Right after we have gotten the contents of the file which will contain the conflict
    # information put in there by SVN, we revert the file immediately for the next person
    # that may request the file (slight race conditions here, but just lazy and not using
    # any locks around this stuff)
    logged_exec("svn revert '$MD_FILE'");
    echo "Unable to commit changes. Someone else made changes to the same file and ";
    echo "your changes conflicted.<p>Please manually resolve the conflicts and re-submit.";
    echo "<p><br>Result from attempted commit: <pre>$output</pre><br>";
  }

  # If there was a conflict put the user back in to editing mode
  if ($CONFLICT == true || isset($_POST['edit']))
  {
    $revision = trim(shell_exec("svn info '$MD_FILE' | grep Revision | cut -d ' ' -f 2"));
    if ($revision == "")
    {
      $revision = -1;
    }
    echo "Editing revision $revision <input type=\"hidden\" name=\"revision\" value=\"$revision\"></input><br>";
    echo "<textarea name=\"content\" data-provide=\"markdown\" rows=\"23\">$CONTENTS</textarea><br>";
    echo "<div class='form-group'><label for='commit_message'>Message: &nbsp; </label><input type=\"text\" name=\"commit_message\" class=\"form-control\" value=\"Enter Commit Message\" size=\"150\" /></div> ";
    echo "<button type=\"submit\" class=\"btn btn-primary\" style='height: 35px;'>Submit</button>";
  }
  else
  {
    echo $PARSEDOWN->text($CONTENTS);
  }
  echo '</form>
    </div> <!-- end of container -->
  </div> <!-- end of content-wrapper -->';
  include('footer.php');
  echo '</body></html>';