forked from eahlys/EdPaste
-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathEditPasteController.php
124 lines (108 loc) · 3.63 KB
/
EditPasteController.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
<?php
namespace App\Http\Controllers;
use Illuminate\Http\Request;
use App\Http\Requests;
use App\Paste;
use Auth;
use App\User;
use \Input;
use \Hash;
use Session;
use Cookie;
use DB;
use \Carbon;
class EditPasteController extends Controller
{
public function index($link, Request $request){
$paste = Paste::where('link', $link)->firstOrFail();
// Est-ce que l'utilisateur connecté est celui qui a écrit la paste ?
if (!User::is_owner($paste) || $paste->userId == 0) {
return abort('403');
}
// Renvoi de la view
return view('paste/edit', [
'username' => ($paste->userId != 0) ? $paste->user->name : 'Guest',
'link' => $link,
'title' => ($paste->title != 'Untitled') ? $paste->title : '',
'content' => $paste->content,
'expiration' => $paste->expiration,
'privacy' => $paste->privacy,
'date' => $paste->created_at->format('Y-m-d'),
'fulldate' => $paste->created_at->format('Y-m-d H:i:s'),
'syntaxHl' => $paste->syntaxHl,
]);
}
public function edit($link, Requests\EditPaste $request){
$paste = Paste::where('link', $link)->firstOrFail();
// Est-ce que l'utilisateur connecté est celui qui a écrit la paste ?
if (!User::is_owner($paste) || $paste->userId == 0) {
return abort('403');
}
$title = (empty(trim(Input::get('pasteTitle')))) ? __('edpaste.paste.untitled') : Input::get('pasteTitle');
$expiration = Input::get('expire');
$privacy = Input::get('privacy');
// Ici on vérifie que l'user a pas foutu le bronx dans les dropdown list
$possibleValuesPrivacy = array("link", "internal", "password", "private");
if (in_array($privacy, $possibleValuesPrivacy) == false) return view('paste/edit');
// Si l'user a choisi password-protected, on hash son pass, sinon on met 'disabled' dans la variable
if ($privacy == 'password') $password = bcrypt(Input::get('pastePassword'));
else $password = 'disabled';
$burnAfter = 0;
// Ici on génère le timestamp d'expiration
switch ($expiration) {
case 'never':
$timestampExp = 0;
break;
case 'burn':
$timestampExp = date('Y-m-d H:i:s', time());
$burnAfter = 1;
break;
case '10m':
$timestampExp = date('Y-m-d H:i:s', time()+600);
break;
case '1h':
$timestampExp = date('Y-m-d H:i:s', time()+3600);
break;
case '1d':
$timestampExp = date('Y-m-d H:i:s', time()+86400);
break;
case '1w':
$timestampExp = date('Y-m-d H:i:s', time()+604800);
break;
case '1m':
$timestampExp = date('Y-m-d H:i:s', time()+2678400);
break;
case '3m':
$timestampExp = date('Y-m-d H:i:s', time()+8035200);
break;
default:
die("User input error.");
break;
}
$paste->title = $title;
$paste->content = Input::get('pasteContent');
$paste->expiration = $timestampExp;
$paste->privacy = $privacy;
$paste->password = $password;
$paste->syntaxHl = Input::has('syntaxHl');
$paste->burnAfter = $burnAfter;
$paste->save();
return redirect('/'.$link);
}
public function password($link, Request $request){
$paste = Paste::where('link', $link)->firstOrFail();
$messages = array(
'pastePassword.required' => __('edpaste.validation.error.password'),
);
$this->validate($request, [
'pastePassword' => 'required',
], $messages);
if (Hash::check(Input::get('pastePassword'), $paste->password)) {
Cookie::queue($paste->link, Input::get('pastePassword'), 15);
return redirect('/'.$link);
}
else {
return view('paste/password', ['link' => $paste->link, 'wrongPassword' => true]);
}
}
}