forked from HAWK-Digital-Environments/HAWKI
-
Notifications
You must be signed in to change notification settings - Fork 0
/
userpost.php
37 lines (29 loc) · 976 Bytes
/
userpost.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
<?php
session_start();
if (!isset($_SESSION['username'])) {
http_response_code(401);
exit;
}
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
$jsonString = file_get_contents("php://input");
$jsonData = json_decode($jsonString);
// Check if decoding was successful and if the JSON is valid
if ($jsonData === null && json_last_error() !== JSON_ERROR_NONE) {
echo('invalid data');
http_response_code(400);
exit;
}
$content = $jsonData->content;
$role = $jsonData->role;
$sanitizedContent = htmlspecialchars($content, ENT_QUOTES, 'UTF-8');
$sanitizedRole = htmlspecialchars($role, ENT_QUOTES, 'UTF-8');
if(empty($sanitizedContent) || empty($sanitizedRole)) {
echo('invalid data');
http_response_code(400);
exit;
}
$sanitizedJsonString = "{\"role\":\"$sanitizedRole\",\"content\":\"$sanitizedContent\"}";
$uniqid = time() . uniqid();
file_put_contents("feedback/$uniqid.json", $sanitizedJsonString);
echo $sanitizedJsonString;
}