search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
working version
[Anonymous-Twitter-Board.git] / add-to-queue.php
blob04bd077e7354662141a57b2462878d35394a567c
1 <?php
2 error_reporting (0);
3 require("class/board-level-database-connection.php");
4 $connection = new BoardLevelDatabaseConnection();
5
6 if ($_POST["ticket"] == "-1"){
7 echo "All=-1";
8 $connection->deleteFromTable("SubmissionTicket", "IPAddress", $_SERVER["HTTP_X_REAL_IP"]);
9 die;
10 }
11
12 $session_ip = $_SERVER["HTTP_X_REAL_IP"];
13 $ticket_stored_parts = $connection->getPostDetails("SubmissionTicket", "IPAddress", $session_ip)[0];
14 $recieved_ticket = base64_decode($_POST["ticket"]);
15
16 $uncompressed_ticket = gzuncompress ($recieved_ticket);
17 $ticket_parts = explode(",", $uncompressed_ticket);
18
19 if($ticket_stored_parts["TicketValue"] != $ticket_parts[0]){//ticket id check against DB and token == Was this token registered
20 echo "All=-2";
21 $connection->deleteFromTable("SubmissionTicket", "IPAddress", $_SERVER["HTTP_X_REAL_IP"]);
22 die;
23 }
24 if($ticket_stored_parts["PostText"] != $ticket_parts[1]){//comment check against DB and token == Was this comment checked?
25 echo "All=-3";
26 $connection->deleteFromTable("SubmissionTicket", "IPAddress", $_SERVER["HTTP_X_REAL_IP"]);
27 die;
28 }
29 if($_SERVER["HTTP_X_REAL_IP"] != $ticket_parts[2]){ // IP check against poster and token == Are you the person who made the token?
30 echo "All=-4";
31 $connection->deleteFromTable("SubmissionTicket", "IPAddress", $_SERVER["HTTP_X_REAL_IP"]);
32 die;
33 }
34
35 require_once("class/board-functions.php");
36 require_once("class/additional-functions.php");
37
38 $comment = $ticket_parts[1];
39 $file_string = BoardFunctions::uploadAndVerify(array($_POST["file1"], $_POST["file2"], $_POST["file3"], $_POST["file4"]));
40 if($file_string != "" && $ticket_parts[3] == "0"){//Unpermitted image
41 $connection->deleteFromTable("SubmissionTicket", "IPAddress", $_SERVER["HTTP_X_REAL_IP"]);
42 $file_string_arr = explode(",", urldecode($file_string));
43 foreach($file_string_arr as $upload_location){
44 if($upload_location !== "")
45 unlink($upload_location);
46 }
47 echo "All=-5";
48 die;
49 }
50
51
52 $do_not_submit = false;
53 //Duplicate code = 6
54 for($file = 0 ; $file < 4 ; $file++) if(BoardFunctions::$die_state[$file] != 0 && BoardFunctions::$die_state[$file] != 5){
55 $do_not_submit = true;
56 }
57
58 if($do_not_submit) {
59 $file_string_arr = explode(",", urldecode($file_string));
60 $connection->deleteFromTable("SubmissionTicket", "IPAddress", $_SERVER["HTTP_X_REAL_IP"]);
61 foreach($file_string_arr as $upload_location){
62 if($upload_location !== "")
63 unlink($upload_location);
64 }
65 }
66 else{
67 $id = ceil((microtime(true) *10)) . "" . (rand(0,9));
68 $unverified_state = 0; // 0=false. Is verifed
69 if(strpos($comment, "VERIFY: ") !== false){
70 $unverified_state = 1;// 1=true. Is not verifed
71 $comment = substr($comment, 8);
72 }
73
74 $post_properties = parse_ini_file("settings/postproperties.ini");
75 $post_properties["TotalPosts"] = intval($post_properties["TotalPosts"]) + 1;
76 StandardFunctions::write_php_ini($post_properties, "settings/postproperties.ini");
77
78 $connection->addToTable("Tweet", ["PostID"=> $id, "ImageURL" => $file_string, "PostText"=>$comment]);
79 $connection->addToTable("Unsubmitted", ["PostID"=> $id, "IPAddress"=>$_SERVER["HTTP_X_REAL_IP"], "Unverified"=>$unverified_state]);
80 }
81 echo "f1=".BoardFunctions::$die_state[0] ."&f2=". BoardFunctions::$die_state[1]
82 ."&f3=". BoardFunctions::$die_state[2] ."&f4=".BoardFunctions::$die_state[3];
83 die;
84
85 ?>