XHR now being used for many more functions, only load now remains to be
done
file value passed as 3rd param on serverQueue
moveFile() file param also has string replacing / to | on filename
replaceInFile() fileRef param also passed as 3rd param, investigate!
If not saving prev files refs and not loading (ie, the extra functions
now covered by XHR), if we're saving, send contents with XHR request,
both send timeStart and file of course
New folder
Move file/folder
Rename file/folder
Paste file/folder
Upload file(s)
Delete file(s)/folders(s)
Replace text in a file
Get contents of remote URL
...all moved to XHR setup now!
No longer using session_start_safe() function because it caused more
usage problems than it solved. Setting a load of new params now to give
a much better setup.
newFile now just calls newTab but with 'alsoSave' param, which is picked
up and runs saveFile, giving more power to the API
When opening a file, if it's a new tab, call createNewTab with a 'new'
param, which is picked up and if set, we don't call setPreviousFiles. We
don't want to set them on adding a new tab anyway, plus it creates an
extra process, which means the server queue gets jammed and new tabs
don't get a save action processed.
The 2 x if conditions added a security measure to avoid path traversals,
should languageBase or languageUser ever be set to something malicious
such as (eg ../../../../../../../etc/passwd)
However, it meant that the ICEcoder dir and the doc root dir paths had
to both start the same, and so be in the same location really. It was
previously a benefit to have them possibly contain different paths, but
this security point restricts this.
We can remove these 2 if conditions however and simply wrap the 2 array
values with basename(), so we take only the trailing file name and so
avoid path traversal issues.
Display at half the size of the desktop and by setting the property that
users can't scale, it means it doesn't shift position/scale etc on
keyboard popup. Not a perfect mobile solution (that's planned one day
soon), but far more usable now.
Location shouldn't contain the dirname of the file or a loggedOut param
(with no CSRF!) - all unnecessary and causes problems
Also add a die() after the header location to go no further.
Causes file locking issues if allowed to be called from anywhere
Because we only call from index.php now, also need dirname(___FILE___)
to complete paths
configCreateDate set if 0 now on every load, not just save
14 full days setup (1296000 - 1 sec), so doesn't start by showing 13
days (and 23 hrs, 59 secs)
If configCreateDate == 0, $tRemaining is the $tPeriod
