Aera223

SECURE_WRITING

Aug 17th, 2020 (edited)
102
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
PHP 5.66 KB | None | 0 0
  1. <!DOCTYPE html><html lang="en"><title>Admin</title><meta name="viewport" content="width=device-width, initial-scale=1.0"><?php
  2.  
  3. //PHP writing software. This is basic, but it works well for me
  4. //Just save the file as "writer.php"
  5. //It should be easy to use, but questions (and comments) can be sent to
  6. //aera23@protonmail.com
  7.  
  8.  
  9. //Replies can take a few days, but typically occur within 20-30 hours
  10.  
  11. //Prevents password guessing. If the security file is not blank, STOP the script, and tell the user what happened
  12. if(@file_get_contents('security.tmp')!=""){echo file_get_contents('security.tmp')."</html>"; exit;}
  13.  
  14.  
  15. $data = file("wd.txt");
  16. if($data[2]==""){$data[2]="#993300";}if($data[3]==""){$data[3]="#ffff99";}
  17. if($data[0]=="" || $data[1]=="" || $data[2]==""|| $data[3]==""|| $data[4]=="" || crc32($_REQUEST['code'])== $data[4] && $_REQUEST['code']!=""){
  18.  
  19. if($_GET['set']!=3)
  20. {$data = file("wd.txt");
  21.  
  22. echo '<style>html{font-family:corbel; background:'.$data[3].'; color:'.$data[2].';}*{padding:0.2em}</style><h1>Welcome :)</h1><p><br>
  23. <form action="writer.php?set=3" method="post">
  24. This edition includes a security kill switch.
  25. Title:<input name="cn" placeholder="@Nick\'s writer" value="'.str_replace("<br />","",nl2br($data[1])).'"><br>
  26. Text:<input type="color" name="fg" value="'.str_replace("\n","",$data[2]).'"><br>
  27. Page:<input type="color" name="bg" value="'.str_replace("\n","",$data[3]).'"><br>
  28. Secret (to access writer): <input name="ws" required><br><br>
  29. Confirm it: <input name="sc" required><br><input type="submit" value="Save"><br>
  30. Rest assured that the secret is not stored in plaintext.<br>
  31. Then hit enter.</p></form><h3>This simplified software is provided by Aera23<mark>:)</mark>.<br>To protect yourself, I\'ve included a "Cache".</h3>';exit;}
  32.  
  33.  
  34. elseif($_GET['set']==3 && $_REQUEST['sc'] == $_REQUEST['ws']){
  35. $set = fopen("wd.txt", "w");
  36. $txt = time()."
  37. ".$_REQUEST['cn']."
  38. ".$_REQUEST['fg']."
  39. ".$_REQUEST['bg']."
  40. ".crc32($_REQUEST['ws']);
  41. fwrite($set,$txt); fclose($set);}}
  42.  
  43. //Retrieves config
  44. $nick = $data[1];
  45. $fg = $data[2]; $bg = $data[3];
  46. $pass = $data[4];
  47.  
  48. //Send login
  49. if(crc32($_REQUEST['pass'])!=$pass){
  50. echo "<style>body{background:$bg; color:$fg; font-family:corbel;margin:3em;}a{color:$fg}</style><body><h1><mark>🔑</mark> Admin <small>(file editor) <a href='index.php'>... or go Back</small></h1><p><a href='source.php'>🧿 File viewer</a></p>";echo'
  51. <form action="writer.php?auth='.date("H").'" method="post">
  52. Key:<input type="text" name="pass" autofocus style="padding:0.4em;font-size:1.1em;background:#e22;color:#fff;">
  53. <input type="hidden" name="f" value="'.$_GET['f'].'">
  54. <br><br>Final attempt: Tap Enter to login.</form></body>';
  55.  
  56. if($_REQUEST['pass']!=""){file_put_contents("security.tmp", 'GUESS: '.date("j @ H:i:s ")).' by '.$_SERVER['HTTP_USER_AGENT'];}
  57.  
  58.  
  59. if($_REQUEST['x']!="")file_put_contents("security.tmp","WARN: ".(time()-$_REQUEST['x']));}
  60.  
  61. else{if($_REQUEST['f']!=""){$fs = filesize($_REQUEST['f']);}
  62.  
  63. //The writing part
  64. if($_REQUEST['f']!="" && $_REQUEST['data']!="")
  65. {$file = $_REQUEST['f'];$data = $_REQUEST['data'];
  66. rename($_REQUEST['f'],"backup.tmp");
  67. if ($data == 'clear'){unlink($_REQUEST['f']);}
  68. else{$w = fopen($file, "w");fwrite($w, $data); fclose($w);}
  69. $t = "Done";}
  70. if($_REQUEST['f']!=""){$fs = filesize($_REQUEST['f']);}
  71. else{$t = "File writer";}
  72.  
  73. //bg 448, fg 9f9
  74. if($_REQUEST['f']!=""){$x = 'style="background:#ff0;padding:0.5em"';}else{$x = 'style="padding:0.5em; autofocus"';}
  75.  
  76. echo '<style>body{background:'.$bg.'; color:'.$fg.'; font-family:calibri}mark,input{background:#bff;font-size:110%}
  77. a{background:'.$fg.'; color:'.$bg.'}mark,code{color:inherit}
  78. pre{white-space:pre-wrap;       /* CSS 2.1+ */
  79.  white-space:-moz-pre-wrap;  /* Mozilla, since 1999 */
  80.  white-space:-o-pre-wrap;    /* Opera 7 */}
  81. .un{color:#fff;}
  82. form{display:inline}
  83. input{font-family:corbel,times new roman;}
  84. </style><title>'.$nick.'</title>
  85. <p class="un"><form action="writer.php" method="post" id="x">
  86. <input type="submit" name="exit" value=" ❎ Sign Out"><a href="backup.tmp">📑Original file</a><a href="source.php?f='.$_REQUEST["f"].'"> 🔮 Safe mode</a></form>
  87.  
  88. <form id="w" action="writer.php" method="post" accept-charset="UTF-8">
  89. <input type="text" class="int" name="f" size="15" placeholder="File name" value="'.$_REQUEST["f"].'" '.$x.'><br><br>';
  90.  
  91. echo'<textarea id="q" form="w" class="int" name="data" width="99%" rows="20" cols="150" placeholder="Contents"></textarea><br>
  92.  
  93. <script>
  94. document.getElementById(\'q\').innerHTML=document.getElementById(\'aa\').innerText;
  95. </script>
  96.  
  97.  
  98. <input type="hidden" name="pass" value="'.$_REQUEST['pass'].'">
  99. <input type="submit" class="int" value=" 🧧 Send"></form><form action="writer.php" method="post" id="x">
  100. <input type="hidden" name="pass" value="'.$_REQUEST['pass'].'">
  101. <input type="submit" value=" ✔ Edit another "></form>
  102.  
  103. <form action="writer.php?f=wd.txt" method="post" id="x">
  104. <input type="hidden" name="pass" value="'.$_REQUEST['pass'].'">
  105. <input type="hidden" name="data" value="clear">
  106. <input type="submit" value=" 🧨 Reset"></form><br><a href="'.$_REQUEST['f'].'" target="blank">'.$_REQUEST['f'].'</a> ('.$fs.')<br><pre style="background:#fff" id="aa">';
  107.  
  108. if ($_REQUEST['f']!=""){
  109. $source = show_source($_REQUEST['f'], true);
  110. $source = str_replace("<br />","",$source);
  111. $source = str_replace("&lt;","<mark>&lt;</mark>",$source);
  112. $source = str_replace("&gt;","<mark>&gt;</mark>",$source);
  113. echo $source;}
  114. else{echo"This will show you the source code, unless the file is an image.<br><br>Type 'clear' to clear the contents of a file.<br><br>The previous copy of a file can typically be accessed by clicking on '📑 Original file'.";}
  115. echo'</pre>';}
  116. ?>
  117.  
  118.  
Add Comment
Please, Sign In to add comment