Files
THOS-Server/api/create.php

57 lines
1.6 KiB
PHP
Raw Normal View History

<?php
header('Content-Type: application/json');
require_once __DIR__ . '/../vfs.php';
$data = json_decode(file_get_contents('php://input'), true);
$dirV = $data['dir'] ?? '';
$name = $data['name'] ?? '';
$type = $data['type'] ?? 'file';
if ($type !== 'folder' && $type !== 'file') {
echo json_encode(['success' => false, 'error' => 'Invalid type: must be "folder" or "file"']);
exit;
}
if (strpos($dirV, '/.apps') === 0 || $dirV === '/.thos_state.json') {
echo json_encode(['success' => false, 'error' => 'Cannot create in system directories']);
exit;
}
$realDir = resolve_path($dirV);
if (!is_dir($realDir)) {
die(json_encode(['success' => false, 'error' => 'Parent directory not found or invalid']));
}
$newPathReal = $realDir . '/' . $name;
$invalidCharsRegex = '/[<>:"\/\\\\|?*\x00-\x1F]/';
if (preg_match($invalidCharsRegex, $name)) {
die(json_encode(['success' => false, 'error' => 'Invalid filename: special characters not allowed']));
}
if ($type === 'folder') {
if (is_dir($newPathReal)) {
die(json_encode(['success' => false, 'error' => 'Folder with that name already exists']));
}
} else {
if (file_exists($newPathReal)) {
die(json_encode(['success' => false, 'error' => 'File with that name already exists']));
}
}
if ($type === 'folder') {
if (!mkdir($newPathReal, 0777, true)) {
die(json_encode(['success' => false, 'error' => 'Failed to create folder']));
}
} else {
if (!touch($newPathReal)) {
die(json_encode(['success' => false, 'error' => 'Failed to create file']));
}
}
echo json_encode([
'success' => true,
'path' => virtualize_path($newPathReal),
]);