corrade-http-templates – Blame information for rev 82

Subversion Repositories:
Rev:
Rev Author Line No. Line
1 eva 1 <?php
2  
3 ###########################################################################
4 ## Copyright (C) Wizardry and Steamworks 2016 - License: GNU GPLv3 ##
5 ###########################################################################
6 ## This is a script that sends a message to an agent from Corrade and it ##
7 ## also stores the sent message to a conversation file. ##
8 ###########################################################################
9  
10 ###########################################################################
11 ## CONFIGURATION ##
12 ###########################################################################
13  
14 require_once('config.php');
81 office 15 require_once('functions.php');
73 office 16 require_once('vendor/was/utilities/src/formats/kvp/kvp.php');
1 eva 17  
18 ###########################################################################
19 ## INTERNALS ##
20 ###########################################################################
21  
50 office 22 # CRSF.
23 session_start();
24 if (empty($_POST['token']) || !hash_equals($_SESSION['token'], $_POST['token'])) {
25 http_response_code(403);
26 die('Forbidden.');
27 }
28  
4 eva 29 # Check that we have all the necessary variables.
1 eva 30 if(!isset($_POST['message']) ||
4 eva 31 empty($_POST['message']) ||
1 eva 32 !isset($_POST['name']) ||
4 eva 33 empty($_POST['name']) ||
1 eva 34 !isset($_POST['firstname']) ||
4 eva 35 empty($_POST['firstname']) ||
36 !isset($_POST['lastname']) ||
37 empty($_POST['lastname'])) return;
1 eva 38  
39 ####
40 # I. Build the POST array to send to Corrade.
41 $params = array(
42 'command' => 'tell',
43 'group' => $GROUP,
44 'password' => $PASSWORD,
45 'entity' => 'avatar',
46 'firstname' => $_POST['firstname'],
47 'lastname' => $_POST['lastname'],
48 'message' => $_POST['name'].' says '.$_POST['message']
49 );
50  
51 ####
52 # II. Escape the data to be sent to Corrade.
53 array_walk($params,
54 function(&$value, $key) {
82 office 55 $value = urlencode($key)."=".urlencode($value);
1 eva 56 }
57 );
58 $postvars = implode('&', $params);
59  
60 ####
61 # III. Use curl to send the message.
62 if (!($curl = curl_init())) {
63 print 0;
64 return;
65 }
66 curl_setopt($curl, CURLOPT_URL, $URL);
67 curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);
68 curl_setopt($curl, CURLOPT_POST, true);
69 curl_setopt($curl, CURLOPT_POSTFIELDS, $postvars);
70 curl_setopt($curl, CURLOPT_ENCODING, true);
71 $result = curl_exec($curl);
72 curl_close($curl);
73  
74 ####
75 # IV. Grab the status of the command.
76 $status = urldecode(
77 wasKeyValueGet(
78 "success",
79 $result
80 )
81 );
82  
83 ####
84 # IV. Check the status of the command.
85 switch($status) {
86 case "True": # The message was sent successfully so store it within a conversation file.
87 ####
88 # V. Get the path to the configured chat directory.
89 $chatPath = realpath($CHAT_DIRECTORY);
90  
91 ####
92 # VI. Get the user path.
93 $userPath = join(
94 DIRECTORY_SEPARATOR,
95 array(
96 $CHAT_DIRECTORY,
97 ucfirst(
98 strtolower(
99 $_POST['firstname']
100 )
101 ) .' '.
102 ucfirst(
103 strtolower(
104 $_POST['lastname']
105 )
106 ).'.log'
107 )
108 );
109  
110 ####
111 # VII. Check that the file will be placed within the chat directory.
112 $pathPart = pathinfo($userPath);
113 if(realpath($pathPart['dirname']) != $chatPath)
114 die;
115  
116 ####
117 # VIII. Store the message.
118 storeAvatarConversation(
119 $_POST['name'],
120 '',
121 $_POST['message'],
122 $userPath,
123 $CHAT_LINES
124 );
125 break;
126 default: # Otherwise, return the Corrade error message.
127 echo 'Corrade failed to deliver the message with the error message: '.urldecode(
128 wasKeyValueGet(
129 "error",
130 $result
131 )
132 );
133 break;
134 }