corrade-http-templates
/groupChat/groupChat.html |
@@ -60,7 +60,7 @@ |
<script src="bower_components/velocity/velocity.min.js"></script> |
<script> |
$(document).ready(function () { |
function sendGroupMessage() { |
function sendGroupMessage(token) { |
// Hide the controls. |
$("#controls").animate( |
{ |
@@ -77,7 +77,8 @@ |
url: "sendGroupMessage.php", |
data: { |
name: $("#name").val(), |
message: $("#message").val() |
message: $("#message").val(), |
token: token |
} |
}).done(function(data) { |
// If any error occurred, display it. |
@@ -96,6 +97,7 @@ |
); |
}); |
} |
|
// Polls the chatlog every second for changes. |
(function retrieveMessages() { |
$.get("chat.log?t=" + Math.random(), function(data) { |
@@ -104,19 +106,23 @@ |
setTimeout(retrieveMessages, 1000); |
}); |
}()); |
|
$.get('session.php').then((token) => { |
// When the send button is pressed, then call the sendGroupMessage function to |
// send the message to the PHP script, which then send the message to Corrade. |
$("#send").click(function(e){ |
sendGroupMessage(); |
sendGroupMessage(token); |
}); |
|
// Subscribe to pressing enter with the message input box selected. |
$("#message").keypress(function(e) { |
if (e.which == 13) { |
sendGroupMessage(); |
sendGroupMessage(token); |
return false; |
} |
}); |
}); |
}); |
</script> |
</body> |
</html> |
/groupChat/sendGroupMessage.php |
@@ -17,6 +17,13 @@ |
## INTERNALS ## |
########################################################################### |
|
# CRSF. |
session_start(); |
if (empty($_POST['token']) || !hash_equals($_SESSION['token'], $_POST['token'])) { |
http_response_code(403); |
die('Forbidden.'); |
} |
|
# If there is no message set or no name set or if the message or the name |
# are empty then do not proceed any further. |
if(!isset($_POST['message']) || |
/groupChat/session.php |
@@ -0,0 +1,18 @@ |
<?php |
|
########################################################################### |
## Copyright (C) Wizardry and Steamworks 2017 - License: GNU GPLv3 ## |
########################################################################### |
|
session_start(); |
|
if (empty($_SESSION['token'])) { |
if (function_exists('mcrypt_create_iv')) { |
$_SESSION['token'] = bin2hex(mcrypt_create_iv(32, MCRYPT_DEV_URANDOM)); |
} else { |
$_SESSION['token'] = bin2hex(openssl_random_pseudo_bytes(32)); |
} |
} |
|
echo $_SESSION['token']; |
|