diff --git a/send.php b/send.php
index a9af56b..81b8b2c 100644
--- a/send.php
+++ b/send.php
@@ -4,10 +4,124 @@
* smzint/Messages (c) schmamazon.com 2025
*/
-echo $_POST["by"];
-echo "
";
-echo $_POST["receiver"];
-echo "
";
-echo $_POST["body"];
+include('../Auth/index.php');
+$by = filter_var($_POST["by"], FILTER_SANITIZE_STRING);
+$receiver = filter_var($_POST["receiver"], FILTER_SANITIZE_STRING);
+$body = filter_var($_POST["body"], FILTER_SANITIZE_STRING);
+$color = filter_var($_POST["color"], FILTER_SANITIZE_STRING);
+$body_hash = hash('sha256', $body);
+$messageId = uniqid();
+
+receiverCheck($by);
+pushMetadata($messageId, $receiver, $color, $body_hash);
+
+
+function receiverCheck($by){
+ global $receiver;
+ include('search.php');
+ switch ($by) {
+ case '0':
+ if (uid($receiver) == false){
+ echo "FATAL: Empfänger ($receiver) nicht gefunden (searched by ID)";
+ die();
+ }
+ break;
+
+ case '1':
+ if (username($receiver) == false){
+ echo "FATAL: Empfänger ($receiver) nicht gefunden (searched by NAME)";
+ }else{
+ $receiver = username($receiver);
+ }
+ break;
+ }
+}
+
+function pushMetadata($messageId, $receiver, $color, $body_hash){
+ $sender_info = "".$_SERVER['REMOTE_ADDR'].", ". $_SERVER['HTTP_USER_AGENT']."";
+
+ global $dbservername;
+ global $dbusername;
+ global $dbpassword;
+ global $dbname;
+ global $uid;
+
+ $conn = new mysqli($dbservername, $dbusername, $dbpassword, $dbname);
+ if ($conn->connect_error) {
+ die("Server Error");
+ }
+ $sql = "INSERT INTO smz_messages_metadata (message, sender, receiver, sender_info, color, body_hash) VALUES ('$messageId', '$uid', '$receiver', '$sender_info', '$color', '$body_hash')";
+
+ if ($conn->query($sql) === TRUE) {
+ echo "Metadaten erfolgreich gespeichert";
+ } else {
+ echo "Error: " . $sql . "
" . $conn->error;
+ }
+
+ $conn->close();
+
+}
+
+function pushInternal($messageId, $body){
+ global $dbservername;
+ global $dbusername;
+ global $dbpassword;
+ global $dbname;
+
+ $conn = new mysqli($dbservername, $dbusername, $dbpassword, $dbname);
+ if ($conn->connect_error) {
+ die("Server Error");
+ }
+ $sql = "INSERT INTO smz_messages_internal (message_id, message_body) VALUES ('$messageId', '$body')";
+
+ if ($conn->query($sql) === TRUE) {
+ echo "INTERNAL erfolgreich gespeichert";
+ } else {
+ echo "Error: " . $sql . "
" . $conn->error;
+ }
+
+ $conn->close();
+}
+
+function pushExternal($messageId, $body){
+ global $dbservername;
+ global $dbusername;
+ global $dbpassword;
+ global $dbname;
+
+ $conn = new mysqli($dbservername, $dbusername, $dbpassword, $dbname);
+ if ($conn->connect_error) {
+ die("Server Error");
+ }
+ $sql = "INSERT INTO smz_messages_external (message_id, message_body) VALUES ('$messageId', '$body')";
+
+ if ($conn->query($sql) === TRUE) {
+ echo "EXTERNAL erfolgreich gespeichert";
+ } else {
+ echo "Error: " . $sql . "
" . $conn->error;
+ }
+
+ $conn->close();
+}
+
+include('keyGrab.php');
+$sender_key = grabPublicKey($uid);
+$receiver_key = grabPublicKey($receiver);
+$encryptedBodyINTERNAL = '';
+$encryptedBodyEXTERNAL = '';
+
+$encryptedINTERNAL = openssl_public_encrypt($body, $encryptedBodyINTERNAL, $sender_key, OPENSSL_PKCS1_PADDING);
+$encryptedEXTERNAL = openssl_public_encrypt($body, $encryptedBodyEXTERNAL, $receiver_key, OPENSSL_PKCS1_PADDING);
+
+if ($encryptedINTERNAL === false) {
+ die("Fehler beim Verschlüsseln (internal): " . openssl_error_string());
+}
+if ($encryptedEXTERNAL === false) {
+ die("Fehler beim Verschlüsseln (external): " . openssl_error_string());
+}
+
+pushInternal($messageId, base64_encode($encryptedBodyINTERNAL));
+pushExternal($messageId, base64_encode($encryptedBodyEXTERNAL));
+echo "ERFOLG";
?>