real_escape_string($user); $msg = $db->real_escape_string($msg); if (strlen($_REQUEST['msg'])>100000) error("message is too long"); $q = $db->query("select pubkey from user where name='$user';"); if (!$q || $q->num_rows!=1) error("user not found on server"); /* $pubkey = gnupg_import($pgp, $q->fetch_row()[0]); if (!$pubkey) error("wrong identity"); */ $q = $db->query("insert into message (user, msg) values ('$user', '$msg');"); if (!$q) { error_log("Error storing message: ".$db->error); error("storing message failed"); } success("message stored"); } catch (Exception $e) { error_log("Error storing message: ".$e->message); error("storing message failed"); } } send($_REQUEST['user'], $_REQUEST['msg']); ?>