-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathphpnotes.php
More file actions
120 lines (111 loc) · 2.64 KB
/
phpnotes.php
File metadata and controls
120 lines (111 loc) · 2.64 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
<?php
/****************************************************************
Coded by Marcel Pewny
https://github.com/MPewny
DON'T HOST ONLINE!!!
This is for localhost usage only
otherwise Your server can be hacked (shell injection)
READ README.txt BEFORE USING THIS SCRIPT!
****************************************************************/
$allow_doctype [
"txt",
# "md",
# "html"
];
function get_gui($gui){
if(isset($gui)){
if($gui == ""){
return true;
}elseif($gui == true || $gui == "on" || $gui == "yes"){
return true;
}elseif($gui == false || $gui == "off" || $gui == 0){
return false;
}else{
return false;
}
}
function check_gui(){
if(get_gui($_GET['gui'])){
return true;
}elseif(get_gui($_GET['g'])){
return true;
}elseif(get_gui($_GET['interface'])){
return true;
}
}
function title(){
$number = random_bytes(256);
$number = bin2hex($number);
$title= "phpnote".$number;
return $title;
}
//check gui - START
if(isset($_GET['gui']) || isset($_GET['g']) || isset($_GET['interface'])){
$gui = check_gui();
}else{
$gui = false;
}
//check gui - END
//no gui get data- START
if(!$gui){
if(isset($_GET['t'])){
$title = $_GET['t'];
if($title == "title" || $title == "" || $title == "phpnote"){
$title = title();
}
}else{
$title = title();
}
if(isset($_GET['type']) && in_array($_GET['type'],$allow_doctype)){
$doctype = $_GET['type'];
}else{
$doctype = "txt";
}
if(isset($_GET['x'])){
$content = $_GET['x'];
}else{
echo "<script>alert('error: no document content');</script>";
}
}
//no gui get data - END
//gui get data - START
if($gui){
if(isset($_POST['formsent'])){
echo "<script>alert('OK');</script>";
if(isset($_POST['t']) && !empty($_POST['t'])){
$title = $_POST['t'];
if($title == "title" ){
$title = title();
}
}else{
echo "<script>alert('error: no document title');</script>";
}
if(isset($_POST['type']) && !empty($_POST['type'])){
$doctype = $_POST['type'];
}else{
$doctype = "txt";
}
if(isset($_POST['x']) && !empty($_POST['x'])){
$content = $_POST['x'];
}else{
echo "<script>alert('error: no document content');</script>";
}
}
}
//gui get data END
// create file - START
if(isset($title) && isset($doctype) && isset($content)){
$file = fopen("notes/".$title.".".$doctype,"w");
fwrite($file,$content);
fclose($file);
echo "<script>alert('file ".$title.".".$doctype." has been created succesfully!');</script>";
}else{
echo "<script>alert('file has not been created!');</script>";
}
// create file - END
// User Grafic Interface - START
if($gui){
require_once('interface.html')
}
//User Grafic Interface - END
?>