kompot
/
publiccode.si
5
3
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

change sign to POST (#23)

lektura
max.mehl 2017-03-24 02:21:10 +01:00
parent d3ef154d14
commit 8d524aa640
2 changed files with 15 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
layouts/partials/sign.html
View File

@ -7,7 +7,7 @@
<hr class="light"> <hr class="light">
<p class="text-faded">{{ .Site.Params.sign.description | markdownify }}</p> <p class="text-faded">{{ .Site.Params.sign.description | markdownify }}</p>
<form action="/cgi/sign.php" method="get"> <form action="/cgi/sign.php" method="post">
<label class="sign-input form-na"> <label class="sign-input form-na">
<input name="name" placeholder="{{ .Site.Params.sign.formName }}" type="text" required /> <input name="name" placeholder="{{ .Site.Params.sign.formName }}" type="text" required />
</label> </label>

24
static/cgi/sign.php
View File

@ -5,9 +5,13 @@ $output = "";
$selfurl = "http://pmpc-test.mehl.mx/cgi/sign.php"; // absolute URL of this PHP script $selfurl = "http://pmpc-test.mehl.mx/cgi/sign.php"; // absolute URL of this PHP script
$db = "../../signatures.json"; // Signature database path $db = "../../signatures.json"; // Signature database path
// Get info from form // Get basic info from form
$action = isset($_GET['action']) ? $_GET['action'] : false; if ($_SERVER['REQUEST_METHOD'] === 'POST') {
$honeypot = isset($_GET['url']) ? $_GET['url'] : false; $action = isset($_POST['action']) ? $_POST['action'] : false;
} else {
$action = isset($_GET['action']) ? $_GET['action'] : false;
}
$honeypot = isset($_POST['url']) ? $_POST['url'] : false;
if (! empty($honeypot)) { // honeypot input field isn't empty if (! empty($honeypot)) { // honeypot input field isn't empty
$output .= "Invalid input. Error code: 5|°4m"; $output .= "Invalid input. Error code: 5|°4m";
@ -18,13 +22,13 @@ if(empty($action)) {
$output .= "No action defined."; $output .= "No action defined.";
show_page($output, 1); show_page($output, 1);
} else if ($action === "sign") { } else if ($action === "sign") {
$name = isset($_GET['name']) ? $_GET['name'] : false; $name = isset($_POST['name']) ? $_POST['name'] : false;
$email = isset($_GET['email']) ? $_GET['email'] : false; $email = isset($_POST['email']) ? $_POST['email'] : false;
$country = isset($_GET['country']) ? $_GET['country'] : false; $country = isset($_POST['country']) ? $_POST['country'] : false;
$zip = isset($_GET['zip']) ? $_GET['zip'] : false; $zip = isset($_POST['zip']) ? $_POST['zip'] : false;
$permPriv = isset($_GET['permissionPriv']) ? $_GET['permissionPriv'] : false; $permPriv = isset($_POST['permissionPriv']) ? $_POST['permissionPriv'] : false;
$permNews = isset($_GET['permissionNews']) ? $_GET['permissionNews'] : false; $permNews = isset($_POST['permissionNews']) ? $_POST['permissionNews'] : false;
$permPub = isset($_GET['permissionPub']) ? $_GET['permissionPub'] : false; $permPub = isset($_POST['permissionPub']) ? $_POST['permissionPub'] : false;
// Check for missing required fields // Check for missing required fields
if(empty($name) || empty($email) || empty($permPriv)) { if(empty($name) || empty($email) || empty($permPriv)) {