<?php

    # pagepost.php - Create a new page
    include_once 'data_connect.php';
    include 'log.php';
    include 'en_code.php';



    if (get_account($_SESSION['userID'])['rights'] != 'administrator') {
        header('Location:panel.php');
        exit();
    }
    


    # class getpage - uniqueid title description content filename 
    class getpage {
    
        function __construct() {
            
            foreach ($_POST as $key => $val) 
                $this->$key = $val;
        
            return true;        
        }

    }

    


    function pagepost() {
        
        
        $p = new getpage();
        
        
        
        $page = $p->uniqueid.'.xml';
        $pagexml = simplexml_object($page,'l','page');
    
        
        $xml_struc = '<?xml version="1.0" encoding="utf-8"?><savedpage><title>Saved Page</title><pageinfo></pageinfo></savedpage>';

        
        
        
        # filename check
        if ($p->filename != '') {

            $filename = str_replace(array('&','/',' ','$','+',',',':',';','=','?','@','<','>','#','%','{','}','|','^','~','[',']','`','\\','\'','"'),'',$p->filename);
            $filename = str_replace(array("\n","\r"),'',$filename);
            
            # Exclude these names
            $names = array('index','pagep');
            if (in_array($filename,$names))
                $filename = '_'.$filename;
    
            
            # Find out if the filename already exists
            $pages = glob('savedpages/*.xml');
            $cur = array_search('savedpages/'.$page,$pages);
            if ($cur !== false) 
                unset($pages[$cur]);
            
            foreach ($pages as $pg) {
                $file = simplexml_object(basename($pg),'l','page');
                $fname = $file->pageinfo->page->filename;
                if ($filename == $fname) 
                    $filename = '_'.$fname;
                }    
        
            # If the filename has changed by the user, delete the old one and also delete the respective page
            if (is_file('savedpages/'.$page)) {
                $oldname = $pagexml->pageinfo->page->filename;
                if ($oldname != $filename)
                    unlink('../'.$oldname.'.php');
            }
        }
        
        else
            $filename = (is_file('savedpages/'.$page)) ? $pagexml->pageinfo->page->filename : '_'.time();
        
        
        

        
        if (!is_file('savedpages/'.$page)) {
            
            touch('savedpages/'.$page);
            $sum = get_log()['pages'];
            $sum += 1;
            update_log('pages',$sum);
        }

        
        $title = remove_tags((string)$p->title);
        $description = str_replace(array("\n","\r"),'',(string)$p->description);
        $saved = new simpleXMLElement($xml_struc);
        
        $saved->pageinfo->page->filename = $filename;
        $saved->pageinfo->page->title = $title;
        $saved->pageinfo->page->description = $description;
        $saved->pageinfo->page->editor = $_SESSION['userID'];
        $saved->pageinfo->page->modified = time();
        
        simplexml_object_save($page,$saved,'page');
        file_put_contents('savedpages/'.$p->uniqueid.'.htm',str_replace(array('<?','?>'),'',$p->content));
        
        
        # Save the page itself
        $pagecontent ='<?php $pn = "'.$p->uniqueid.'"; if(!file_exists("pagep.php")) exit("Error loading content. Please come back later.");
        include "pagep.php" ?>';
        file_put_contents('../'.$filename.'.php',$pagecontent);

        
        //update_activity('page',$title);
        
        echo 'Page saved - '.date("H:i",time()).'&nbsp;-&nbsp;<a href="../'.$filename.'.php" target="_blank">Visit page</a>';
        
        
        return true;
    }

    
    
    if (isset($_POST['uniqueid']))
        pagepost()

        
        

?>