Browse Source

Spaces®; http status code header for wrong things

master
Bandie 1 year ago
parent
commit
71c5b1ae92
Signed by: Bandie GPG Key ID: 843D7FA93BA46312
1 changed files with 16 additions and 12 deletions
  1. +16
    -12
      www/pr.php

+ 16
- 12
www/pr.php View File

@ -3,24 +3,27 @@ include('config.php');
// check for POST request
if ($_SERVER['REQUEST_METHOD'] != 'POST') {
error_log('FAILED - not POST - '. $_SERVER['REQUEST_METHOD']);
exit();
header("HTTP/1.1 405 Method Not Allowed");
error_log('FAILED - not POST - '. $_SERVER['REQUEST_METHOD']);
exit();
}
// get content type
$content_type = isset($_SERVER['CONTENT_TYPE']) ? strtolower(trim($_SERVER['CONTENT_TYPE'])) : '';
if ($content_type != 'application/json') {
error_log('FAILED - not application/json - '. $content_type);
exit();
header("HTTP/1.1 403 Forbidden");
error_log('FAILED - not application/json - '. $content_type);
exit();
}
// get payload
$payload = trim(file_get_contents("php://input"));
if (empty($payload)) {
error_log('FAILED - no payload');
exit();
header("HTTP/1.1 403 Forbidden");
error_log('FAILED - no payload');
exit();
}
// convert json to array
@ -28,14 +31,16 @@ $decoded = json_decode($payload, true);
// check for json decode errors
if (json_last_error() !== JSON_ERROR_NONE) {
error_log('FAILED - json decode - '. json_last_error());
exit();
header("HTTP/1.1 403 Forbidden");
error_log('FAILED - json decode - '. json_last_error());
exit();
}
if($decoded['secret'] != $secret_key['pr']) {
echo("WRONG SECRET");
error_log('FAILED - wrong secret key');
exit();
header("HTTP/1.1 403 Forbidden");
echo("WRONG SECRET");
error_log('FAILED - wrong secret key');
exit();
}
file_put_contents("log.txt", print_r($decoded, true));
@ -56,5 +61,4 @@ foreach($recipients['pr'] as $recp) {
mail($recp, $subject, $message, $from);
}
echo("SENT");
// success, do something
?>

Loading…
Cancel
Save