Fully end to end encrypted anonymous chat program. Server only stores public key lookup for users and the encrypted messages. No credentials are transfered to the server, but kept in local browser storage. This allows 100% safe chatting. https://safechat.ch
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

51 lines
1.6 KiB

10 years ago
<?php
9 years ago
/*! @file
@id $Id$
@see @ref apisend
@page api
@section apisend Send Message To Server
API-call send.php
Send a message to the server. Sever checks if user exists and has
a valid public key. More test could be added later.
@param user The name of the user that send the message.
@param msg The armored signed and encrypted message. There is a
limit of 100000 bytes for the message.
@return
- success() if the message has been stored successfully
- error() in case of any error
*/
// 1 2 3 4 5 6 7 8
// 45678901234567890123456789012345678901234567890123456789012345678901234567890
10 years ago
try {
require_once("usertable.php");
10 years ago
$user = $db->real_escape_string($_REQUEST['user']);
$msg = $db->real_escape_string($_REQUEST['msg']);
$pgp = gnupg_init();
if (strlen($_REQUEST['msg'])>100000) error("message is too long");
if (!$pgp) error("pgp on server failed");
$q = $db->query("select pubkey from user where name='$user';");
if (!$q || $q->num_rows!=1) error("user not found on server");
$pubkey = gnupg_import($pgp, $q->fetch_row()[0]);
if (!$pubkey) error("wrong identity");
require_once("messagetable.php");
$q = $db->query("insert into message (user, msg) values ('$user', '$msg');");
if (!$q) {
error_log("Error storing message: ".$db->error);
error("storing message failed");
}
success("message stored");
10 years ago
} catch (Exception $e) {
error_log("Error storing message: ".$e->message);
error("storing message failed");
10 years ago
}
10 years ago
?>