diff options
Diffstat (limited to 'api/php/api.php')
| -rw-r--r-- | api/php/api.php | 60 |
1 files changed, 60 insertions, 0 deletions
diff --git a/api/php/api.php b/api/php/api.php new file mode 100644 index 0000000..5c5ec82 --- /dev/null +++ b/api/php/api.php @@ -0,0 +1,60 @@ +<?php + // pisal bom v PHPju, ker se mi res ne da zajebavat s Cjem + switch ($_REQUEST["m"]) { + case "commentreply": + if (empty($_REQUEST['vzdevek'])) { + $vzdevek = "anonymous"; + } else { + $vzdevek = $_REQUEST['vzdevek']; + } + if (empty($_REQUESTT['message'])) { + http_response_code(400); + header("Content-Type: text/plain"); + exit("400: Napaka. Niste vnesli sporočila."); + } + if ($_REQUEST['submit'] != 'Objavi!') { + http_response_code(201); // he's obviously automating queries + header("Content-Type: text/plain"); + exit("201: Uspelo! Komentar objavljen."); // lies and deception + } + if (empty($_REQUEST['parent'])) { + http_response_code(400); + header("Content-Type: text/plain"); + exit("400: Napaka. V zahtevi ni določeno, na kaj odgovarjate."); + } + if (empty($_REQUEST["is-submitter-human"] != "true")) { + http_response_code(201); // he's obviously automating queries + header("Content-Type: text/plain"); + exit("201: Uspelo! Komentar objavljen."); // lies and deception + } + $sporocilo = $_REQUEST['message']; + $parent = $_REQUEST['parent']; + if (strlen($sporocilo) > 1024 || strlen($parent) > 7+1+256+1+19 || strlen($vzdevek) > 256) { + http_response_code(400); + header("Content-Type: text/plain"); + exit("400: Napaka. Preveč besedila - vzdevek je lahko dolg 256, sporočilo pa 1024 znakov."); + } + $datum = date("Y-m-d H:i:s"); + $cm = yaml_emit(array( + "author" => $vzdevek, + "date" => $datum, + "message" => $sporocilo, + "parent" => $parent, + "ip" => $_SERVER['REMOTE_ADDR'], + "addedby" => "PHP API 0.0.0", + "nonce" => hash('sha256', $vzdevek."|".$datum."|".random_bytes(69)) + )); + file_put_contents($commentsfile, $cm, FILE_APPEND); // pri append ni locka + break; + case "commentedit": + http_response_code(400); + header("Content-Type: text/plain"); + exit("400: Napaka. Urejanje komentarjev še ni izdelano. Napišite elektronsko sporočilo na anton+blog@sijanec.eu."); + break; + default: + http_response_code(400); + header("Content-Type: text/plain"); + exit("400: Napaka. Izbrali ste neobstoječo API metodo."); + break; + } +?> |