From 116a53158423bcb011d43a58fe7209ffc74a68c7 Mon Sep 17 00:00:00 2001
From: David Polakovic <email@dpolakovic.space>
Date: Sun, 11 May 2025 19:53:00 +0200
Subject: [PATCH] final touches on dead drop...

---
 dead-drop.php   | 11 +++------
 php/captcha.php |  4 +++-
 php/dd2.php     | 60 ++++++++++++++++++++++++++++++++++++++-----------
 3 files changed, 53 insertions(+), 22 deletions(-)

diff --git a/dead-drop.php b/dead-drop.php
index 628dfe1..b291c29 100755
--- a/dead-drop.php
+++ b/dead-drop.php
@@ -48,17 +48,12 @@
     message in a dead drop, it will be hidden from anyone who doesn't know its location. It 
     also uses SHA-256 hashing and AES-256-CBC encryption to keep it hidden from the hosting provider 
     and webmaster as well. Enter the coordinates of a dead drop to check if it's hot (has stashed message) 
-    or if it's cold (empty).
-    <!-- Still, it's a good idea to keep your message brief in case the dead drop location is ever compromised. -->
-    <br><br><br>
+    or if it's cold (empty).<br><br><br>
 	</p>
   <p>
-<center>
-<?php deadDropUI(); ?>
-</center>
+    <?php deadDropUI(); ?>
 </p>
-    <br><br>
-	<hr>
+<hr>
     <p>
           <i>
             <?php countActiveDrops(); ?> 
diff --git a/php/captcha.php b/php/captcha.php
index 213d1c6..33b9e77 100644
--- a/php/captcha.php
+++ b/php/captcha.php
@@ -7,9 +7,10 @@ function captcha($token, $w3w) {
         if (isset($_SESSION['captcha']) && $userInput === $_SESSION['captcha']) {
             return 'YAY';
         }
-        echo "Wrong captcha. Try again.<br>";
+        echo "<center>Wrong captcha. Try again.<br><br></center>";
     }
 
+    echo "<center>";
     echo "<form method='post'>";
     echo "<input type='hidden' name='csrf_token' value='" . htmlentities($token) . "'>";
     echo "<input type='hidden' name='inputString' value='" . htmlentities($w3w) . "'>";
@@ -17,6 +18,7 @@ function captcha($token, $w3w) {
     echo "<br><input type='text' name='captchaTry' placeholder='Type the characters' required>";
     echo "<input type='submit' value='Verify'>";
     echo "</form>";
+    echo "</center><br><br>";
     return null;
 }
 
diff --git a/php/dd2.php b/php/dd2.php
index ab15d45..44c2239 100644
--- a/php/dd2.php
+++ b/php/dd2.php
@@ -1,14 +1,18 @@
 <?php
 
-define('API_KEY', 'ABC123#@!');
-define('DROP_EXPIRY_SECONDS', (24 * 3600) + 2375); // 24h 39min 35sec (one martian day)
-define('DEAD_DROP_DIR', './Dead-drops');
-define('DROP_LIMIT', 1024);                        // maximum amount of hot dead drops
-define('CSRF_TOKEN_LIFETIME', 600);
-define('IGNORED_DROPS', [                          // list permanent drops (test purposes)
+define('API_KEY', 'ABC123');                        // API key for What3Words
+define('DROP_EXPIRY_SECONDS', (24 * 3600) + 2375);  // 24h 39min 35sec
+define('DEAD_DROP_DIR', './Dead-drops');            // path to the directory with messages
+define('DROP_LIMIT', 1024);                         // maximum amount of hot dead drops
+define('CSRF_TOKEN_LIFETIME', 600);                 // it is what is says...
+define('IGNORED_DROPS', [                           // list permanent drops (test purposes)
     '62a5bced62e7219c8e164d64fdae67900476ed54f39c5851a07bb65b590e04df'
 ]);
 
+define('TEXT_BOTTOM','
+    example text, that will be shown on bellow the form on landing page only
+');
+
 require_once 'captcha.php';
 
 // === main.php ===
@@ -54,6 +58,7 @@ function cleanTheCity() {
 function deadDropUI() {
     session_start();
     $session_id_key = 'csrf_token_session_id';
+    $text_bottom = TEXT_BOTTOM;
 
     if (!isset($_SESSION['csrf_token'], $_SESSION['csrf_token_time'], $_SESSION[$session_id_key]) ||
         session_id() !== $_SESSION[$session_id_key] ||
@@ -70,21 +75,24 @@ function deadDropUI() {
 
     if ($result['mode'] === 'readonly' && $result['status'] === 'cold') {
         if ($dropCount > DROP_LIMIT) {
-            echo "There is too much heat on this domain right now to stash a new message. Come back later.";
+            echo "<center>There is too much heat on this domain right now to stash a new message. Come back later.</center>";
             return;
         }
         $slowDown = checkDropRate();
         if ($slowDown) {
             if (captcha($token, $result['w3w']) !== 'YAY') return;
         }
-        echo "<h3>" . htmlentities($result['w3w']) ."</h3>This drop is cold. You can stash your message here.<br><br>";
+        echo "<h3><center>" . htmlentities($result['w3w']) ."</h3><center>This drop is cold. You can stash your message here.</center><br><br>";
         echo <<<HTML
+        <center>
 <form method="post">
 <input type="hidden" name="csrf_token" value="{$token}">
 <input type="hidden" name="originalW3W" value="{$result['w3w']}">
 <textarea name="stashContent" maxlength="4096" rows="10" cols="60" placeholder="max 4096 chars" required></textarea><br>
 <input type="submit" value="Stash">
 </form>
+<br><br>
+</center>
 HTML;
         return;
     }
@@ -92,6 +100,7 @@ HTML;
     if ($result['mode'] === 'initial' ||
         ($result['mode'] === 'readonly' && $result['status'] === 'invalid')) {
         echo <<<HTML
+<center>
 <style>input[type="text"],input[type="submit"] { font-size: 16.5px; }</style>
 <form method="post">
 <label><a href="https://www.what3words.com/" target="_blank">?</a>&nbsp;</label>
@@ -99,24 +108,49 @@ HTML;
 <input type="text" id="inputString" name="inputString" placeholder="///what.three.words (English)" size="30" maxlength="50" required>
 <input type="submit" value="Check">
 </form>
+</center>
+<br><br>
+</p>
+$text_bottom
 HTML;
     }
 
     if ($result['mode'] === 'readonly') {
         if ($result['status'] === 'hot') {
-            echo "<pre>" . htmlspecialchars($result['decrypted'], ENT_QUOTES | ENT_SUBSTITUTE, 'UTF-8') . "</pre>";
-            echo <<<HTML
+            echo "<pre><div style='
+            background: #000;
+            border: 1px solid #000;
+            border-left: 5px solid #000;
+            color: white;
+            font-weight: bold;
+            page-break-inside: avoid;
+            font-family: monospace;
+            font-size: 15px;
+            line-height: 1.6;
+            margin-bottom: 1.6em;
+            max-width: 100%;
+            overflow-x: auto;
+            white-space: nowrap;
+            padding: 1em 1.5em;
+            display: block;
+            word-wrap: break-word;
+            white-space: pre-wrap;
+          '>" . htmlspecialchars($result['decrypted'], ENT_QUOTES | ENT_SUBSTITUTE, 'UTF-8') . "</div></pre>";
+                      echo <<<HTML
+<center>            
 <form method="post">
 <input type="hidden" name="csrf_token" value="{$token}">
 <input type="hidden" name="burnW3W" value="{$result['w3w']}">
 <input type="submit" value="Burn message">
-</form>
+</form><br><br>
+</center>
+
 HTML;
         } elseif ($result['status'] === 'invalid') {
-            echo "<br>{$result['message']}";
+            echo "<center><br>{$result['message']}</center>";
         }
     } elseif ($result['mode'] === 'stashed') {
-        echo "<h3>Message stashed at " . htmlentities($result['w3w']) ."</h3>Your dead drop is hot.";
+        echo "<center><h3>Message stashed at " . htmlentities($result['w3w']) ."</h3>Your dead drop is hot.</center><br><br>";
     }
 }
 
-- 
2.30.2