* do not publish! */ $GLOBALS['db'] = new PDO('pgsql:host=localhost;port=5432;dbname=flagbot;user=flagbot;password=flagbotpw'); $GLOBALS['db']->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION); if (strcmp($_SERVER['REQUEST_METHOD'],"GET") === 0 || strcmp($_SERVER['REQUEST_METHOD'],"POST") === 0 ) { handleRequest(); } else { http_response_code(405); //Method not implemented exit("

what? try GET or POST

"); } function handleRequest() { if (isset($_REQUEST['flag']) && isset($_REQUEST['service']) && isset($_REQUEST['flag_id']) && isset($_REQUEST['submitter'])) { insertData($_REQUEST['flag'],$_REQUEST['service'], $_REQUEST['flag_id'], $_REQUEST['submitter']); } else { echo "

usage:
"; echo "GET /submit.php?flag=STRING&service=STRING&flag_id=STRING&submitter=STRING
"; echo "POST
flag=STRING&service=STRING&flag_id=STRING&submitter=STRING

"; } } function insertData($flag, $service, $flagid, $submitter) { echo "

inserting data...

"; echo "flag=".htmlentities($flag)."
"; echo "service=".htmlentities($service)."

"; echo "flagid=".htmlentities($flagid)."

"; echo "submitter=".htmlentities($submitter)."

"; $success = 0; try { $GLOBALS['db']->beginTransaction(); $stmt_fid = $GLOBALS['db']->prepare("UPDATE flag_ids set status = 1 where service = ? and flag_id = ?"); $stmt_fid->execute(array($service, $flagid)); $GLOBALS['db']->commit(); $GLOBALS['db']->beginTransaction(); $stmt = $GLOBALS['db']->prepare("INSERT INTO flags (flag, service, flag_id, submitter) VALUES(?, ?, ?, ?)"); $stmt->execute(array($flag, $service, $flagid, $submitter)); $GLOBALS['db']->commit(); $success = 1; }catch(PDOException $ex) { echo "

INSERT FAIL

".$ex->getMessage()."

"; $GLOBALS['db']->rollBack(); } if ($success == 1) echo "

OK

"; }