diff options
Diffstat (limited to 'blog/post.php')
| -rw-r--r-- | blog/post.php | 78 |
1 files changed, 78 insertions, 0 deletions
diff --git a/blog/post.php b/blog/post.php new file mode 100644 index 0000000..90dc9ee --- /dev/null +++ b/blog/post.php @@ -0,0 +1,78 @@ +<?php +include_once $_SERVER['DOCUMENT_ROOT'] . '/lib/time.php'; + +function str_safe(string $s, int|null $max_length, bool $remove_new_lines = true): string +{ + $output = $s; + + if ($remove_new_lines) { + $output = str_replace(PHP_EOL, "", $output); + } + + $output = htmlspecialchars($output); + $output = strip_tags($output); + + if ($max_length) { + $output = substr($output, 0, $max_length); + } + + $output = trim($output); + + return $output; +} + +if ($_SERVER['REQUEST_METHOD'] == 'POST') { + $title = basename(str_safe($_POST['title'], 500, true) ?: null); + $contents = $_POST['contents'] ?: null; + $path = "{$_SERVER['DOCUMENT_ROOT']}/postsources"; + + if (!is_dir($path) && !mkdir($path, 0777, true)) { + http_response_code(500); + exit("Failed to create a directory for blog posts!"); + } + + if (!file_put_contents("$path/$title.txt", $contents)) { + http_response_code(500); + exit("Failed to save the blog post!"); + } + + header("Location: /blog/" . urlencode($title)); + exit; +} +?> +<!DOCTYPE html> +<html> + +<head> + <title>new post - ilt.su</title> + <meta name="description" content="my blog."> + <meta http-equiv="Content-Type" content="text/html;charset=UTF-8"> + <link rel="stylesheet" href="/static/style.css"> + <link rel="shortcut icon" href="favicon.ico" type="image/x-icon"> + <meta name="robots" content="noindex, nofollow"> +</head> + +<body> + <main> + <p><a href="/">ilt.su</a> - <a href="/blog/">blog</a></p> + <h1>post a new status</h1> + <form action="/blog/post.php" method="post"> + <table> + <tr> + <th>title:</th> + <td><input type="text" name="title" required></td> + </tr> + <tr> + <th>contents:</th> + <td><textarea name="contents" placeholder="Can be empty"></textarea></td> + </tr> + <tr> + <th></th> + <td><button type="submit">post</button></td> + </tr> + </table> + </form> + </main> +</body> + +</html>
\ No newline at end of file |