mirror of
https://github.com/ellite/Wallos.git
synced 2026-02-05 12:31:14 -05:00
48db4e300d
feat: add first and last names to the user profile feat: enable IPv6 environments by configuring a dual-stack listen in nginx feat: add new currency feat: add button to auto fill the next payment date fix: vulnerability on test webhook endpoint
91 lines
2.7 KiB
PHP
91 lines
2.7 KiB
PHP
<?php
|
|
|
|
require_once '../../includes/connect_endpoint.php';
|
|
|
|
if (!isset($_SESSION['loggedin']) || $_SESSION['loggedin'] !== true) {
|
|
die(json_encode([
|
|
"success" => false,
|
|
"message" => translate('session_expired', $i18n)
|
|
]));
|
|
}
|
|
|
|
if ($_SERVER["REQUEST_METHOD"] === "POST") {
|
|
$postData = file_get_contents("php://input");
|
|
$data = json_decode($postData, true);
|
|
|
|
if (
|
|
!isset($data["host"]) || $data["host"] == "" ||
|
|
!isset($data["topic"]) || $data["topic"] == ""
|
|
) {
|
|
$response = [
|
|
"success" => false,
|
|
"message" => translate('fill_mandatory_fields', $i18n)
|
|
];
|
|
echo json_encode($response);
|
|
} else {
|
|
$host = rtrim($data["host"], '/');
|
|
$topic = $data["topic"];
|
|
$headers = json_decode($data["headers"], true);
|
|
if ($headers === null) {
|
|
$headers = [];
|
|
}
|
|
$customheaders = array_map(function ($key, $value) {
|
|
return "$key: $value";
|
|
}, array_keys($headers), $headers);
|
|
|
|
$url = rtrim($host, '/') . '/' . ltrim($topic, '/');
|
|
$ignore_ssl = $data["ignore_ssl"];
|
|
|
|
// Validate URL scheme
|
|
$parsedUrl = parse_url($url);
|
|
if (
|
|
!isset($parsedUrl['scheme']) ||
|
|
!in_array(strtolower($parsedUrl['scheme']), ['http', 'https']) ||
|
|
!filter_var($url, FILTER_VALIDATE_URL)
|
|
) {
|
|
die(json_encode([
|
|
"success" => false,
|
|
"message" => translate("error", $i18n)
|
|
]));
|
|
}
|
|
|
|
// Set the message parameters
|
|
$message = translate('test_notification', $i18n);
|
|
|
|
$ch = curl_init();
|
|
|
|
// Set the URL and other options
|
|
curl_setopt($ch, CURLOPT_URL, $url);
|
|
curl_setopt($ch, CURLOPT_POST, 1);
|
|
curl_setopt($ch, CURLOPT_POSTFIELDS, $message);
|
|
curl_setopt($ch, CURLOPT_HTTPHEADER, $customheaders);
|
|
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
|
|
|
|
if ($ignore_ssl) {
|
|
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
|
|
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false);
|
|
}
|
|
|
|
// Execute the request
|
|
$response = curl_exec($ch);
|
|
|
|
// Close the cURL session
|
|
curl_close($ch);
|
|
|
|
// Check if the message was sent successfully
|
|
if ($response === false) {
|
|
die(json_encode([
|
|
"success" => false,
|
|
"message" => translate('notification_failed', $i18n)
|
|
]));
|
|
}
|
|
|
|
die(json_encode([
|
|
"success" => true,
|
|
"message" => translate('notification_sent_successfuly', $i18n)
|
|
]));
|
|
}
|
|
|
|
}
|
|
|
|
?>
|