diff options
Diffstat (limited to 'web/process.php')
-rw-r--r-- | web/process.php | 66 |
1 files changed, 42 insertions, 24 deletions
diff --git a/web/process.php b/web/process.php index cadbf98..a005319 100644 --- a/web/process.php +++ b/web/process.php @@ -5,45 +5,56 @@ require_once "config.php"; - $ipaddress = filter_input(INPUT_SERVER, "REMOTE_ADDR", - FILTER_VALIDATE_IP); + $ipaddress = filter_input( + INPUT_SERVER, + "REMOTE_ADDR", + FILTER_VALIDATE_IP + ); if (RECAPTCHA_ENABLED) { require_once "recaptcha.php"; - $challenge = filter_input(INPUT_POST, - "recaptcha_challenge_field", - FILTER_UNSAFE_RAW); - $response = filter_input(INPUT_POST, - "recaptcha_response_field", - FILTER_UNSAFE_RAW); + $challenge = filter_input( + INPUT_POST, + "recaptcha_challenge_field", + FILTER_UNSAFE_RAW + ); - $resp = recaptcha_check_answer(RECAPTCHA_PRIVATE_KEY, - $ipaddress, - $challenge, - $response); + $response = filter_input( + INPUT_POST, + "recaptcha_response_field", + FILTER_UNSAFE_RAW + ); + + $resp = recaptcha_check_answer( + RECAPTCHA_PRIVATE_KEY, + $ipaddress, + $challenge, + $response + ); if (!$resp->is_valid) { die("CAPTCHA was incorrect"); } } - function sanitize_shellarg($arg) { + function sanitize_shellarg($arg) + { return escapeshellarg($arg); } - $shellfilter = array("options" => "sanitize_shellarg"); + $sfi = array("options" => "sanitize_shellarg"); $buildID = uniqid(); $bootMegabytes = filter_input(INPUT_POST, "boot_size", FILTER_VALIDATE_INT); $swapMegabytes = filter_input(INPUT_POST, "swap_size", FILTER_VALIDATE_INT); $rootMegabytes = filter_input(INPUT_POST, "root_size", FILTER_VALIDATE_INT); - $timezone = filter_input(INPUT_POST, "timezone", FILTER_CALLBACK, $shellfilter); - $hostname = filter_input(INPUT_POST, "hostname", FILTER_CALLBACK, $shellfilter); - $username = filter_input(INPUT_POST, "username", FILTER_CALLBACK, $shellfilter); - $password = filter_input(INPUT_POST, "password", FILTER_CALLBACK, $shellfilter); - $rootPass = filter_input(INPUT_POST, "rootpassword", FILTER_CALLBACK, $shellfilter); - $packagesList = filter_input(INPUT_POST, "packages", FILTER_CALLBACK, $shellfilter); - $outputFormat = filter_input(INPUT_POST, "format", FILTER_CALLBACK, $shellfilter); + $timezone = filter_input(INPUT_POST, "timezone", FILTER_CALLBACK, $sfi); + $hostname = filter_input(INPUT_POST, "hostname", FILTER_CALLBACK, $sfi); + $username = filter_input(INPUT_POST, "username", FILTER_CALLBACK, $sfi); + $password = filter_input(INPUT_POST, "password", FILTER_CALLBACK, $sfi); + $rootPass = filter_input(INPUT_POST, "rootpassword", FILTER_CALLBACK, $sfi); + $packagesList = filter_input(INPUT_POST, "packages", FILTER_CALLBACK, $sfi); + $outputFormat = filter_input(INPUT_POST, "format", FILTER_CALLBACK, $sfi); $packagesList = str_replace("\r\n", " ", $packagesList); $packagesList = str_replace("\n", " ", $packagesList); @@ -70,13 +81,20 @@ OUTPUT_FORMAT=$outputFormat"; $client->addServer(); $handle = $client->doBackground("invoke_image_build", $iniString); - $db = new mysqli(MYSQL_HOSTNAME, MYSQL_USERNAME, - MYSQL_PASSWORD, MYSQL_DATABASE); + $db = new mysqli( + MYSQL_HOSTNAME, + MYSQL_USERNAME, + MYSQL_PASSWORD, + MYSQL_DATABASE + ); + if (mysqli_connect_errno()) { die("Could not connect to database ".mysqli_connect_error()); } - $stmt = $db->prepare("INSERT INTO builds (id, handle, ipaddress) VALUES(?, ?, ?)"); + $query = "INSERT INTO builds (id, handle, ipaddress) ". + "VALUES(?, ?, ?)"; + $stmt = $db->prepare($query); $stmt->bind_param("sss", $buildID, $handle, $ipaddress); $stmt->execute(); $stmt->close(); |