corrade-http-templates
| /groupChat/groupChat.html |
|---|
| @@ -60,7 +60,7 @@ |
| <script src="bower_components/velocity/velocity.min.js"></script> |
| <script> |
| $(document).ready(function () { |
| function sendGroupMessage() { |
| function sendGroupMessage(token) { |
| // Hide the controls. |
| $("#controls").animate( |
| { |
| @@ -77,7 +77,8 @@ |
| url: "sendGroupMessage.php", |
| data: { |
| name: $("#name").val(), |
| message: $("#message").val() |
| message: $("#message").val(), |
| token: token |
| } |
| }).done(function(data) { |
| // If any error occurred, display it. |
| @@ -96,6 +97,7 @@ |
| ); |
| }); |
| } |
| // Polls the chatlog every second for changes. |
| (function retrieveMessages() { |
| $.get("chat.log?t=" + Math.random(), function(data) { |
| @@ -104,18 +106,22 @@ |
| setTimeout(retrieveMessages, 1000); |
| }); |
| }()); |
| // When the send button is pressed, then call the sendGroupMessage function to |
| // send the message to the PHP script, which then send the message to Corrade. |
| $("#send").click(function(e){ |
| sendGroupMessage(); |
| $.get('session.php').then((token) => { |
| // When the send button is pressed, then call the sendGroupMessage function to |
| // send the message to the PHP script, which then send the message to Corrade. |
| $("#send").click(function(e){ |
| sendGroupMessage(token); |
| }); |
| // Subscribe to pressing enter with the message input box selected. |
| $("#message").keypress(function(e) { |
| if (e.which == 13) { |
| sendGroupMessage(token); |
| return false; |
| } |
| }); |
| }); |
| // Subscribe to pressing enter with the message input box selected. |
| $("#message").keypress(function(e) { |
| if (e.which == 13) { |
| sendGroupMessage(); |
| return false; |
| } |
| }); |
| }); |
| </script> |
| </body> |
| /groupChat/sendGroupMessage.php |
|---|
| @@ -17,6 +17,13 @@ |
| ## INTERNALS ## |
| ########################################################################### |
| # CRSF. |
| session_start(); |
| if (empty($_POST['token']) || !hash_equals($_SESSION['token'], $_POST['token'])) { |
| http_response_code(403); |
| die('Forbidden.'); |
| } |
| # If there is no message set or no name set or if the message or the name |
| # are empty then do not proceed any further. |
| if(!isset($_POST['message']) || |
| /groupChat/session.php |
|---|
| @@ -0,0 +1,18 @@ |
| <?php |
| ########################################################################### |
| ## Copyright (C) Wizardry and Steamworks 2017 - License: GNU GPLv3 ## |
| ########################################################################### |
| session_start(); |
| if (empty($_SESSION['token'])) { |
| if (function_exists('mcrypt_create_iv')) { |
| $_SESSION['token'] = bin2hex(mcrypt_create_iv(32, MCRYPT_DEV_URANDOM)); |
| } else { |
| $_SESSION['token'] = bin2hex(openssl_random_pseudo_bytes(32)); |
| } |
| } |
| echo $_SESSION['token']; |