Mirrors/Hauk
1
0
Fork 0
mirror of https://github.com/bilde2910/Hauk.git synced 2026-01-23 02:24:09 +00:00
Code Issues Projects Releases Wiki Activity

Refactored post.php

Browse source
This commit is contained in:
tuffnerdstuff 2021-03-27 17:41:33 +01:00
parent 9cbd1ccd1f
commit b5dad6ebe2
1 changed files with 20 additions and 31 deletions
Download patch file Download diff file Expand all files Collapse all files

51
backend-php/api/post.php
View file

@ -21,48 +21,37 @@ $sid = $_POST["sid"];
$session = new Client($memcache, $sid);
if (!$session->exists()) die($LANG['session_expired']."\n");
// FIXME: Get rid of duplicate code
if (!$session->isEncrypted()) {
// Perform input validation.
$lat = floatval($_POST["lat"]);
$lon = floatval($_POST["lon"]);
$time = floatval($_POST["time"]);
if ($lat < -90 || $lat > 90 || $lon < -180 || $lon > 180) die($LANG['location_invalid']."\n");
$lat = $_POST["lat"];
$lon = $_POST["lon"];
$time = $_POST["time"];
$speed = isset($_POST["spd"]) ? $_POST["spd"] : null;
$altitude = isset($_POST["alt"]) ? $_POST["alt"] : null;
$accuracy = isset($_POST["acc"]) ? $_POST["acc"] : null;
$provider = isset($_POST["prv"]) ? $_POST["prv"] : null;
// Not all devices report speed and accuracy, but if available, report them
// too.
$speed = isset($_POST["spd"]) ? floatval($_POST["spd"]) : null;
$altitude = isset($_POST["alt"]) ? doubleval($_POST["alt"]) : null;
$accuracy = isset($_POST["acc"]) ? floatval($_POST["acc"]) : null;
$provider = isset($_POST["prv"]) && $_POST["prv"] == "1" ? 1 : 0;
// The location data object contains the sharing interval (i), duration (d)
// and a location list (l). Each entry in the location list contains a
// latitude, longitude, timestamp, provider, accuracy and speed, in that
// order, as an array.
$session->addPoint([$lat, $lon, $time, $provider, $accuracy, $speed, $altitude])->save();
} else {
// Input validation cannot be performed for end-to-end encrypted data.
$lat = $_POST["lat"];
$lon = $_POST["lon"];
$time = $_POST["time"];
$speed = isset($_POST["spd"]) ? $_POST["spd"] : null;
$accuracy = isset($_POST["acc"]) ? $_POST["acc"] : null;
$provider = isset($_POST["prv"]) ? $_POST["prv"] : null;
$altitude = isset($_POST["alt"]) ? $_POST["alt"] : null;
// The location data object contains the sharing interval (i), duration (d)
// and a location list (l). Each entry in the location list contains a
// latitude, longitude, timestamp, provider, accuracy and speed, in that
// order, as an array.
$point = [$lat, $lon, $time, $provider, $accuracy, $speed, $altitude];
if ($session->isEncrypted()) {
// End-to-end encrypted connections also have an IV field used to decrypt
// the data fields.
requirePOST("iv");
$iv = $_POST["iv"];
// The IV field is prepended to the array to send to the client.
$session->addPoint([$iv, $lat, $lon, $time, $provider, $accuracy, $speed, $altitude])->save();
array_unshift($point , $iv);
} else {
// Perform input validation
if (floatval($lat) < -90 || floatval($lat) > 90 || floatval($lon) < -180 || floatval($lon) > 180) die($LANG['location_invalid']."\n");
}
$session->addPoint($point)->save();
if ($session->hasExpired()) {
echo $LANG['session_expired']."\n";
} else {
echo "OK\n".getConfig("public_url")."?%s\n".implode(",", $session->getTargetIDs())."\n";
}
}