safechat/html/login.php

<?php
try {
  require_once("usertable.php");
  $user = $db->real_escape_string($_REQUEST['user']);
  $pubkey = $db->real_escape_string($_REQUEST['pubkey']);
  $pgp = gnupg_init();
  if (!$pgp) {
    echo json_encode(array('success' => false, 'txt' => "pgp on server failed"));
  } else {
    $verify = gnupg_import($pgp, $_REQUEST['pubkey']);
    if (!$verify) {
      echo json_encode(array('success' => false, 'txt' => "wrong identity"));
    } else {
      $q = $db->query("select * from user where name='$user' and pubkey='$pubkey';");
      if ($q->num_rows==1) {
        echo json_encode(array('success' => true, 'txt' => "user verified"));
      } elseif ($q->num_rows==0) {
        $q = $db->query("insert into user (name, pubkey) values ('$user', '$pubkey');");
        echo json_encode(array('success' => true, 'txt' => "user created"));
      } else {
        echo json_encode(array('success' => false, 'txt' => "server database defect"));
      }
    }
  }
} catch (Exception $e) {
  echo json_encode(array('success' => false, 'txt' => "login failed"));
}
?>
copied files 2015-06-28 20:58:51 +00:00			`<?php`
			`try {`
some checks on server side 2015-07-02 07:08:13 +00:00			`require_once("usertable.php");`
copied files 2015-06-28 20:58:51 +00:00			`$user = $db->real_escape_string($_REQUEST['user']);`
			`$pubkey = $db->real_escape_string($_REQUEST['pubkey']);`
some checks on server side 2015-07-02 07:08:13 +00:00			`$pgp = gnupg_init();`
			`if (!$pgp) {`
			`echo json_encode(array('success' => false, 'txt' => "pgp on server failed"));`
copied files 2015-06-28 20:58:51 +00:00			`} else {`
some checks on server side 2015-07-02 07:08:13 +00:00			`$verify = gnupg_import($pgp, $_REQUEST['pubkey']);`
			`if (!$verify) {`
			`echo json_encode(array('success' => false, 'txt' => "wrong identity"));`
			`} else {`
			`$q = $db->query("select * from user where name='$user' and pubkey='$pubkey';");`
			`if ($q->num_rows==1) {`
			`echo json_encode(array('success' => true, 'txt' => "user verified"));`
			`} elseif ($q->num_rows==0) {`
			`$q = $db->query("insert into user (name, pubkey) values ('$user', '$pubkey');");`
			`echo json_encode(array('success' => true, 'txt' => "user created"));`
			`} else {`
			`echo json_encode(array('success' => false, 'txt' => "server database defect"));`
			`}`
			`}`
copied files 2015-06-28 20:58:51 +00:00			`}`
			`} catch (Exception $e) {`
some checks on server side 2015-07-02 07:08:13 +00:00			`echo json_encode(array('success' => false, 'txt' => "login failed"));`
copied files 2015-06-28 20:58:51 +00:00			`}`
			`?>`