corrade-http-templates – Diff between revs 4 and 50

Subversion Repositories:
Rev:
Only display areas with differencesIgnore whitespace
Rev 4 Rev 50
1 <?php 1 <?php
2   2  
3 ########################################################################### 3 ###########################################################################
4 ## Copyright (C) Wizardry and Steamworks 2016 - License: GNU GPLv3 ## 4 ## Copyright (C) Wizardry and Steamworks 2016 - License: GNU GPLv3 ##
5 ########################################################################### 5 ###########################################################################
6 ## This is a script that sends a message to an agent from Corrade and it ## 6 ## This is a script that sends a message to an agent from Corrade and it ##
7 ## also stores the sent message to a conversation file. ## 7 ## also stores the sent message to a conversation file. ##
8 ########################################################################### 8 ###########################################################################
9   9  
10 ########################################################################### 10 ###########################################################################
11 ## CONFIGURATION ## 11 ## CONFIGURATION ##
12 ########################################################################### 12 ###########################################################################
13   13  
14 require_once('config.php'); 14 require_once('config.php');
15 require_once('functions.php'); 15 require_once('functions.php');
16   16  
17 ########################################################################### 17 ###########################################################################
18 ## INTERNALS ## 18 ## INTERNALS ##
19 ########################################################################### 19 ###########################################################################
-   20  
-   21 # CRSF.
-   22 session_start();
-   23 if (empty($_POST['token']) || !hash_equals($_SESSION['token'], $_POST['token'])) {
-   24 http_response_code(403);
-   25 die('Forbidden.');
-   26 }
20   27  
21 # Check that we have all the necessary variables. 28 # Check that we have all the necessary variables.
22 if(!isset($_POST['message']) || 29 if(!isset($_POST['message']) ||
23 empty($_POST['message']) || 30 empty($_POST['message']) ||
24 !isset($_POST['name']) || 31 !isset($_POST['name']) ||
25 empty($_POST['name']) || 32 empty($_POST['name']) ||
26 !isset($_POST['firstname']) || 33 !isset($_POST['firstname']) ||
27 empty($_POST['firstname']) || 34 empty($_POST['firstname']) ||
28 !isset($_POST['lastname']) || 35 !isset($_POST['lastname']) ||
29 empty($_POST['lastname'])) return; 36 empty($_POST['lastname'])) return;
30   37  
31 #### 38 ####
32 # I. Build the POST array to send to Corrade. 39 # I. Build the POST array to send to Corrade.
33 $params = array( 40 $params = array(
34 'command' => 'tell', 41 'command' => 'tell',
35 'group' => $GROUP, 42 'group' => $GROUP,
36 'password' => $PASSWORD, 43 'password' => $PASSWORD,
37 'entity' => 'avatar', 44 'entity' => 'avatar',
38 'firstname' => $_POST['firstname'], 45 'firstname' => $_POST['firstname'],
39 'lastname' => $_POST['lastname'], 46 'lastname' => $_POST['lastname'],
40 'message' => $_POST['name'].' says '.$_POST['message'] 47 'message' => $_POST['name'].' says '.$_POST['message']
41 ); 48 );
42   49  
43 #### 50 ####
44 # II. Escape the data to be sent to Corrade. 51 # II. Escape the data to be sent to Corrade.
45 array_walk($params, 52 array_walk($params,
46 function(&$value, $key) { 53 function(&$value, $key) {
47 $value = rawurlencode($key)."=".rawurlencode($value); 54 $value = rawurlencode($key)."=".rawurlencode($value);
48 } 55 }
49 ); 56 );
50 $postvars = implode('&', $params); 57 $postvars = implode('&', $params);
51   58  
52 #### 59 ####
53 # III. Use curl to send the message. 60 # III. Use curl to send the message.
54 if (!($curl = curl_init())) { 61 if (!($curl = curl_init())) {
55 print 0; 62 print 0;
56 return; 63 return;
57 } 64 }
58 curl_setopt($curl, CURLOPT_URL, $URL); 65 curl_setopt($curl, CURLOPT_URL, $URL);
59 curl_setopt($curl, CURLOPT_RETURNTRANSFER, true); 66 curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);
60 curl_setopt($curl, CURLOPT_POST, true); 67 curl_setopt($curl, CURLOPT_POST, true);
61 curl_setopt($curl, CURLOPT_POSTFIELDS, $postvars); 68 curl_setopt($curl, CURLOPT_POSTFIELDS, $postvars);
62 curl_setopt($curl, CURLOPT_ENCODING, true); 69 curl_setopt($curl, CURLOPT_ENCODING, true);
63 $result = curl_exec($curl); 70 $result = curl_exec($curl);
64 curl_close($curl); 71 curl_close($curl);
65   72  
66 #### 73 ####
67 # IV. Grab the status of the command. 74 # IV. Grab the status of the command.
68 $status = urldecode( 75 $status = urldecode(
69 wasKeyValueGet( 76 wasKeyValueGet(
70 "success", 77 "success",
71 $result 78 $result
72 ) 79 )
73 ); 80 );
74   81  
75 #### 82 ####
76 # IV. Check the status of the command. 83 # IV. Check the status of the command.
77 switch($status) { 84 switch($status) {
78 case "True": # The message was sent successfully so store it within a conversation file. 85 case "True": # The message was sent successfully so store it within a conversation file.
79 #### 86 ####
80 # V. Get the path to the configured chat directory. 87 # V. Get the path to the configured chat directory.
81 $chatPath = realpath($CHAT_DIRECTORY); 88 $chatPath = realpath($CHAT_DIRECTORY);
82   89  
83 #### 90 ####
84 # VI. Get the user path. 91 # VI. Get the user path.
85 $userPath = join( 92 $userPath = join(
86 DIRECTORY_SEPARATOR, 93 DIRECTORY_SEPARATOR,
87 array( 94 array(
88 $CHAT_DIRECTORY, 95 $CHAT_DIRECTORY,
89 ucfirst( 96 ucfirst(
90 strtolower( 97 strtolower(
91 $_POST['firstname'] 98 $_POST['firstname']
92 ) 99 )
93 ) .' '. 100 ) .' '.
94 ucfirst( 101 ucfirst(
95 strtolower( 102 strtolower(
96 $_POST['lastname'] 103 $_POST['lastname']
97 ) 104 )
98 ).'.log' 105 ).'.log'
99 ) 106 )
100 ); 107 );
101   108  
102 #### 109 ####
103 # VII. Check that the file will be placed within the chat directory. 110 # VII. Check that the file will be placed within the chat directory.
104 $pathPart = pathinfo($userPath); 111 $pathPart = pathinfo($userPath);
105 if(realpath($pathPart['dirname']) != $chatPath) 112 if(realpath($pathPart['dirname']) != $chatPath)
106 die; 113 die;
107 114
108 #### 115 ####
109 # VIII. Store the message. 116 # VIII. Store the message.
110 storeAvatarConversation( 117 storeAvatarConversation(
111 $_POST['name'], 118 $_POST['name'],
112 '', 119 '',
113 $_POST['message'], 120 $_POST['message'],
114 $userPath, 121 $userPath,
115 $CHAT_LINES 122 $CHAT_LINES
116 ); 123 );
117 break; 124 break;
118 default: # Otherwise, return the Corrade error message. 125 default: # Otherwise, return the Corrade error message.
119 echo 'Corrade failed to deliver the message with the error message: '.urldecode( 126 echo 'Corrade failed to deliver the message with the error message: '.urldecode(
120 wasKeyValueGet( 127 wasKeyValueGet(
121 "error", 128 "error",
122 $result 129 $result
123 ) 130 )
124 ); 131 );
125 break; 132 break;
126 } 133 }
127   134  
128 ?> 135 ?>
129   136  
130
Generated by GNU Enscript 1.6.5.90.
 137
Generated by GNU Enscript 1.6.5.90.
131   138  
132   139  
133   140