adapted to esse-CTF

[ctf/pub/submit_bot.git] / submit.php

<?php
/**
* insert flowIDs and info to submit into log_db.log_t.
* log_db.log_t gets periodically checked by 
* script whichs tries to submit flowids to gameserver.
* Information about this status can be found in board.php
*
* 2014 by Jan "Someone" Vales <someone@somenet.org>
* do not publish!
*/

$GLOBALS['db'] = new PDO('pgsql:host=localhost;port=5432;dbname=postgres;user=postgres;password=dba');                                                                                                              
$GLOBALS['db']->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);                                                                                            

if (strcmp($_SERVER['REQUEST_METHOD'],"GET") === 0 || strcmp($_SERVER['REQUEST_METHOD'],"POST") === 0 ) {
  handleRequest();
} else {
  http_response_code(405); //Method not implemented
  exit("<p><b>what?</b> try GET or POST</p>");
}

function handleRequest() {
  if (isset($_REQUEST['flag']) && isset($_REQUEST['service']) && strlen($_REQUEST['flag']) == 32 ) {
     insertData($_REQUEST['flag'],$_REQUEST['service']);
  } else {
     echo "<p><b>usage:</b><br>";
     echo "GET /submit.php?flag=<i>STRING</i>&service=<i>STRING</i> <br>";
     echo "POST<br> flag=<i>STRING</i>&service=<i>STRING</i></p>";
  }
}

function insertData($flag, $service) {
  echo "<p><b>inserting data...</b></p>";
  echo "flag=".htmlentities($flag)."<br>";
  echo "service=".htmlentities($service)."</p>";
  $success = 0;
  try {
    $GLOBALS['db']->beginTransaction();
    $stmt = $GLOBALS['db']->prepare("INSERT INTO flags (flag, service) VALUES(?, ?)");
    $stmt->execute(array($flag, $service));
    $GLOBALS['db']->commit();
    $success = 1;
  }catch(PDOException $ex) {
    echo "<p><b>INSERT FAIL</b></p><p>".$ex->getMessage()."</p>";
    $GLOBALS['db']->rollBack();
  }

  if ($success == 1) echo "<p><b>OK</b></p>";
}