index.php aktualisiert
This commit is contained in:
parent
9d6e7ed05e
commit
bb3f1e3ece
19
index.php
19
index.php
|
|
@ -124,20 +124,14 @@ if ($current_user && isset($_POST['content'])) {
|
||||||
$action = 'new_post';
|
$action = 'new_post';
|
||||||
$replying_to = null;
|
$replying_to = null;
|
||||||
}
|
}
|
||||||
|
|
||||||
// Rate limit check
|
|
||||||
if (!checkRateLimit($current_user, $action, 5, 60)) {
|
if (!checkRateLimit($current_user, $action, 5, 60)) {
|
||||||
echo '<script>alert("An error occurred");</script>';
|
echo '<script>alert("An error occurred");</script>';
|
||||||
die('Please wait before you do that action again.');
|
die('Please wait before you do that action again.');
|
||||||
}
|
}
|
||||||
|
|
||||||
// Function to validate user input
|
|
||||||
function containsOnlyValidCharacters($string) {
|
function containsOnlyValidCharacters($string) {
|
||||||
// Check if the string contains only regular readable characters
|
|
||||||
return preg_match('/^[\p{L}\p{N}\p{P}\p{S}\p{Zs}\p{M}]*$/u', $string);
|
return preg_match('/^[\p{L}\p{N}\p{P}\p{S}\p{Zs}\p{M}]*$/u', $string);
|
||||||
}
|
}
|
||||||
|
|
||||||
// Validate user and replying_to ID
|
|
||||||
function isValidUsername($username, $accounts) {
|
function isValidUsername($username, $accounts) {
|
||||||
return isset($accounts[$username]);
|
return isset($accounts[$username]);
|
||||||
}
|
}
|
||||||
|
|
@ -148,17 +142,14 @@ if ($current_user && isset($_POST['content'])) {
|
||||||
|
|
||||||
$content = substr($_POST['content'], 0, 280);
|
$content = substr($_POST['content'], 0, 280);
|
||||||
|
|
||||||
// Validate username
|
|
||||||
if (!isValidUsername($current_user, $accounts)) {
|
if (!isValidUsername($current_user, $accounts)) {
|
||||||
die('Error: Invalid user.');
|
die('Error: Invalid user.');
|
||||||
}
|
}
|
||||||
|
|
||||||
// Validate the replying_to ID if it's a reply
|
|
||||||
if ($is_reply && !isValidPostID($replying_to, $posts)) {
|
if ($is_reply && !isValidPostID($replying_to, $posts)) {
|
||||||
die('Error: Invalid post ID for reply.');
|
die('Error: Invalid post ID for reply.');
|
||||||
}
|
}
|
||||||
|
|
||||||
// Validate content
|
|
||||||
if (containsOnlyValidCharacters($content)) {
|
if (containsOnlyValidCharacters($content)) {
|
||||||
$new_post = [
|
$new_post = [
|
||||||
'id' => uniqid(),
|
'id' => uniqid(),
|
||||||
|
|
@ -173,21 +164,17 @@ if ($current_user && isset($_POST['content'])) {
|
||||||
'image_url' => isset($_POST['image_url']) && preg_match('/\.(jpg|jpeg|png|gif|bmp)$/i', $_POST['image_url']) ? $_POST['image_url'] : null
|
'image_url' => isset($_POST['image_url']) && preg_match('/\.(jpg|jpeg|png|gif|bmp)$/i', $_POST['image_url']) ? $_POST['image_url'] : null
|
||||||
];
|
];
|
||||||
|
|
||||||
// Add post to posts list
|
|
||||||
$posts[$new_post['id']] = $new_post;
|
$posts[$new_post['id']] = $new_post;
|
||||||
|
|
||||||
// If it's a reply, add the reply ID to the original post
|
|
||||||
if ($is_reply) {
|
if ($is_reply) {
|
||||||
$posts[$replying_to]['replies'][] = $new_post['id'];
|
$posts[$replying_to]['replies'][] = $new_post['id'];
|
||||||
}
|
}
|
||||||
|
|
||||||
// Save posts to file
|
|
||||||
file_put_contents($posts_file, json_encode($posts));
|
file_put_contents($posts_file, json_encode($posts));
|
||||||
|
|
||||||
header('Location: /');
|
header('Location: /');
|
||||||
exit;
|
exit;
|
||||||
} else {
|
} else {
|
||||||
// Handle error for invalid characters
|
|
||||||
echo "Error: Your post contains invalid characters. Please re-create your post with valid characters!";
|
echo "Error: Your post contains invalid characters. Please re-create your post with valid characters!";
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
@ -201,22 +188,18 @@ if ($current_user && isset($_GET['delete'])) {
|
||||||
|
|
||||||
$post_id = $_GET['delete'];
|
$post_id = $_GET['delete'];
|
||||||
|
|
||||||
// Recursive function to delete a post and its replies
|
|
||||||
function deletePostAndReplies($post_id, &$posts) {
|
function deletePostAndReplies($post_id, &$posts) {
|
||||||
// If the post has replies, delete them first
|
|
||||||
if (isset($posts[$post_id]['replies']) && !empty($posts[$post_id]['replies'])) {
|
if (isset($posts[$post_id]['replies']) && !empty($posts[$post_id]['replies'])) {
|
||||||
foreach ($posts[$post_id]['replies'] as $reply_id) {
|
foreach ($posts[$post_id]['replies'] as $reply_id) {
|
||||||
deletePostAndReplies($reply_id, $posts); // Recursive call
|
deletePostAndReplies($reply_id, $posts);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
// If the post is a reply, remove it from the parent's replies array
|
|
||||||
if ($posts[$post_id]['replying_to']) {
|
if ($posts[$post_id]['replying_to']) {
|
||||||
$parent_id = $posts[$post_id]['replying_to'];
|
$parent_id = $posts[$post_id]['replying_to'];
|
||||||
$posts[$parent_id]['replies'] = array_diff($posts[$parent_id]['replies'], [$post_id]);
|
$posts[$parent_id]['replies'] = array_diff($posts[$parent_id]['replies'], [$post_id]);
|
||||||
}
|
}
|
||||||
|
|
||||||
// Finally, delete the post itself
|
|
||||||
unset($posts[$post_id]);
|
unset($posts[$post_id]);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue
Block a user