added send

2025-04-19 10:18:26 +02:00 · 2025-04-19 10:18:26 +02:00 · 53a52632a7
commit 53a52632a7
parent 00bffab9e2
1 changed files with 119 additions and 5 deletions
--- a/send.php
+++ b/send.php
@ -4,10 +4,124 @@
 *		smzint/Messages (c) schmamazon.com 2025
 */

-echo $_POST["by"];
-echo "<br>";
-echo $_POST["receiver"];
-echo "<br>";
-echo $_POST["body"];
+include('../Auth/index.php');

+$by = filter_var($_POST["by"], FILTER_SANITIZE_STRING);
+$receiver = filter_var($_POST["receiver"], FILTER_SANITIZE_STRING);
+$body = filter_var($_POST["body"], FILTER_SANITIZE_STRING);
+$color = filter_var($_POST["color"], FILTER_SANITIZE_STRING);
+$body_hash = hash('sha256', $body);
+$messageId = uniqid();
+
+receiverCheck($by);
+pushMetadata($messageId, $receiver, $color, $body_hash);
+
+
+function receiverCheck($by){
+  global $receiver;
+  include('search.php');
+  switch ($by) {
+    case '0':
+      if (uid($receiver) == false){
+        echo "FATAL: Empfänger ($receiver) nicht gefunden (searched by ID)";
+        die();
+      }
+      break;
+
+    case '1':
+      if (username($receiver) == false){
+        echo "FATAL: Empfänger ($receiver) nicht gefunden (searched by NAME)";
+      }else{
+        $receiver = username($receiver);
+      }
+      break;
+  }
+}
+
+function pushMetadata($messageId, $receiver, $color, $body_hash){
+  $sender_info = "".$_SERVER['REMOTE_ADDR'].", ". $_SERVER['HTTP_USER_AGENT']."";
+
+  global $dbservername;
+	global $dbusername;
+	global $dbpassword;
+	global $dbname;
+  global $uid;
+
+  $conn = new mysqli($dbservername, $dbusername, $dbpassword, $dbname);
+		if ($conn->connect_error) {
+			die("Server Error");
+		}
+    $sql = "INSERT INTO smz_messages_metadata (message, sender, receiver, sender_info, color, body_hash) VALUES ('$messageId', '$uid', '$receiver', '$sender_info', '$color', '$body_hash')";
+
+		if ($conn->query($sql) === TRUE) {
+      echo "Metadaten erfolgreich gespeichert";
+		} else {
+			echo "Error: " . $sql . "<br>" . $conn->error;
+		}
+
+		$conn->close();
+
+}
+
+function pushInternal($messageId, $body){
+  global $dbservername;
+	global $dbusername;
+	global $dbpassword;
+	global $dbname;
+
+  $conn = new mysqli($dbservername, $dbusername, $dbpassword, $dbname);
+		if ($conn->connect_error) {
+			die("Server Error");
+		}
+    $sql = "INSERT INTO smz_messages_internal (message_id, message_body) VALUES ('$messageId', '$body')";
+
+		if ($conn->query($sql) === TRUE) {
+      echo "INTERNAL erfolgreich gespeichert";
+		} else {
+			echo "Error: " . $sql . "<br>" . $conn->error;
+		}
+
+		$conn->close();
+}
+
+function pushExternal($messageId, $body){
+  global $dbservername;
+	global $dbusername;
+	global $dbpassword;
+	global $dbname;
+
+  $conn = new mysqli($dbservername, $dbusername, $dbpassword, $dbname);
+		if ($conn->connect_error) {
+			die("Server Error");
+		}
+    $sql = "INSERT INTO smz_messages_external (message_id, message_body) VALUES ('$messageId', '$body')";
+
+		if ($conn->query($sql) === TRUE) {
+      echo "EXTERNAL erfolgreich gespeichert";
+		} else {
+			echo "Error: " . $sql . "<br>" . $conn->error;
+		}
+
+		$conn->close();
+}
+
+include('keyGrab.php');
+$sender_key = grabPublicKey($uid);
+$receiver_key = grabPublicKey($receiver);
+$encryptedBodyINTERNAL = '';
+$encryptedBodyEXTERNAL = '';
+
+$encryptedINTERNAL = openssl_public_encrypt($body, $encryptedBodyINTERNAL, $sender_key, OPENSSL_PKCS1_PADDING);
+$encryptedEXTERNAL = openssl_public_encrypt($body, $encryptedBodyEXTERNAL, $receiver_key, OPENSSL_PKCS1_PADDING);
+
+if ($encryptedINTERNAL === false) {
+    die("Fehler beim Verschlüsseln (internal): " . openssl_error_string());
+}
+if ($encryptedEXTERNAL === false) {
+    die("Fehler beim Verschlüsseln (external): " . openssl_error_string());
+}
+
+pushInternal($messageId, base64_encode($encryptedBodyINTERNAL));
+pushExternal($messageId, base64_encode($encryptedBodyEXTERNAL));
+echo "<h1>ERFOLG</1>";
 ?>