real_escape_string($_REQUEST['user']); $msg = $db->real_escape_string($_REQUEST['msg']); if (strlen($_REQUEST['msg'])>100000) error("message is too long"); $q = $db->query("select pubkey from user where name='$user';"); if (!$q || $q->num_rows!=1) error("user not found on server"); $pubkey = gnupg_import($pgp, $q->fetch_row()[0]); if (!$pubkey) error("wrong identity"); require_once("messagetable.php"); $q = $db->query("insert into message (user, msg) values ('$user', '$msg');"); if (!$q) { error_log("Error storing message: ".$db->error); error("storing message failed"); } success("message stored"); } catch (Exception $e) { error_log("Error storing message: ".$e->message); error("storing message failed"); } ?>