37 lines
1.2 KiB
PHP
37 lines
1.2 KiB
PHP
|
<?php
|
||
|
|
||
|
session_start();
|
||
|
require_once 'php/config.inc.php';
|
||
|
include header;
|
||
|
|
||
|
if (isset($_POST) && count($_POST)>0) {
|
||
|
// add a few misc maybe-useful fields to the data before encrypting
|
||
|
$_POST['00a_received'] = date(DATE_RSS);
|
||
|
$_POST['00b_spam'] = isset($_POST['email']) && trim($_POST['email']) != "" ? "probably" : "unlikely";
|
||
|
$_POST['00c_ip'] = $_SERVER['REMOTE_ADDR'];
|
||
|
$_POST['00d_session'] = session_id();
|
||
|
|
||
|
// serialize post data -- creates a risk of extraneous data being submitted by pests
|
||
|
$data = json_encode($_POST);
|
||
|
|
||
|
// pubkey is a base64-encoded key generated by sodium_crypto_box_keypair
|
||
|
$pubKey = base64_decode(file_get_contents("key.public"));
|
||
|
|
||
|
// for now, data is stored by encrypting each submission individually, base64 encoding it,
|
||
|
// and appending it as a separate line onto the end of the data file (prepending with a
|
||
|
// unix timestamp so later we can tell if new data has arrived without decrypting)
|
||
|
$encrypted = sodium_crypto_box_seal($data, $pubKey);
|
||
|
|
||
|
if (file_put_contents(FILE, time() . "|" . base64_encode($encrypted)."\n", FILE_APPEND | LOCK_EX) !== false) {
|
||
|
echo MSG_SUCCESS;
|
||
|
} else {
|
||
|
echo MSG_FAIL;
|
||
|
}
|
||
|
} else {
|
||
|
include form;
|
||
|
}
|
||
|
|
||
|
include footer;
|
||
|
|
||
|
?>
|