public function account_POST(Request $request) { //login check if (!UserService::isLoggedIn()) { return ['status' => 302, 'location' => '#login']; } return CryptoService::loadPage($request, 'user.account'); }
/** * @param Request $request * @param $pageName * @return array * * fancy function to capture all the ajax calls..... */ public function pageLoad_AJAX(Request $request, $pageName) { //todo: checks //$input = $request->all(); //$input = $input['pageName']; //return the $page = str_replace('-', '.', $pageName); return CryptoService::loadPage($request, $page); }
public function register_POST(Request $request) { return CryptoService::loadPage($request, 'register'); }
/** * @param Request $request * @param $messageID * @return array|string * * returns the encrypted page and message data, or the password box if encrypted * then loaded again to retreive the encrypted message */ public function message_POST(Request $request, $messageID) { //this gets triggered if a user as attempted a password check if ($request->has('human')) { //attempt to find message $lookup = DB::select("SELECT message, messageType, passwordHash FROM t_drop WHERE dropID = :id", ['id' => $messageID]); if ($lookup == null) { //does not exit return ['status' => 302, 'location' => '#drop']; } else { $message = $lookup[0]->message; $messageType = $lookup[0]->messageType; //flash message to session (this is still not sent to the client in plaintext) Session::flash('encMessage', $message); Session::flash('encMessageType', $messageType); //now delete the message from the server DB::delete('DELETE FROM t_drop WHERE dropID = :id', ['id' => $messageID]); //load regular message page return CryptoService::loadPage($request, 'drop.message', (int) $messageType); } } if ($request->has('hash')) { $input = $request->all(); $serverAES = Session::get('serverAES'); $passwordHash = CryptoService::decryptAES($input['hash'], $serverAES); $lookup = DB::select("SELECT message, messageType FROM t_drop WHERE dropID = :id AND passwordHash = :hash", ['hash' => $passwordHash, 'id' => $messageID]); if ($lookup == null) { //does not exit return ['status' => 302, 'location' => '#drop']; } else { $message = $lookup[0]->message; $messageType = $lookup[0]->messageType; //flash message to session (this is still not sent to the client in plaintext) Session::flash('encMessage', $message); Session::flash('encMessageType', $messageType); //now delete the message from the server DB::delete('DELETE FROM t_drop WHERE dropID = :id', ['id' => $messageID]); //load the encrypted message return CryptoService::loadPage($request, 'drop.message', (int) $messageType); } } else { //attempt to find message $lookup = DB::select("SELECT message, messageType, passwordHash FROM t_drop WHERE dropID = :id", ['id' => $messageID]); if ($lookup == null) { //does not exit return ['status' => 302, 'location' => '#drop']; } else { $message = $lookup[0]->message; $messageType = $lookup[0]->messageType; $password = $lookup[0]->passwordHash; if ($password != null) { //load page with more fancy javascript return CryptoService::loadPage($request, 'drop.password'); } else { //simple "human check" return CryptoService::loadPage($request, 'drop.view', (int) $messageType); } } } }