New auth method

server/up.php

@@ -1,37 +1,30 @@
 <?php
 require("processCsv.php");
-function filterName($s){
+if (!function_exists('getallheaders')) {
-	$arr=str_split($s);
+    function getallheaders() {
-	$fs="";
+    $headers = [];
-	$allowedChars=str_split("ABCDEFGHIJLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789-");
+    foreach ($_SERVER as $name => $value) {
-	foreach($arr as $c){
+        if (substr($name, 0, 5) == 'HTTP_') {
-		if(in_array($c,$allowedChars)) $fs.=$c;
+            $headers[str_replace(' ', '-', ucwords(strtolower(str_replace('_', ' ', substr($name, 5)))))] = $value;
+        }
+    }
+    return $headers;
     }
-	return $fs;
 }
-
+$headers = getallheaders();
-$f=file("php://input");
+$f = file_get_contents($_FILES['file']['tmp_name']);
-$AUTH="xmeQCwqrQcSQ7TQX2Yyw";
+$f=explode("\n",file_get_contents("php://input"));
-if(trim($f[0])!=$AUTH) echo "UNAUTHORIZED";
+$AUTH="3";
-$nonce=trim($f[1]);
+file_put_contents("dump.txt",$f,FILE_APPEND);
-$command=trim($f[2]);
+if(trim($headers["Authorization"])!=$AUTH) echo "UNAUTHORIZED";
-switch($command){
+$nonce = md5($headers["X-Nonce"]);
-	case "BEGIN":
+$intent = $headers["X-Intent"];
-		$files=glob("data/*.csv");
+switch($intent){
-		array_diff($files,["data/current.csv"]);
+	case "W":
-		foreach($files as $ff){
+	    file_put_contents("data/".$nonce.".csv",FILE_APPEND);
-			unlink($ff);
-		}
-		echo "BEGIN";
 		break;
-	case "WRITE":
+	case "C":
-		for($i=3;$i<count($f);$i++){
+		rename("data/".$nonce.".csv","data/current.csv");
-			file_put_contents("data/".filterName($nonce).".csv",$f[$i],FILE_APPEND);
-		}
-		echo "PROCEED";
-		break;
-	case "CONCLUDE":
-		rename("data/".filterName($nonce).".csv","data/current.csv");
 		processCsv();
 		echo "OK";
 		break;