feat(QuickUpload): add delete path

modules/printip/printip.php

@@ -1,3 +1,5 @@
 <?php
 
+header('Are-You-A-Bastard: Yes');
+
 echo $_SERVER['REMOTE_ADDR'];

modules/quickupload/quickupload.php

@@ -11,19 +11,58 @@ function slugify($string){
   return strtolower(trim(preg_replace('/[^.A-Za-z0-9-]+/', '-', $string), '-'));
 }
 
+if (strpos($_SERVER['REQUEST_URI'], '/delete') === 0) {
+  $fileName = $_GET['name'] ?? '';
+  if (empty($fileName)) {
+    echo "ERR: need a file name to work with";
+    http_response_code(400);
+    exit();
+  }
+  if (dirname($path . '/' . $fileName) !== $path) {
+    echo "ERR: invalid path";
+    http_response_code(400);
+    exit();
+  }
+  $fileName = str_replace('/', '', $fileName);
+  if (!file_exists($path . '/' . $fileName)) {
+    echo "ERR: invalid path";
+    http_response_code(400);
+    exit();
+  }
+  unlink($path . '/' . $fileName);
+  if (isset($_GET['redirect']) && $_GET['redirect'] === 'yes') {
+    header('Location: /list');
+    http_response_code(302);
+    exit();
+  }
+  exit();
+}
+
 if ($_SERVER['REQUEST_URI'] === '/list') {
   $files = getFilesAsArray($path);
   ?>
   <h3>List of uploaded files</h3>
-  <ul>
+  <div>
   <?php
   foreach ($files as $fileName) {
     ?>
-    <li><a href="/file/<?= $fileName ?>"><?= $fileName ?></a></li>
+    <div 
+    style="
+      max-width: 900px;
+      display: flex;
+      justify-content: space-between;
+      border: 1px solid gray;
+      margin-bottom: .4em
+    ">
+      <div>
+        <a href="/file/<?= $fileName ?>"><?= $fileName ?></a>
+      </div>
+      <a href="/delete?name=<?= $fileName ?>&redirect=yes">Delete</a>
+    </div>
     <?php
   }
   ?>
-  </ul>
+  </div>
   <?php
   exit();
 }
@@ -37,7 +76,6 @@ if (isset($_POST['name']) && !empty($_POST['name'])) {
   $isAutoGeneratedFileName = true;
 }
 
-
 if (isset($_POST['text']) && !empty($_POST['text'])) {
   if ($isAutoGeneratedFileName) $fileName .= '.txt';
   file_put_contents($path . '/' . $fileName, $_POST['text']);