#!/usr/bin/perl -w use strict; use warnings; use JSON; # use database engine sub get_request_info { my $clientIP = ($ENV{"REMOTE_ADDR"} or "0.0.0.0"); my $proto = ($ENV{"REQUEST_SCHEME"} or "http"); my $get_query = (split(/\?/,($ENV{"QUERY_STRING"} or "")))[0]; my $post_query = ""; if ( $ENV{"CONTENT_LENGTH"} ) { read( , $post_query, $ENV{"CONTENT_LENGTH"}); } my $referrer = ($ENV{"HTTP_REFERER"} or ""); return ($proto,$clientIP,$get_query,$post_query,$referrer); } sub http_status { my ($status,$content,$target) = @_; my $header = ""; $header .= "status: ".$status."\r\n"; $header .= "Location: ".$target."\r\n" if $target; $header .= "Content-Type: ".$content."\r\n" if $content; $header .= "\r\n"; return $header; } sub html_tag { if ($_[1]) { return "<".($_[0] or "div").($_[2] or "").">".($_[1] or "")."\n"; } else {return "<".($_[0] or "div").($_[2] or "")." />\n"; } } sub html_content { return html_tag("html", html_tag( "head", html_tag( "title", shift ) . shift ) . html_tag( "body", shift ) ); } sub soft_die { print http_status(500,"text/html; charset=utf-8"); print html_content("500","",shift); exit; } sub clean_input { my $input = shift; if ($input =~ m!%2F!) { soft_die( "Location/hax\r\n\r\n"; } $input =~ s!%(..)!chr hex $1!ge; $input =~ s!\+! !g; return $input; } my @request = get_request_info(); my @get_params = split( "!", clean_input($request[2]) ); # my @post_params my $directive = shift(@get_params); if ( "new" eq $directive ) { # new session, new deck, new location # if deck/location parent sessionID # if location public/private # returns id and key of new object } elsif ( "shuffle" eq $directive ) { # shuffle - deckID - full/current - deckKey # sheffles all cards in deckID's locationID if deckKey matches } elsif ( "move" eq $directive ) { # move - cardID - current locationID - current locationKey - destination locationID # changes ownership of cardID to destination locationID if cardID is owned by current locationID and the current locationKey matchs } elsif ( "getLocations" eq $directive ) { # getLocations - sessionID - sessionKey # return all locationIDs associated with sessionID as long as sessionKey matches } elsif ( "getCards" eq $directive ) { # getCards - locationID - locationKey # returns all cardIDs for locationID as long as its public or the locationKey matches } elsif ( "getDecks" eq $directive ) { # getDecks - sessionID - sessionKey # returns all deckIDs associated with sessionID provided sessionKey matchs. } else { print http_status(200,"text/json"); print '{"error":"No input or incorrect input", "input":"'.$directive.'!'.join("!",@get_params).'"}'; }