ref: 559ed43418c4986244ee09fff1d98fd37c612bc5
converter/server/upload.php
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 |
<?php require_once 'vendor/paragonie/sodium_compat/autoload.php'; require_once 'vendor/mustangostang/spyc/Spyc.php'; require_once 'vendor/autoload.php'; use MessagePack\BufferUnpacker; use MessagePack\Exception\UnpackingFailedException; $publicKey = sodium_hex2bin('8593a07f70809c0adc0c72e16c2a958997419bdc428fe1eb46f58e59ac2e53d0'); $unpacker = new BufferUnpacker(); $unpacker->reset(file_get_contents("php://input")); $post = []; try { $post = $unpacker->unpack(); } catch (UnpackingFailedException $e) { http_response_code(400); die; } if (!file_exists('metadata.yml') ) $oldMetadata = []; else $oldMetadata = Spyc::YAMLLoad('metadata.yml'); $signature = $post['signature']; $verified = sodium_crypto_sign_verify_detached($signature, $post['metadata'], $publicKey); if (!$verified) { http_response_code(403); die; } $newMetadata = Spyc::YAMLLoadString($post['metadata']); $timetables = $post['timetables']; foreach ($timetables as $id => $timetable) { $t = $timetable['t']; $sha = $timetable['sha']; $checksum = hash('sha256', $t); if ($checksum != $sha) { http_response_code(400); die("checksums invalid for $id, expected $sha got $checksum"); } } $oldIDs = []; $newIDs = []; foreach ($oldMetadata as $it) { array_push($oldIDs, $it['id']); } foreach ($newMetadata as $it) { array_push($newIDs, $it['id']); } $toDelete = array_diff($oldIDs, $newIDs); foreach ($toDelete as $it) { unlink("$it.db.gz"); } foreach ($timetables as $id => $timetable) { file_put_contents("$id.db.gz", $timetable); } file_put_contents('metadata.yml', $post['metadata']); ?> |