diff --git a/README.md b/README.md index 7ec6092..0abb3ec 100644 --- a/README.md +++ b/README.md @@ -88,7 +88,7 @@ Request Body { "success": Bool, // Registration of event was successful "file_hash": Str, // SHA256 hash of generated result file - "signing_key_id": Str // ID of key used to sign result file + "signing_key": Str // ID of key used to sign result file } ``` diff --git a/config.ini b/config.ini index 2bbaf95..8300d8e 100644 --- a/config.ini +++ b/config.ini @@ -9,3 +9,17 @@ memory = 4096 time = 1000 threads = 1 length = 32 + +[export] +# Explanatory text at beginning of file. Placeholders: +# %t - Title +# %d - Date +# %r - Vote Round +header = Ergebnis der Abstimmung %r am %t - %t +pgpkey = ID +# if rawpath is set, the raw JSON will be saved into the directory +rawpath = /path/to/json/dir +# path in which signed files will be stored +path = /path/to/dir +# if synccmd can be empty, if no synchronization command is needed +;synccmd = rclone /path/to/dir Remote:dir diff --git a/functions.php b/functions.php index 3fc5c13..c13eed6 100644 --- a/functions.php +++ b/functions.php @@ -29,6 +29,7 @@ function get_event_id($cfg, $token) { $stmt->execute(); $stmt->fetch(); $stmt->close(); + var_dump($event_id); return $event_id; } @@ -55,7 +56,7 @@ function save_hash($cfg, $event_id, $vote_round, $name, $hash) { function create_hash($cfg, $vote_round, $name) { // The PHP password_hash function does not provide the required options - $voute_round = (int)$vote_round; + $vote_round = (int)$vote_round; $name = addslashes($name); $hash = shell_exec("echo -n '$name' | argon2 'Abstimmung $vote_round' -p ".$cfg["argon2"]["threads"]." -k ".$cfg["argon2"]["memory"]." -t ".$cfg["argon2"]["time"]." -l ".$cfg["argon2"]["length"]." -id -r"); return str_replace(array("\n", "\r"), '', $hash); @@ -80,4 +81,39 @@ function get_hash_db($cfg, $event_id, $vote_round, $name) { $stmt->close(); return $hash; } + +function export_result($cfg) { + $body = json_decode(file_get_contents('php://input')); + if (!get_event_id($cfg, $body->event_token)) { + return ["success" => false]; + } + $sha256 = create_text_file($cfg, $body); + return ["success" => true, "sha256" => $sha256, "signing_key" => $cfg["export"]["pgpkey"]]; +} + +function create_header($cfg, $body) { + $header = str_replace("%t", $body->event_title, $cfg["export"]["header"]); + $header = str_replace("%d", date("Y-m-d"), $header); + $header = str_replace("%r", $body->vote_round, $header); + return $header; +} + +function create_text_file($cfg, $body) { + $file_path = $cfg["export"]["path"] . "/" . date('Y-m-d') . "__" . str_replace(" ", "_", $body->event_title) . "__" . $body->vote_round . ".txt"; + $header = "\n\n" . create_header($cfg, $body) . + "\n\nAbstimm-ID | Stimme(n)" . + "\n###############################################################################\n"; + file_put_contents($file_path, $header); + foreach ($body->votes as $vote) { + $line = $vote->hash . " | " . implode(", ", $vote->vote) . "\n"; + file_put_contents($file_path, $line, FILE_APPEND); + } + file_put_contents($file_path, "\n\n\n", FILE_APPEND); + shell_exec("gpg --yes --clearsign " . $file_path); + if (strlen($cfg["export"]["synccmd"]) > 0) { + shell_exec($cfg["export"]["synccmd"]); + } + return trim(shell_exec("/usr/bin/sha256sum " . $file_path. " | awk '{ print $1 }'")); +} + ?> diff --git a/php-public/index.php b/php-public/index.php index 43669bc..110cde1 100644 --- a/php-public/index.php +++ b/php-public/index.php @@ -10,6 +10,9 @@ if($_SERVER["REQUEST_URI"] == '/get_ids') { } else if($_SERVER["REQUEST_URI"] == '/register_event') { $data = register_event($cfg); echo json_encode($data); +} else if($_SERVER["REQUEST_URI"] == '/export_result') { + $data = export_result($cfg); + echo json_encode($data); } else { echo json_encode(array("error" => "no route"));