|
|
|
|
@ -6,11 +6,13 @@
|
|
|
|
|
<?php
|
|
|
|
|
define('ACCESS_TOKEN', 'at_bsef');
|
|
|
|
|
define('REGISTRATION_PASSWORD', 'asef');
|
|
|
|
|
define('REGISTRATION_API_URL', 'http://synapse:8008/_synapse/admin/v1/register');
|
|
|
|
|
if ($_GET['secret'] === REGISTRATION_PASSWORD) {
|
|
|
|
|
?>
|
|
|
|
|
|
|
|
|
|
<form action="" method="post">
|
|
|
|
|
<input type="hidden" name="secret" value="<?php echo REGISTRATION_PASSWORD ?>">
|
|
|
|
|
<input type="hiddeN" name="nonce" value="<?php echo filter_var(file_get_contents(REGISTRATION_API_URL), FILTER_SANITIZE_FULL_SPECIAL_CHARS) ?>">
|
|
|
|
|
|
|
|
|
|
Username:<br>
|
|
|
|
|
<input type="text" name="username"><br>
|
|
|
|
|
@ -57,15 +59,29 @@ Also consider using a password manager.<br>
|
|
|
|
|
<?php
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
$content = [
|
|
|
|
|
nonce => $_POST['nonce'],
|
|
|
|
|
username => $_POST['username'],
|
|
|
|
|
password => $_POST['password']
|
|
|
|
|
admin = false
|
|
|
|
|
];
|
|
|
|
|
$content->mac = hash_hmac('sha1', $content->nonce."\s".$content->username."\s".$content->password."\s".$content->admin
|
|
|
|
|
|
|
|
|
|
$options = [
|
|
|
|
|
'http' => [
|
|
|
|
|
'method' => 'POST',
|
|
|
|
|
'header' => 'authorization: Bearer '.ACCESS_TOKEN,
|
|
|
|
|
'content-type: application/json'
|
|
|
|
|
'content-type: application/json',
|
|
|
|
|
'content' => json_encode($content);
|
|
|
|
|
]
|
|
|
|
|
];
|
|
|
|
|
$context = stream_context_create($options);
|
|
|
|
|
file_get_contents($url, false, $context);
|
|
|
|
|
$result = file_get_contents(REGISTRATION_API_URL, false, $context);
|
|
|
|
|
if ($result === FALSE) {
|
|
|
|
|
# something with errors
|
|
|
|
|
} else {
|
|
|
|
|
# success
|
|
|
|
|
}
|
|
|
|
|
} else {
|
|
|
|
|
echo 'Invalid URL';
|
|
|
|
|
}
|
|
|
|
|
|
