-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathdiscord-interaction.php
65 lines (62 loc) · 3.04 KB
/
discord-interaction.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
<?php
require_once "include/it.php";
require_once "../elliptic-php/EdDSA.php";
const DEBUG = false;
$discord = ITDesk::getInstance()->getDiscord();
$config = ITDesk::getInstance()->getConfig()->getContents()["discord"];
$headers = getallheaders();
$body = file_get_contents("php://input");
$key = (new \Elliptic\EdDSA("ed25519"))->keyFromPublic($config["pubKey"]);
if($_SERVER["REQUEST_METHOD"] == "POST") {
if((isset($headers["x-signature-ed25519"]) && isset($headers["x-signature-timestamp"]) && $key->verify(array_merge(unpack("C*", $headers["x-signature-timestamp"]), unpack("C*", $body)), $headers["x-signature-ed25519"])) || DEBUG) {
$body = json_decode($body, true);
if($body["type"] == 1)
echo(json_encode(["type" => 1]));
else if($body["type"] == 2 && isset($body["member"])) {
$gid = $config["guildId"];
$uid = $body["member"]["user"]["id"];
if($body["data"]["name"] == "jahrgangsstufe") {
$value = $body["data"]["options"][0]["value"];
$roles = $discord->api("GET", "guilds/$gid/members/$uid")["roles"];
foreach ($config["jahrgangsstufen"] as $stufe => $role)
if($value == $stufe && !in_array($role, $roles))
$discord->api("PUT", "guilds/$gid/members/$uid/roles/$role");
else if($value != $stufe && in_array($role, $roles))
$discord->api("DELETE", "guilds/$gid/members/$uid/roles/$role");
$discord->reply($body, "Deine Jahrgangsstufe wurde auf $value aktualisiert.");
}
else if($body["data"]["name"] == "verify") {
$subcommand = $body["data"]["options"][0]["name"];
if($subcommand == "wordpress")
$discord->reply($body, "Bitte melde dich unter https://it.student-gymp.de/discord/verify/$uid an, um deine Mitgliedschaft zu bestätigen.");
else if($subcommand == "code") {
$codes = [];
foreach($discord->api("GET", "channels/" . $config["verificationCodeChannel"] . "/messages") as $msg)
array_push($codes, $msg["content"]);
if(in_array($body["data"]["options"][0]["options"][0]["value"], $codes)) {
$discord->api("PUT", "guilds/$gid/members/$uid/roles/" . $config["verificationRole"]);
$discord->reply($body, "Du bist nun als IT Crowd Mitglied verifiziert.");
}
else
$discord->reply($body, "Wir konnten nicht verifizieren, dass du ein IT Crow Mitglied bist.");
}
else if($subcommand == "hash") {
$options = $body["data"]["options"][0]["options"];
$params = [];
for($i = 0; $i<sizeof($options); $i++)
$params[$options[$i]["name"]] = $options[$i]["value"];
if($params["hash"] == hash_hmac("sha256", $params["user"], $config["hashSecret"])) {
$discord->api("PUT", "guilds/$gid/members/$uid/roles/" . $config["verificationRole"]);
$discord->reply($body, "Du bist nun als IT Crowd Mitglied verifiziert.");
}
else
$discord->reply($body, "Wir konnten nicht verifizieren, dass du ein IT Crow Mitglied bist.");
}
}
}
}
else
header("HTTP/1.1 401 invalid request signature");
}
else
header("HTTP/1.1 405 Method not allowed");