Skip to content

Instantly share code, notes, and snippets.

@anselm
Created May 19, 2015 00:27
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save anselm/9fa1b927470512afd0d7 to your computer and use it in GitHub Desktop.
Save anselm/9fa1b927470512afd0d7 to your computer and use it in GitHub Desktop.
A small app that allows a user to create an anonymous document with a unique ID. The document is discoverable by the ID. An MD5 hash is used so that the chances of collision are low and the chances of random discovery are low. The input is sanitized to prevent attacks on other users and the path is also sanitized to prevent browsing a poorly sec…
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<meta name="viewport" content="width=device-width, initial-scale=1">
<title>Web Notes</title>
<!-- Pull in Bootstrap to style things up a bit -->
<link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.4/css/bootstrap.min.css">
<link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.4/css/bootstrap-theme.min.css">
<script src="https://ajax.googleapis.com/ajax/libs/jquery/1.11.2/jquery.min.js"></script>
<script src="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.4/js/bootstrap.min.js"></script>
</head>
<body>
<div class="container">
<?php
// Grab any arguments passed via the URL
$key = $_GET['key'];
$description = $_GET['description'];
// Is a request to save a new form to disk / database?
if(isset($description) && !empty($description)) {
$description = filter_var(trim($description),FILTER_SANITIZE_STRING);
$key = md5(uniqid(rand(),true));
file_put_contents($key,$description);
print("<h1>Your new note is here: <br>");
print("<a href='?key=".$key."'>".$key."</a>");
$key = 0;
} else
// Is a request is to show previously stored form contents?
if(isset($key) && !empty($key)) {
$key = filter_var(trim(stripslashes($key)),FILTER_SANITIZE_STRING);
$contents = file_get_contents($key);
?>
<h1>Your Note</h1>
<?php
print($contents);
} else {
// Is nothing? Show an input form ...
?>
<form method="get" action="publish.php">
<h2 class="form-publish-heading">Description</h2>
<label name="description" for="description" class="sr-only">Description</label>
<textarea name="description" class="form-control" id="description" class="form-control" placeholder="my description" required></textarea>
<br/>
<button style="width:100px" class="btn btn-lg btn-primary btn-block" type="submit">Publish</button>
</form>
<?php
}
?>
</div>
</body>
</html>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment