From 14262d65f9db7d75f77f832e834b589d6bfcb2a0 Mon Sep 17 00:00:00 2001
From: Chris McCormick <chris@mccormick.cx>
Date: Sat, 13 May 2017 14:23:38 +0800
Subject: [PATCH] Username, password, data dir settable in config.

---
 .gitignore         |  1 +
 README.md          | 11 +++++++++++
 README.txt         | 14 --------------
 config-example.php |  8 ++++++++
 sync.php           | 23 ++++++++++++++---------
 5 files changed, 34 insertions(+), 23 deletions(-)
 create mode 100644 README.md
 delete mode 100644 README.txt
 create mode 100644 config-example.php

diff --git a/.gitignore b/.gitignore
index e43b0f9..28ea230 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1 +1,2 @@
 .DS_Store
+config.php
diff --git a/README.md b/README.md
new file mode 100644
index 0000000..0a7daf4
--- /dev/null
+++ b/README.md
@@ -0,0 +1,11 @@
+HTML5 Notepad App
+by Kaspars Dambis
+http://konstruktors.com
+
+## Installation
+
+ * Copy files up
+ * Make a data dir for notebook pages to go into
+ * Copy config-example.php to config.php
+ * Edit config.php
+
diff --git a/README.txt b/README.txt
deleted file mode 100644
index c731c8a..0000000
--- a/README.txt
+++ /dev/null
@@ -1,14 +0,0 @@
-HTML5 Notepad App
-by Kaspars Dambis
-http://konstruktors.com
-
-Installation
-============
-
-1. Upload files to your server
-2. Rename 'entries' folder to something random and harder to guess
-3. Make that folder writable (CHMOD 0777)
-4. Edit sync.php and specify your new DATA_DIR (the one you just renamed)
-5. In sync.php change username and password to something unique
-6. Done!
-
diff --git a/config-example.php b/config-example.php
new file mode 100644
index 0000000..1769cfa
--- /dev/null
+++ b/config-example.php
@@ -0,0 +1,8 @@
+<?php
+// Example config.php
+// Copy this file to config.php to take effect
+
+$username = "demo";
+$password = "demo";
+$data_dir = "entries"
+?>
diff --git a/sync.php b/sync.php
index 5b76116..6cb8ce4 100644
--- a/sync.php
+++ b/sync.php
@@ -2,14 +2,19 @@
 
 error_reporting(E_ERROR);
 
-define('DATA_DIR', 'entries'); // use this to protect files from being publicly viewable
-define("USERNAME", 'demo');
-define('PASSWORD', 'demo');
-
-if (($_SERVER['PHP_AUTH_USER'] !== USERNAME) || ($_SERVER['PHP_AUTH_PW'] !== PASSWORD)) {
-    header('WWW-Authenticate: Basic realm="Cloud Notes"');
-    header('HTTP/1.0 401 Unauthorized');
-    exit;
+// if config file exists then load it
+if(file_exists('config.php')) {
+  require_once('config.php');
+}
+
+define('DATA_DIR', isset($data_dir) ? $data_dir : 'entries'); // use this to protect files from being publicly viewable
+
+if (isset($username) && isset($password)) {
+    if (($_SERVER['PHP_AUTH_USER'] !== $username) || ($_SERVER['PHP_AUTH_PW'] !== $password)) {
+        header('WWW-Authenticate: Basic realm="Cloud Notes"');
+        header('HTTP/1.0 401 Unauthorized');
+        exit;
+    }
 }
 
 header('Content-type: application/json; charset=utf-8');
@@ -136,4 +141,4 @@ function get_entries() {
 		return json_encode($entries);
 }
 
-?>
\ No newline at end of file
+?>