corrade-http-templates – Blame information for rev 50

Subversion Repositories:
Rev:
Rev Author Line No. Line
1 eva 1 <?php
2  
3 ###########################################################################
4 ## Copyright (C) Wizardry and Steamworks 2016 - License: GNU GPLv3 ##
5 ###########################################################################
6 ## This is a script that sends a message to an agent from Corrade and it ##
7 ## also stores the sent message to a conversation file. ##
8 ###########################################################################
9  
10 ###########################################################################
11 ## CONFIGURATION ##
12 ###########################################################################
13  
14 require_once('config.php');
15 require_once('functions.php');
16  
17 ###########################################################################
18 ## INTERNALS ##
19 ###########################################################################
20  
50 office 21 # CRSF.
22 session_start();
23 if (empty($_POST['token']) || !hash_equals($_SESSION['token'], $_POST['token'])) {
24 http_response_code(403);
25 die('Forbidden.');
26 }
27  
4 eva 28 # Check that we have all the necessary variables.
1 eva 29 if(!isset($_POST['message']) ||
4 eva 30 empty($_POST['message']) ||
1 eva 31 !isset($_POST['name']) ||
4 eva 32 empty($_POST['name']) ||
1 eva 33 !isset($_POST['firstname']) ||
4 eva 34 empty($_POST['firstname']) ||
35 !isset($_POST['lastname']) ||
36 empty($_POST['lastname'])) return;
1 eva 37  
38 ####
39 # I. Build the POST array to send to Corrade.
40 $params = array(
41 'command' => 'tell',
42 'group' => $GROUP,
43 'password' => $PASSWORD,
44 'entity' => 'avatar',
45 'firstname' => $_POST['firstname'],
46 'lastname' => $_POST['lastname'],
47 'message' => $_POST['name'].' says '.$_POST['message']
48 );
49  
50 ####
51 # II. Escape the data to be sent to Corrade.
52 array_walk($params,
53 function(&$value, $key) {
54 $value = rawurlencode($key)."=".rawurlencode($value);
55 }
56 );
57 $postvars = implode('&', $params);
58  
59 ####
60 # III. Use curl to send the message.
61 if (!($curl = curl_init())) {
62 print 0;
63 return;
64 }
65 curl_setopt($curl, CURLOPT_URL, $URL);
66 curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);
67 curl_setopt($curl, CURLOPT_POST, true);
68 curl_setopt($curl, CURLOPT_POSTFIELDS, $postvars);
69 curl_setopt($curl, CURLOPT_ENCODING, true);
70 $result = curl_exec($curl);
71 curl_close($curl);
72  
73 ####
74 # IV. Grab the status of the command.
75 $status = urldecode(
76 wasKeyValueGet(
77 "success",
78 $result
79 )
80 );
81  
82 ####
83 # IV. Check the status of the command.
84 switch($status) {
85 case "True": # The message was sent successfully so store it within a conversation file.
86 ####
87 # V. Get the path to the configured chat directory.
88 $chatPath = realpath($CHAT_DIRECTORY);
89  
90 ####
91 # VI. Get the user path.
92 $userPath = join(
93 DIRECTORY_SEPARATOR,
94 array(
95 $CHAT_DIRECTORY,
96 ucfirst(
97 strtolower(
98 $_POST['firstname']
99 )
100 ) .' '.
101 ucfirst(
102 strtolower(
103 $_POST['lastname']
104 )
105 ).'.log'
106 )
107 );
108  
109 ####
110 # VII. Check that the file will be placed within the chat directory.
111 $pathPart = pathinfo($userPath);
112 if(realpath($pathPart['dirname']) != $chatPath)
113 die;
114  
115 ####
116 # VIII. Store the message.
117 storeAvatarConversation(
118 $_POST['name'],
119 '',
120 $_POST['message'],
121 $userPath,
122 $CHAT_LINES
123 );
124 break;
125 default: # Otherwise, return the Corrade error message.
126 echo 'Corrade failed to deliver the message with the error message: '.urldecode(
127 wasKeyValueGet(
128 "error",
129 $result
130 )
131 );
132 break;
133 }
134  
135 ?>