<?PHP
/**
 * Start page of the backend.
 * Offers a dashboard.
 *
 * @author Joshua Ramon Enslin <joshua@jrenslin.de>
 */

/*
 * Require files and ensure environment.
 */

require_once __DIR__ . "/inc/functions.php";

ensureEnvironment();            // Ensure existence of system files.
$translations = loadLanguage(); // Load translations.
ensureBackendEnv();             // Ensure session is started etc.
$pages = loadPages();           // Load overview of pages.

/*
 * Load data.
 */

// Check for vars.
loadHttpToGlobals(["subject", "task"]);
if (!isset($task)) $task = "list";

define("fileDir", __DIR__ . "/../files");

if ($task == "list") {

    $files = scanDirConts(fileDir);
    echo json_encode($files);
    return;

}
else if ($task == "upload") {

    // TODO: Add whitelist for extensions.

    $uploaddir = fileDir . '/';
    $uploadfile = $uploaddir . basename($_FILES['userfile']['name']);

    if (filesize($_FILES['userfile']['tmp_name']) > 300000) {
        printErrorPage($translations['fileTooLarge']);
        return;
    }

    if (move_uploaded_file($_FILES['userfile']['tmp_name'], $uploadfile)) {
        echo "Datei ist valide und wurde erfolgreich hochgeladen.\n";
    }
    else {
        echo "Möglicherweise eine Dateiupload-Attacke!\n";
    }

}


?>