diff options
| -rw-r--r-- | lib/utils.php | 20 | ||||
| -rw-r--r-- | public/index.php | 11 | ||||
| -rw-r--r-- | public/upload.php | 10 |
3 files changed, 38 insertions, 3 deletions
diff --git a/lib/utils.php b/lib/utils.php index eb868a2..6b4b29e 100644 --- a/lib/utils.php +++ b/lib/utils.php @@ -40,4 +40,24 @@ function format_timestamp(int $timestamp_secs) } else { return "$days day" . ($days > 1 ? "s" : ""); } +} + +function str_safe(string $s, int|null $max_length, bool $remove_new_lines = true): string +{ + $output = $s; + + if ($remove_new_lines) { + $output = str_replace(PHP_EOL, "", $output); + } + + $output = htmlspecialchars($output); + $output = strip_tags($output); + + if ($max_length) { + $output = substr($output, 0, $max_length); + } + + $output = trim($output); + + return $output; }
\ No newline at end of file diff --git a/public/index.php b/public/index.php index 5640e9d..7c23b88 100644 --- a/public/index.php +++ b/public/index.php @@ -287,7 +287,14 @@ $privacy_exists = is_file($_SERVER['DOCUMENT_ROOT'] . '/static/PRIVACY.txt'); <textarea name="paste" placeholder="Enter your text here..."></textarea> </div> - <table class="vertical" id="form-upload-options"> + <table class="vertical left" id="form-upload-options"> + <tr> + <th>Title:</th> + <td> + <input type="text" name="title" placeholder="Leave empty if you want a random title" + maxlength="<?= FILE_TITLE_MAX_LENGTH ?>"> + </td> + </tr> <tr> <th>Preserve original filename:</th> <td><input type="checkbox" name="preserve_original_name" value="1"></td> @@ -356,7 +363,7 @@ $privacy_exists = is_file($_SERVER['DOCUMENT_ROOT'] . '/static/PRIVACY.txt'); const textArea = document.querySelector('#form-text-upload>textarea'); textArea.addEventListener('keyup', () => { - setFormDetailsVisiblity(fileURL.value.length > 0); + setFormDetailsVisiblity(textArea.value.length > 0); }); const formSubmitButton = document.querySelector('#form-upload button[type=submit]'); diff --git a/public/upload.php b/public/upload.php index 6bff34f..a0810ef 100644 --- a/public/upload.php +++ b/public/upload.php @@ -27,6 +27,10 @@ if (!is_dir(FILE_UPLOAD_DIRECTORY) && !mkdir(FILE_UPLOAD_DIRECTORY, 0777, true)) try { $preserve_original_name = boolval($_POST['preserve_original_name'] ?? '0'); + $title = str_safe($_POST['title'] ?? '', FILE_TITLE_MAX_LENGTH); + if (empty(trim($title))) { + $title = null; + } $url = isset($_POST['url']) ? $_POST['url'] ?: null : null; $file = isset($_FILES['file']) ? $_FILES['file'] ?: null : null; @@ -209,7 +213,11 @@ try { $file_data['views'] = 0; $file_data['uploaded_at'] = time(); - if ($preserve_original_name) { + if ($title) { + $file_data['original_name'] = $title; + } + + if ($preserve_original_name && !$title) { if ($file && !empty($file['name'])) { $file_data['original_name'] = $file['name']; } else if ($url) { |