-
Notifications
You must be signed in to change notification settings - Fork 9
Expand file tree
/
Copy pathmail.php
More file actions
60 lines (55 loc) · 1.66 KB
/
mail.php
File metadata and controls
60 lines (55 loc) · 1.66 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
<?php
namespace KVSun\Mail;
use \shgysk8zer0\PHPCrypt\{PublicKey};
use \shgysk8zer0\Core_API\{Abstracts\HTTPStatusCodes as HTTP};
use const \KVSun\Consts\{PUBLIC_KEY, ERROR_LOG};
if (in_array(PHP_SAPI, ['cli', 'cli-server'])) {
require_once __DIR__ . DIRECTORY_SEPARATOR . 'autoloader.php';
}
try {
$email = new \ArrayObject($_POST, \ArrayObject::ARRAY_AS_PROPS);
if (isset(
$email,
$email->to,
$email->subject,
$email->message,
$email->headers,
$email->params,
$email->sent,
$email->sig
)) {
$public = PublicKey::importFromFile(PUBLIC_KEY);
if ($public->verify(json_encode([
'to' => $email->to,
'subject' => $email->subject,
'message' => $email->message,
'headers' => $email->headers,
'params' => $email->params,
'sent' => $email->sent,
]), $email->sig)) {
$sent = strtotime($email->sent);
if ($sent > strtotime('+5 seconds') or $sent < strtotime('-5 seconds')) {
throw new \Exception('Valid signature but time window is invalid', HTTP::REQUEST_TIMEOUT);
} else {
if (mail($email->to, $email->subject, $email->message, $email->headers, $email->params)) {
http_response_code(HTTP::OK);
} else {
http_response_code(HTTP::INTERNAL_SERVER_ERROR);
}
}
} else {
throw new \Exception('Invalid signature', HTTP::UNAUTHORIZED);
}
} else {
throw new \Exception('Invalid request', HTTP::BAD_REQUEST);
}
} catch (\Throwable $e) {
$err = sprintf(
'<%s>: "%s"%s',
$_SERVER['REMOTE_ADDR'],
$e->getMessage(),
PHP_EOL . json_encode(['Request' => $_POST], JSON_PRETTY_PRINT) . PHP_EOL
);
error_log($err . PHP_EOL, 3, ERROR_LOG);
http_response_code($e->getCode() ?? HTTP::INTERNAL_SERVER_ERROR);
}