better structure and documentation

lektura
max.mehl 2017-03-28 01:24:06 +02:00
parent f09e50ba27
commit ec4abfd00e
1 changed files with 54 additions and 36 deletions

View File

@ -8,14 +8,12 @@ $db = "../../signatures.json"; // Signature database path
$ipdb = "../../ips.json"; // IP database path $ipdb = "../../ips.json"; // IP database path
$spamdb = "../../spammer_" . date('Y-m-d') . ".json"; // This day's potential spammer database $spamdb = "../../spammer_" . date('Y-m-d') . ".json"; // This day's potential spammer database
// Get basic info from form ///////////////////
if ($_SERVER['REQUEST_METHOD'] === 'POST') { /// SPAM CHECKS ///
$action = isset($_POST['action']) ? $_POST['action'] : false; ///////////////////
} else {
$action = isset($_GET['action']) ? $_GET['action'] : false;
}
$honeypot = isset($_POST['url']) ? $_POST['url'] : false;
// Test whether visitor fell for honeypot
$honeypot = isset($_POST['url']) ? $_POST['url'] : false;
if (! empty($honeypot)) { // honeypot input field isn't empty if (! empty($honeypot)) { // honeypot input field isn't empty
$output .= "Invalid input. Error code: 5|°4m"; $output .= "Invalid input. Error code: 5|°4m";
show_page($output, 1); show_page($output, 1);
@ -66,10 +64,23 @@ if ($limit_exceeded) {
show_page($output, 1); show_page($output, 1);
} }
///////////////////////
/// FORM EVALUATION ///
///////////////////////
// Get basic info from form
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
$action = isset($_POST['action']) ? $_POST['action'] : false;
} else {
$action = isset($_GET['action']) ? $_GET['action'] : false;
}
// Continue only if action = sign/confirmation
// Depending on action, get important variables
if(empty($action)) { if(empty($action)) {
$output .= "No action defined."; $output .= "No action defined.";
show_page($output, 1); show_page($output, 1);
} else if ($action === "sign") { } else if ($action === "sign") { // sign
$name = isset($_POST['name']) ? $_POST['name'] : false; $name = isset($_POST['name']) ? $_POST['name'] : false;
$email = isset($_POST['email']) ? $_POST['email'] : false; $email = isset($_POST['email']) ? $_POST['email'] : false;
$country = isset($_POST['country']) ? $_POST['country'] : false; $country = isset($_POST['country']) ? $_POST['country'] : false;
@ -83,7 +94,7 @@ if(empty($action)) {
$output .= "At least one required variable is empty."; $output .= "At least one required variable is empty.";
show_page($output, 1); show_page($output, 1);
} }
} else if ($action === "confirm") { } else if ($action === "confirm") { // confirm
$confirmcode = isset($_GET['code']) ? $_GET['code'] : false; $confirmcode = isset($_GET['code']) ? $_GET['code'] : false;
$confirmid = isset($_GET['id']) ? $_GET['id'] : false; $confirmid = isset($_GET['id']) ? $_GET['id'] : false;
@ -92,39 +103,17 @@ if(empty($action)) {
$output .= "Confirmation code or ID is missing."; $output .= "Confirmation code or ID is missing.";
show_page($output, 1); show_page($output, 1);
} }
} else { } else { // invalid
$output .= "Invalid action."; $output .= "Invalid action.";
show_page($output, 1); show_page($output, 1);
} }
// Continue only if action = sign/confirmation
// Validate input // Validate input
//TODO //TODO
// Read signatures database (should only be called if really needed) ///////////////
function read_db($db) {
global $data; // declare $data a global variable to access it outside this function
if (! file_exists($db)) {
touch($db);
}
$file = file_get_contents($db, true);
$data = json_decode($file, true);
unset($file);
}
// Read IP database
function read_ips($ipdb) {
global $ips; // declare $data a global variable to access it outside this function
if (! file_exists($ipdb)) {
touch($ipdb);
}
$file = file_get_contents($ipdb, true);
$ips = json_decode($file, true);
unset($file);
}
/// SIGNING /// /// SIGNING ///
///////////////
if ($action === "sign") { if ($action === "sign") {
read_db($db); read_db($db);
@ -179,7 +168,9 @@ if ($action === "sign") {
show_page($output, 0); show_page($output, 0);
} else if ($action === "confirm") { } else if ($action === "confirm") {
////////////////////
/// CONFIRMATION /// /// CONFIRMATION ///
////////////////////
$id = $confirmid - $codemod; // substract the obfuscation number from the given ID $id = $confirmid - $codemod; // substract the obfuscation number from the given ID
@ -227,13 +218,40 @@ if ($action === "sign") {
} // END confirm } // END confirm
// --- PRINT OUTPUT IN TEMPLATE FILE ---
////////////////
// FUNCTIONS ///
////////////////
// Read signatures database (should only be called if really needed)
function read_db($db) {
global $data; // declare $data a global variable to access it outside this function
if (! file_exists($db)) {
touch($db);
}
$file = file_get_contents($db, true);
$data = json_decode($file, true);
unset($file);
}
// Read IP database
function read_ips($ipdb) {
global $ips; // declare $data a global variable to access it outside this function
if (! file_exists($ipdb)) {
touch($ipdb);
}
$file = file_get_contents($ipdb, true);
$ips = json_decode($file, true);
unset($file);
}
// Replace a given placeholder in a template HTML page with given content
function replace_page($template, $placeholder, $content){ function replace_page($template, $placeholder, $content){
$vars = array($placeholder=>$content); $vars = array($placeholder=>$content);
return str_replace(array_keys($vars), $vars, $template); return str_replace(array_keys($vars), $vars, $template);
} }
// Show the filled template page, depending on exit code
function show_page($output, $exit) { function show_page($output, $exit) {
if ($exit === 0) { if ($exit === 0) {
$headline = "Success"; $headline = "Success";