keyoxide-web/server/verifyReddit.php

<!--
Copyright (C) 2020 Yarmo Mackenbach

This program is free software: you can redistribute it and/or modify it under
the terms of the GNU Affero General Public License as published by the Free
Software Foundation, either version 3 of the License, or (at your option)
any later version.

This program is distributed in the hope that it will be useful, but WITHOUT
ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
FOR A PARTICULAR PURPOSE. See the GNU Affero General Public License for more
details.

You should have received a copy of the GNU Affero General Public License along
with this program. If not, see <https://www.gnu.org/licenses/>.

Also add information on how to contact you by electronic and paper mail.

If your software can interact with users remotely through a computer network,
you should also make sure that it provides a way for users to get its source.
For example, if your program is a web application, its interface could display
a "Source" link that leads users to an archive of the code. There are many
ways you could offer source, and different solutions will be better for different
programs; see section 13 for the specific requirements.

You should also get your employer (if you work as a programmer) or school,
if any, to sign a "copyright disclaimer" for the program, if necessary. For
more information on this, and how to apply and follow the GNU AGPL, see <https://www.gnu.org/licenses/>.
 -->
<?php

$fingerprint = urlencode($_GET["fp"]);
$user = urlencode($_GET["user"]);
$comment = urlencode($_GET["comment"]);

$url = "https://www.reddit.com/user/$user/comments/$comment.json";
$check = "\[Verifying my OpenPGP key: openpgp4fpr:$fingerprint";

$ch = curl_init();
curl_setopt($ch, CURLOPT_CUSTOMREQUEST, "GET");
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_URL, $url);
$result = curl_exec($ch);
curl_close($ch);
$data = json_decode($result, true);

$response = array();
$response["verified"] = false;
$response["fingerprint"] = $fingerprint;
$response["user"] = $user;
$response["comment"] = $comment;

foreach ($data as $entry) {
    $entryData = $entry["data"]["children"];

    foreach ($entryData as $subEntry) {
        if (preg_match("/{$check}/i", $subEntry["data"]["selftext"])) {
            $response["verified"] = true;
        }
    }
}

echo json_encode($response);

?>
Add AGPL headers 2020-07-30 04:05:11 -06:00			`<!--`
			`Copyright (C) 2020 Yarmo Mackenbach`

			`This program is free software: you can redistribute it and/or modify it under`
			`the terms of the GNU Affero General Public License as published by the Free`
			`Software Foundation, either version 3 of the License, or (at your option)`
			`any later version.`

			`This program is distributed in the hope that it will be useful, but WITHOUT`
			`ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS`
			`FOR A PARTICULAR PURPOSE. See the GNU Affero General Public License for more`
			`details.`

			`You should have received a copy of the GNU Affero General Public License along`
			`with this program. If not, see <https://www.gnu.org/licenses/>.`

			`Also add information on how to contact you by electronic and paper mail.`

			`If your software can interact with users remotely through a computer network,`
			`you should also make sure that it provides a way for users to get its source.`
			`For example, if your program is a web application, its interface could display`
			`a "Source" link that leads users to an archive of the code. There are many`
			`ways you could offer source, and different solutions will be better for different`
			`programs; see section 13 for the specific requirements.`

			`You should also get your employer (if you work as a programmer) or school,`
			`if any, to sign a "copyright disclaimer" for the program, if necessary. For`
			`more information on this, and how to apply and follow the GNU AGPL, see <https://www.gnu.org/licenses/>.`
			`-->`
Fix Reddit proof 2020-06-28 07:51:26 -06:00			`<?php`

Use urlencode instead of htmlspecialchars 2020-07-01 06:42:19 -06:00			`$fingerprint = urlencode($_GET["fp"]);`
			`$user = urlencode($_GET["user"]);`
			`$comment = urlencode($_GET["comment"]);`
Fix Reddit proof 2020-06-28 07:51:26 -06:00
			`$url = "https://www.reddit.com/user/$user/comments/$comment.json";`
Remove character from check that seems to exist randomly 2020-07-05 09:55:49 -06:00			`$check = "\[Verifying my OpenPGP key: openpgp4fpr:$fingerprint";`
Fix Reddit proof 2020-06-28 07:51:26 -06:00
			`$ch = curl_init();`
			`curl_setopt($ch, CURLOPT_CUSTOMREQUEST, "GET");`
			`curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);`
			`curl_setopt($ch, CURLOPT_URL, $url);`
			`$result = curl_exec($ch);`
			`curl_close($ch);`
			`$data = json_decode($result, true);`

			`$response = array();`
			`$response["verified"] = false;`
			`$response["fingerprint"] = $fingerprint;`
			`$response["user"] = $user;`
			`$response["comment"] = $comment;`

			`foreach ($data as $entry) {`
			`$entryData = $entry["data"]["children"];`

			`foreach ($entryData as $subEntry) {`
			`if (preg_match("/{$check}/i", $subEntry["data"]["selftext"])) {`
			`$response["verified"] = true;`
			`}`
			`}`
			`}`

			`echo json_encode($response);`

			`?>`