cyvax/formulaire.php Secret

## formulaire.php
<?php
session_start();
include ("database.php");

$error = false;
$success = false;
$error_status = ["status" => "Request Not Processed"];
$status = ["status" => ""];
$filename = "Formulaire";
$origin = "formulaire.php";
$notification = "";
$special_chars = ["?", "[", "]", "/", "\\", "=", "<", ">", ":", ";", ",", "'", ".", "\"", "&", "$", "#", "*", "(", ")", "|", "~", "`", "!", "{", "}", "%", "+", chr(0)];

function sanitize($filename): string {
    global $special_chars;
    $file = str_replace($special_chars, "", $filename);
    preg_match_all('/[\x21-\x7e]/', $file, $file_array); // Only Printable ASCII char.
    if (count($file_array[0]) != 0) {
        return implode("", $file_array[0]);
    }
    $file = htmlentities($file, ENT_COMPAT, "UTF-8");
    $file = preg_replace('/&([a-zA-Z])(uml|acute|grave|circ|tilde|ring|slash);/','$1',$file);
    return html_entity_decode($file);
}

function array_keys_checks(array $needles, array $haystack): bool
{
    foreach ($needles as $needle)
    {
        if ( ! isset($haystack[$needle])) return false;
    }
    return true;
}

if ($_SERVER["REQUEST_METHOD"] === "POST") {
    if (!array_keys_checks(["filename", "title", "decription", "html_h1", "html_content"], $_POST)) {
        $html_filename = sanitize($_POST["filename"]);
        $html_title = htmlspecialchars($_POST["title"]);
        $html_h1 = htmlspecialchars($_POST["html_h1"]);
        $html_description = htmlspecialchars($_POST["description"]);
        $html_content = $_POST["html_content"];
        $html = include "components/base_html.php";
        // file_put_contents("pages/" . $html_filename . ".html", $html);
        header("201 Created");
        $success = true;
        $status["status"] = "Votre fichier a bien été créé... Il est disponible <a href='./pages/" . $html_filename . ".html'>ici</a>.";
    } else {
        $error = true;
        $error_status["status"] = "Erreur, Il manque des données, merci de vous réitérer...";
    }
}

$head = '<script src="https://cdn.tiny.cloud/1/no-api-key/tinymce/5/tinymce.min.js" referrerpolicy="origin"></script>';
$scripts = "<script>tinymce.init({selector:'textarea'});</script>";
$hero = '<div class="form_register">
            <form method="POST" action="formulaire.php">
                <label class="label has-text-left is-size-5" for="filename">Nom du Fichier<span class="required"></span></label>
                <input class="input" type="text" name="filename" id="filename" placeholder="Nom du Fichier" required>
                <label class="label has-text-left is-size-5" for="title">Titre de la page<span class="required"></span></label>
                <input class="input" type="text" name="title" id="title" placeholder="Titre de la page" required>
                <label class="label has-text-left is-size-5" for="description">Description<span class="required"></span></label>
                <input class="input" type="text" name="description" id="description" placeholder="Description" required>
                <label class="label has-text-left is-size-5" for="html_h1">Titre du document<span class="required"></span></label>
                <input class="input" type="text" name="html_h1" id="html_h1" placeholder="Titre du document (h1)" required>
                <label class="label has-text-left is-size-5" for="html_content">Main<span class="required"></span></label>
                <textarea name="html_content">Vous pouvez commencer à créer votre page HTML !</textarea>
                <div class="field button-field">
                    <button class="button is-block is-info is-large">Créer Page<i class="fa fa-sign-in" aria-hidden="true"></i></button>
                </div>
            </form>
        </div>';

if ($error) {
    $notification .= '<div class="notification is-danger ">
    <button class="delete" onclick="deleteNotif(this)"></button>' . $error_status["status"] . '</div>';
}
if ($success) {
    $notification .= '<div class="notification is-success ">
    <button class="delete" onclick="deleteNotif(this)"></button>' . $status["status"] . '</div>';
}
include("components/base.php");
	<?php
	session_start();
	include ("database.php");

	$error = false;
	$success = false;
	$error_status = ["status" => "Request Not Processed"];
	$status = ["status" => ""];
	$filename = "Formulaire";
	$origin = "formulaire.php";
	$notification = "";
	$special_chars = ["?", "[", "]", "/", "\\", "=", "<", ">", ":", ";", ",", "'", ".", "\"", "&", "$", "#", "*", "(", ")", "\|", "~", "`", "!", "{", "}", "%", "+", chr(0)];

	function sanitize($filename): string {
	global $special_chars;
	$file = str_replace($special_chars, "", $filename);
	preg_match_all('/[\x21-\x7e]/', $file, $file_array); // Only Printable ASCII char.
	if (count($file_array[0]) != 0) {
	return implode("", $file_array[0]);
	}
	$file = htmlentities($file, ENT_COMPAT, "UTF-8");
	$file = preg_replace('/&([a-zA-Z])(uml\|acute\|grave\|circ\|tilde\|ring\|slash);/','$1',$file);
	return html_entity_decode($file);
	}

	function array_keys_checks(array $needles, array $haystack): bool
	{
	foreach ($needles as $needle)
	{
	if ( ! isset($haystack[$needle])) return false;
	}
	return true;
	}

	if ($_SERVER["REQUEST_METHOD"] === "POST") {
	if (!array_keys_checks(["filename", "title", "decription", "html_h1", "html_content"], $_POST)) {
	$html_filename = sanitize($_POST["filename"]);
	$html_title = htmlspecialchars($_POST["title"]);
	$html_h1 = htmlspecialchars($_POST["html_h1"]);
	$html_description = htmlspecialchars($_POST["description"]);
	$html_content = $_POST["html_content"];
	$html = include "components/base_html.php";
	// file_put_contents("pages/" . $html_filename . ".html", $html);
	header("201 Created");
	$success = true;
	$status["status"] = "Votre fichier a bien été créé... Il est disponible <a href='./pages/" . $html_filename . ".html'>ici</a>.";
	} else {
	$error = true;
	$error_status["status"] = "Erreur, Il manque des données, merci de vous réitérer...";
	}
	}

	$head = '<script src="https://cdn.tiny.cloud/1/no-api-key/tinymce/5/tinymce.min.js" referrerpolicy="origin"></script>';
	$scripts = "<script>tinymce.init({selector:'textarea'});</script>";
	$hero = '<div class="form_register">
	<form method="POST" action="formulaire.php">
	<label class="label has-text-left is-size-5" for="filename">Nom du Fichier<span class="required"></span></label>
	<input class="input" type="text" name="filename" id="filename" placeholder="Nom du Fichier" required>
	<label class="label has-text-left is-size-5" for="title">Titre de la page<span class="required"></span></label>
	<input class="input" type="text" name="title" id="title" placeholder="Titre de la page" required>
	<label class="label has-text-left is-size-5" for="description">Description<span class="required"></span></label>
	<input class="input" type="text" name="description" id="description" placeholder="Description" required>
	<label class="label has-text-left is-size-5" for="html_h1">Titre du document<span class="required"></span></label>
	<input class="input" type="text" name="html_h1" id="html_h1" placeholder="Titre du document (h1)" required>
	<label class="label has-text-left is-size-5" for="html_content">Main<span class="required"></span></label>
	<textarea name="html_content">Vous pouvez commencer à créer votre page HTML !</textarea>
	<div class="field button-field">
	<button class="button is-block is-info is-large">Créer Page<i class="fa fa-sign-in" aria-hidden="true"></i></button>
	</div>
	</form>
	</div>';

	if ($error) {
	$notification .= '<div class="notification is-danger ">
	<button class="delete" onclick="deleteNotif(this)"></button>' . $error_status["status"] . '</div>';
	}
	if ($success) {
	$notification .= '<div class="notification is-success ">
	<button class="delete" onclick="deleteNotif(this)"></button>' . $status["status"] . '</div>';
	}
	include("components/base.php");