corrade-http-templates

Subversion Repositories:
Compare Path: Rev
With Path: Rev
?path1? @ 51  →  ?path2? @ 52
/groupChat/groupChat.html
@@ -60,7 +60,7 @@
<script src="bower_components/velocity/velocity.min.js"></script>
<script>
$(document).ready(function () {
function sendGroupMessage() {
function sendGroupMessage(token) {
// Hide the controls.
$("#controls").animate(
{
@@ -77,7 +77,8 @@
url: "sendGroupMessage.php",
data: {
name: $("#name").val(),
message: $("#message").val()
message: $("#message").val(),
token: token
}
}).done(function(data) {
// If any error occurred, display it.
@@ -96,6 +97,7 @@
);
});
}
// Polls the chatlog every second for changes.
(function retrieveMessages() {
$.get("chat.log?t=" + Math.random(), function(data) {
@@ -104,19 +106,23 @@
setTimeout(retrieveMessages, 1000);
});
}());
$.get('session.php').then((token) => {
// When the send button is pressed, then call the sendGroupMessage function to
// send the message to the PHP script, which then send the message to Corrade.
$("#send").click(function(e){
sendGroupMessage();
sendGroupMessage(token);
});
// Subscribe to pressing enter with the message input box selected.
$("#message").keypress(function(e) {
if (e.which == 13) {
sendGroupMessage();
sendGroupMessage(token);
return false;
}
});
});
});
</script>
</body>
</html>
/groupChat/sendGroupMessage.php
@@ -17,6 +17,13 @@
## INTERNALS ##
###########################################################################
 
# CRSF.
session_start();
if (empty($_POST['token']) || !hash_equals($_SESSION['token'], $_POST['token'])) {
http_response_code(403);
die('Forbidden.');
}
 
# If there is no message set or no name set or if the message or the name
# are empty then do not proceed any further.
if(!isset($_POST['message']) ||
/groupChat/session.php
@@ -0,0 +1,18 @@
<?php
 
###########################################################################
## Copyright (C) Wizardry and Steamworks 2017 - License: GNU GPLv3 ##
###########################################################################
 
session_start();
 
if (empty($_SESSION['token'])) {
if (function_exists('mcrypt_create_iv')) {
$_SESSION['token'] = bin2hex(mcrypt_create_iv(32, MCRYPT_DEV_URANDOM));
} else {
$_SESSION['token'] = bin2hex(openssl_random_pseudo_bytes(32));
}
}
 
echo $_SESSION['token'];