From 9d3c8c0e6e1a7ba43bf3dc19350d1dca68b657a3 Mon Sep 17 00:00:00 2001
From: Chris Xiong <chirs241097@gmail.com>
Date: Sun, 10 Feb 2019 11:16:07 +0800
Subject: Initial commit.

---
 leave-a-message/writemessage.php | 65 ++++++++++++++++++++++++++++++++++++++++
 1 file changed, 65 insertions(+)
 create mode 100644 leave-a-message/writemessage.php

(limited to 'leave-a-message/writemessage.php')

diff --git a/leave-a-message/writemessage.php b/leave-a-message/writemessage.php
new file mode 100644
index 0000000..b4585fe
--- /dev/null
+++ b/leave-a-message/writemessage.php
@@ -0,0 +1,65 @@
+<html>
+<?php
+	function onerror($n,$m)
+	{
+		echo "<script>
+		window.onload=function()
+		{
+			var f = document.createElement('form');
+			f.action='https://chrisoft.org/leave-a-message/';
+			f.method='POST';
+			f.style.display='none';
+
+			var i=document.createElement('input');
+			i.type='hidden';
+			i.name='name';
+			i.value='".$n."';
+			f.appendChild(i);
+			i=document.createElement('input');
+			i.type='hidden';
+			i.name='content';
+			i.value='".$m."';
+			f.appendChild(i);
+
+			document.body.appendChild(f);
+			f.submit();
+		}
+		</script>";
+	}
+	$name;$mesg;$captcha;
+	if(isset($_POST['name']))
+		$name=$_POST['name'];
+	if(isset($_POST['content']))
+		$mesg=$_POST['content'];
+	if(isset($_POST['g-recaptcha-response']))
+		$captcha=$_POST['g-recaptcha-response'];
+	if(!$captcha){
+		onerror($name,$mesg);
+		exit;
+	}
+	$response=json_decode(file_get_contents("https://www.google.com/recaptcha/api/siteverify?secret=6Lf1lAcUAAAAABRj_EJ1OzhzGfiorpfYFbcGQE5r&response=".$captcha."&remoteip=".$_SERVER['REMOTE_ADDR']), true);
+	if($response['success'] == false)onerror($name,$mesg);
+	else
+	{
+		if(strlen($mesg)+strlen($name)>16300)echo "Your message is too long!!!";
+		$rmesg=htmlspecialchars($mesg);
+		$rmesg=nl2br($rmesg,false);
+		$rmesg=trim(preg_replace('/\s\s+/', ' ', $rmesg));
+		$f=fopen("/var/www/html/leave-a-message/messages.txt","a");
+		$str=sprintf("<div class=\"comment\"><p>%s</p><div class=\"author\">%s at %s</div></div><br>\n",$rmesg,htmlspecialchars($name),strftime("%Y-%m-%d %H:%M"));
+		fwrite($f,$str);
+		fclose($f);
+		$f=fopen("/var/www/html/leave-a-message/messages.json","a");
+		$str=sprintf("{\"cont\":\"%s\",\"author\":\"%s\",\"time\":\"%s\"}\n",$rmesg,htmlspecialchars($name),strftime("%Y-%m-%d %H:%M"));
+		fwrite($f,$str);
+		fclose($f);
+		$f=fopen("/var/www/html/leave-a-message/archive.txt","a");
+		$str=sprintf("comment: %s\nauthor: %s\ntime: %s\nIP: %s\n\n",$mesg,$name,strftime("%Y-%m-%d %H:%M:%S"),$_SERVER['HTTP_X_FORWARDED_FOR']?$_SERVER['HTTP_X_FORWARDED_FOR']:$_SERVER['REMOTE_ADDR']);
+		fwrite($f,$str);
+		fclose($f);
+		echo "<script>window.location='https://chrisoft.org/#guestbook'</script>";
+	}
+?>
+</html>
+<body>
+</body>
-- 
cgit v1.2.3