Upload 2 files
Browse files- save.php +54 -13
- storage.php +7 -1
save.php
CHANGED
|
@@ -78,12 +78,24 @@ function sanitizeFileName($file, $allowedExtension = 'html') {
|
|
| 78 |
//sanitize, remove double dot .. and remove get parameters if any
|
| 79 |
$file = preg_replace('@\?.*$@' , '', preg_replace('@\.{2,}@' , '', preg_replace('@[^\/\\a-zA-Z0-9\-\._]@', '', $file)));
|
| 80 |
|
| 81 |
-
if (
|
| 82 |
-
$file = __DIR__ . DIRECTORY_SEPARATOR . $file;
|
| 83 |
-
} else {
|
| 84 |
return '';
|
| 85 |
}
|
| 86 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 87 |
//allow only .html extension
|
| 88 |
if ($allowedExtension) {
|
| 89 |
$file = preg_replace('/\.[^.]+$/', '', $file) . ".$allowedExtension";
|
|
@@ -180,20 +192,49 @@ if ($action) {
|
|
| 180 |
case 'loadFile':
|
| 181 |
// Load a specific file for current user
|
| 182 |
$filename = sanitizeFileName($_GET['file'] ?? '');
|
|
|
|
|
|
|
|
|
|
| 183 |
if ($filename) {
|
| 184 |
-
|
| 185 |
-
|
| 186 |
-
|
| 187 |
-
|
| 188 |
-
|
| 189 |
-
'
|
| 190 |
-
|
| 191 |
-
|
| 192 |
-
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 193 |
header('Content-Type: application/json');
|
| 194 |
echo json_encode([
|
| 195 |
'success' => false,
|
| 196 |
-
'message' => '
|
|
|
|
| 197 |
]);
|
| 198 |
}
|
| 199 |
} else {
|
|
|
|
| 78 |
//sanitize, remove double dot .. and remove get parameters if any
|
| 79 |
$file = preg_replace('@\?.*$@' , '', preg_replace('@\.{2,}@' , '', preg_replace('@[^\/\\a-zA-Z0-9\-\._]@', '', $file)));
|
| 80 |
|
| 81 |
+
if (!$file) {
|
|
|
|
|
|
|
| 82 |
return '';
|
| 83 |
}
|
| 84 |
|
| 85 |
+
// For loadFile action, return the sanitized filename as-is for storage manager
|
| 86 |
+
// Only add __DIR__ for local file operations
|
| 87 |
+
$action = $_GET['action'] ?? $_POST['action'] ?? '';
|
| 88 |
+
if ($action === 'loadFile' || $action === 'listFiles') {
|
| 89 |
+
// For external storage operations, just sanitize and add extension
|
| 90 |
+
if ($allowedExtension) {
|
| 91 |
+
$file = preg_replace('/\.[^.]+$/', '', $file) . ".$allowedExtension";
|
| 92 |
+
}
|
| 93 |
+
return $file;
|
| 94 |
+
}
|
| 95 |
+
|
| 96 |
+
// For local file operations, add the full path
|
| 97 |
+
$file = __DIR__ . DIRECTORY_SEPARATOR . $file;
|
| 98 |
+
|
| 99 |
//allow only .html extension
|
| 100 |
if ($allowedExtension) {
|
| 101 |
$file = preg_replace('/\.[^.]+$/', '', $file) . ".$allowedExtension";
|
|
|
|
| 192 |
case 'loadFile':
|
| 193 |
// Load a specific file for current user
|
| 194 |
$filename = sanitizeFileName($_GET['file'] ?? '');
|
| 195 |
+
error_log("VvvebJs LoadFile Debug - Original filename: " . ($_GET['file'] ?? ''));
|
| 196 |
+
error_log("VvvebJs LoadFile Debug - Sanitized filename: " . $filename);
|
| 197 |
+
|
| 198 |
if ($filename) {
|
| 199 |
+
try {
|
| 200 |
+
$content = $storageManager->getFile($filename);
|
| 201 |
+
error_log("VvvebJs LoadFile Debug - Content length: " . ($content !== false ? strlen($content) : 'false'));
|
| 202 |
+
|
| 203 |
+
if ($content !== false) {
|
| 204 |
+
header('Content-Type: application/json');
|
| 205 |
+
echo json_encode([
|
| 206 |
+
'success' => true,
|
| 207 |
+
'content' => $content,
|
| 208 |
+
'filename' => $filename
|
| 209 |
+
]);
|
| 210 |
+
} else {
|
| 211 |
+
// Enhanced error information
|
| 212 |
+
$github = StorageConfig::getGitHubConfig();
|
| 213 |
+
$debugInfo = [
|
| 214 |
+
'filename' => $filename,
|
| 215 |
+
'user' => $storageManager->getCurrentUser(),
|
| 216 |
+
'userPath' => $storageManager->getUserPath(),
|
| 217 |
+
'fullPath' => $github['path'] . $storageManager->getUserPath() . $filename,
|
| 218 |
+
'hasToken' => !empty($github['token']),
|
| 219 |
+
'repo' => $github['owner'] . '/' . $github['repo']
|
| 220 |
+
];
|
| 221 |
+
|
| 222 |
+
error_log("VvvebJs LoadFile Error - Debug info: " . json_encode($debugInfo));
|
| 223 |
+
|
| 224 |
+
header('Content-Type: application/json');
|
| 225 |
+
echo json_encode([
|
| 226 |
+
'success' => false,
|
| 227 |
+
'message' => 'File not found or access denied',
|
| 228 |
+
'debug' => $debugInfo
|
| 229 |
+
]);
|
| 230 |
+
}
|
| 231 |
+
} catch (Exception $e) {
|
| 232 |
+
error_log("VvvebJs LoadFile Exception: " . $e->getMessage());
|
| 233 |
header('Content-Type: application/json');
|
| 234 |
echo json_encode([
|
| 235 |
'success' => false,
|
| 236 |
+
'message' => 'Error loading file: ' . $e->getMessage(),
|
| 237 |
+
'filename' => $filename
|
| 238 |
]);
|
| 239 |
}
|
| 240 |
} else {
|
storage.php
CHANGED
|
@@ -300,6 +300,8 @@ class GitHubStorage {
|
|
| 300 |
$userDir = $this->config['path'] . $this->userPath;
|
| 301 |
$url = "https://api.github.com/repos/{$this->config['owner']}/{$this->config['repo']}/contents/{$userDir}";
|
| 302 |
|
|
|
|
|
|
|
| 303 |
$result = $this->makeRequest($url, 'GET');
|
| 304 |
if ($result && is_array($result)) {
|
| 305 |
$files = [];
|
|
@@ -316,9 +318,13 @@ class GitHubStorage {
|
|
| 316 |
];
|
| 317 |
}
|
| 318 |
}
|
|
|
|
| 319 |
return $files;
|
|
|
|
|
|
|
|
|
|
|
|
|
| 320 |
}
|
| 321 |
-
return [];
|
| 322 |
}
|
| 323 |
|
| 324 |
public function delete($filename) {
|
|
|
|
| 300 |
$userDir = $this->config['path'] . $this->userPath;
|
| 301 |
$url = "https://api.github.com/repos/{$this->config['owner']}/{$this->config['repo']}/contents/{$userDir}";
|
| 302 |
|
| 303 |
+
error_log("GitHub listUserFiles: Requesting $url");
|
| 304 |
+
|
| 305 |
$result = $this->makeRequest($url, 'GET');
|
| 306 |
if ($result && is_array($result)) {
|
| 307 |
$files = [];
|
|
|
|
| 318 |
];
|
| 319 |
}
|
| 320 |
}
|
| 321 |
+
error_log("GitHub listUserFiles: Found " . count($files) . " files");
|
| 322 |
return $files;
|
| 323 |
+
} else {
|
| 324 |
+
error_log("GitHub listUserFiles: No files found or directory doesn't exist");
|
| 325 |
+
// If directory doesn't exist, return empty array instead of error
|
| 326 |
+
return [];
|
| 327 |
}
|
|
|
|
| 328 |
}
|
| 329 |
|
| 330 |
public function delete($filename) {
|