Update filesave.php
This commit is contained in:
FusionPBX
GitHub
parent
879de8240c
commit
56754d047e
|
|
@ -17,56 +17,69 @@
|
|||
|
||||
The Initial Developer of the Original Code is
|
||||
Mark J Crane <markjcrane@fusionpbx.com>
|
||||
Portions created by the Initial Developer are Copyright (C) 2008-2012
|
||||
Portions created by the Initial Developer are Copyright (C) 2008-2019
|
||||
the Initial Developer. All Rights Reserved.
|
||||
|
||||
Contributor(s):
|
||||
Mark J Crane <markjcrane@fusionpbx.com>
|
||||
James Rose <james.o.rose@gmail.com>
|
||||
*/
|
||||
include "root.php";
|
||||
require_once "resources/require.php";
|
||||
require_once "resources/check_auth.php";
|
||||
if (permission_exists('script_editor_save')) {
|
||||
//access granted
|
||||
}
|
||||
else {
|
||||
echo "access denied";
|
||||
exit;
|
||||
}
|
||||
|
||||
//includes
|
||||
include "root.php";
|
||||
require_once "resources/require.php";
|
||||
require_once "resources/check_auth.php";
|
||||
|
||||
//check permissions
|
||||
if (permission_exists('script_editor_save')) {
|
||||
//access granted
|
||||
}
|
||||
else {
|
||||
echo "access denied";
|
||||
exit;
|
||||
}
|
||||
|
||||
//add multi-lingual support
|
||||
$language = new text;
|
||||
$text = $language->get();
|
||||
|
||||
$filepath = $_POST["filepath"];
|
||||
if ($filepath != '') {
|
||||
//compare the tokens
|
||||
$key_name = '/app/edit/'.$_POST['mode'];
|
||||
$hash = hash_hmac('sha256', $key_name, $_SESSION['keys'][$key_name]);
|
||||
if (!hash_equals($hash, $_POST['token'])) {
|
||||
echo "access denied";
|
||||
exit;
|
||||
}
|
||||
|
||||
//run the code if file path exists
|
||||
$file_path = $_POST["filepath"];
|
||||
if ($file_path != '') {
|
||||
|
||||
try {
|
||||
//save file content
|
||||
$filepath = realpath($filepath); //filepath
|
||||
$filepath = str_replace ('//', '/', $filepath);
|
||||
$filepath = str_replace ("\\", "/", $filepath);
|
||||
$content = $_POST["content"];
|
||||
|
||||
$handle = fopen($filepath, 'wb');
|
||||
if (!$handle) {
|
||||
throw new Exception('Write Failed - Check File Owner & Permissions');
|
||||
$file_path = realpath($file_path);
|
||||
$file_path = str_replace ('//', '/', $file_path);
|
||||
$file_path = str_replace ("\\", "/", $file_path);
|
||||
if (file_exists($file_path)) {
|
||||
$handle = fopen($file_path, 'wb');
|
||||
if (!$handle) {
|
||||
throw new Exception('Write Failed - Check File Owner & Permissions');
|
||||
}
|
||||
fwrite($handle, $_POST["content"]);
|
||||
fclose($handle);
|
||||
}
|
||||
fwrite($handle, $content);
|
||||
fclose($handle);
|
||||
|
||||
//set the reload_xml value to true
|
||||
$_SESSION["reload_xml"] = true;
|
||||
|
||||
//alert user of success
|
||||
echo "<script>alert('Changes Saved'); parent.focus_editor();</script>";
|
||||
echo "Changes Saved";
|
||||
}
|
||||
catch(Exception $e) {
|
||||
//alert error
|
||||
echo "<script>alert('".$e->getMessage()."'); parent.focus_editor();</script>";
|
||||
//alert error
|
||||
echo $e->getMessage();
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
?>
|
||||
?>
|
||||
|
|
|
|||
Loading…
Reference in New Issue