corrade-http-templates
| /instantMessage/sendInstantMessage.php |
|---|
| @@ -13,28 +13,16 @@ |
| require_once('config.php'); |
| require_once('functions.php'); |
| require_once('vendor/was/utilities/src/formats/kvp/kvp.php'); |
| ########################################################################### |
| ## INTERNALS ## |
| ########################################################################### |
| # CRSF. |
| session_start(); |
| if (empty($_POST['token']) || !hash_equals($_SESSION['token'], $_POST['token'])) { |
| http_response_code(403); |
| die('Forbidden.'); |
| } |
| # Check that we have all the necessary variables. |
| # If there is no "message" or "name" POST variable set then bail. |
| if(!isset($_POST['message']) || |
| empty($_POST['message']) || |
| !isset($_POST['name']) || |
| empty($_POST['name']) || |
| !isset($_POST['firstname']) || |
| empty($_POST['firstname']) || |
| !isset($_POST['lastname']) || |
| empty($_POST['lastname'])) return; |
| !isset($_POST['lastname'])) return; |
| #### |
| # I. Build the POST array to send to Corrade. |
| @@ -52,7 +40,7 @@ |
| # II. Escape the data to be sent to Corrade. |
| array_walk($params, |
| function(&$value, $key) { |
| $value = urlencode($key)."=".urlencode($value); |
| $value = rawurlencode($key)."=".rawurlencode($value); |
| } |
| ); |
| $postvars = implode('&', $params); |
| @@ -132,3 +120,5 @@ |
| ); |
| break; |
| } |
| ?> |