Spaces®; http status code header for wrong things

This commit is contained in:
Bandie 2021-01-13 19:30:12 +01:00
parent d67573fca7
commit 71c5b1ae92
Signed by: Bandie
GPG Key ID: 843D7FA93BA46312

View File

@ -3,6 +3,7 @@ include('config.php');
// check for POST request
if ($_SERVER['REQUEST_METHOD'] != 'POST') {
header("HTTP/1.1 405 Method Not Allowed");
error_log('FAILED - not POST - '. $_SERVER['REQUEST_METHOD']);
exit();
}
@ -11,6 +12,7 @@ if ($_SERVER['REQUEST_METHOD'] != 'POST') {
$content_type = isset($_SERVER['CONTENT_TYPE']) ? strtolower(trim($_SERVER['CONTENT_TYPE'])) : '';
if ($content_type != 'application/json') {
header("HTTP/1.1 403 Forbidden");
error_log('FAILED - not application/json - '. $content_type);
exit();
}
@ -19,6 +21,7 @@ if ($content_type != 'application/json') {
$payload = trim(file_get_contents("php://input"));
if (empty($payload)) {
header("HTTP/1.1 403 Forbidden");
error_log('FAILED - no payload');
exit();
}
@ -28,11 +31,13 @@ $decoded = json_decode($payload, true);
// check for json decode errors
if (json_last_error() !== JSON_ERROR_NONE) {
header("HTTP/1.1 403 Forbidden");
error_log('FAILED - json decode - '. json_last_error());
exit();
}
if($decoded['secret'] != $secret_key['pr']) {
header("HTTP/1.1 403 Forbidden");
echo("WRONG SECRET");
error_log('FAILED - wrong secret key');
exit();
@ -56,5 +61,4 @@ foreach($recipients['pr'] as $recp) {
mail($recp, $subject, $message, $from);
}
echo("SENT");
// success, do something
?>