* do not publish! */ $GLOBALS['db'] = new PDO('pgsql:host=localhost;port=5432;dbname=postgres;user=postgres;password=dba'); $GLOBALS['db']->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION); if (strcmp($_SERVER['REQUEST_METHOD'],"GET") === 0 || strcmp($_SERVER['REQUEST_METHOD'],"POST") === 0 ) { handleRequest(); } else { http_response_code(405); //Method not implemented exit("

what? try GET or POST

"); } function handleRequest() { if (isset($_REQUEST['flag']) && isset($_REQUEST['service']) && strlen($_REQUEST['flag']) == 32 ) { insertData($_REQUEST['flag'],$_REQUEST['service']); } else { echo "

usage:
"; echo "GET /submit.php?flag=STRING&service=STRING
"; echo "POST
flag=STRING&service=STRING

"; } } function insertData($flag, $service) { echo "

inserting data...

"; echo "flag=".htmlentities($flag)."
"; echo "service=".htmlentities($service)."

"; $success = 0; try { $GLOBALS['db']->beginTransaction(); $stmt = $GLOBALS['db']->prepare("INSERT INTO flags (flag, service) VALUES(?, ?)"); $stmt->execute(array($flag, $service)); $GLOBALS['db']->commit(); $success = 1; }catch(PDOException $ex) { echo "

INSERT FAIL

".$ex->getMessage()."

"; $GLOBALS['db']->rollBack(); } if ($success == 1) echo "

OK

"; }