tcv_age_validator/index.php

<?php
// Set headers to prevent search engines from indexing the page
header("X-Robots-Tag: noindex, nofollow", true);

// Start session for CSRF token
session_start();

// Generate a CSRF token if one isn't set
if (empty($_SESSION['csrf_token'])) {
    $_SESSION['csrf_token'] = bin2hex(random_bytes(32));
}

// Function to process input data
function processInput($input) {
    // Ignore blank lines
    if (trim($input) === '') {
        return null;
    }

    // Step 1: Remove any non-numeric characters
    $cleanedInput = preg_replace('/\D+/', '', $input);

    // Step 2: Filter only 17 digits long strings
    if (preg_match('/^\d{17}$/', $cleanedInput)) {
        // Step 3: Check if the first four digits are within 2007-2025
        $firstFourDigits = substr($cleanedInput, 0, 4);
        if ($firstFourDigits >= 2007 && $firstFourDigits <= 2025) {
            return ['valid' => $cleanedInput];
        } else {
            return ['invalid' => $cleanedInput, 'reason' => 'First four digits are not within 2007-2025'];
        }
    } else {
        return ['invalid' => $cleanedInput, 'reason' => 'Not 17 digits long'];
    }
}

$validResults = [];
$invalidResults = [];
$error = null;

// Validate the request method and CSRF token
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
    if (!isset($_POST['csrf_token']) || $_POST['csrf_token'] !== $_SESSION['csrf_token']) {
        $error = "Invalid CSRF token.";
    } else {
        $inputData = filter_input(INPUT_POST, 'input_data', FILTER_SANITIZE_STRING);
        $rows = explode("\n", trim($inputData));

        foreach ($rows as $row) {
            $result = processInput($row);
            if ($result && isset($result['valid'])) {
                $validResults[] = $result['valid'];
            } elseif ($result) {
                $invalidResults[] = $result;
            }
        }

        // Remove duplicate valid results
        $validResults = array_unique($validResults);
    }
}

// Function to create a downloadable file link
function createDownloadLink($filename, $data) {
    $filepath = sys_get_temp_dir() . '/' . $filename;
    file_put_contents($filepath, implode("\n", $data));
    return $filepath;
}

// Handle the download of valid results
if (isset($_POST['download_valid']) && $_POST['csrf_token'] === $_SESSION['csrf_token']) {
    $filepath = createDownloadLink('valid_results.txt', $validResults);
    header('Content-Type: application/octet-stream');
    header('Content-Disposition: attachment; filename="valid_results.txt"');
    readfile($filepath);
    exit;
}

// Handle the download of invalid results
if (isset($_POST['download_invalid']) && $_POST['csrf_token'] === $_SESSION['csrf_token']) {
    $invalidOutput = array_map(function ($item) {
        return $item['invalid'] . " - " . $item['reason'];
    }, $invalidResults);
    $filepath = createDownloadLink('invalid_results.txt', $invalidOutput);
    header('Content-Type: application/octet-stream');
    header('Content-Disposition: attachment; filename="invalid_results.txt"');
    readfile($filepath);
    exit;
}
?>

<!DOCTYPE html>
<html lang="en">
<head>
    <meta charset="UTF-8">
    <meta name="robots" content="noindex, nofollow">
    <title>Input Validator</title>
    <link rel="stylesheet" href="style.css">
</head>
<body>
    <div class="container">
        <h1>Input Validator</h1>
        <?php if ($error): ?>
            <div class="error"><?= htmlspecialchars($error) ?></div>
        <?php endif; ?>
        <form method="post">
            <label for="input_data">Enter your data (one per line):</label><br>
            <textarea id="input_data" name="input_data" rows="10" cols="50"><?= isset($_POST['input_data']) ? htmlspecialchars($_POST['input_data']) : '' ?></textarea><br><br>
            <input type="hidden" name="csrf_token" value="<?= htmlspecialchars($_SESSION['csrf_token']) ?>">
            <button type="submit" class="btn">Process</button>
        </form>

        <?php if ($_SERVER['REQUEST_METHOD'] === 'POST' && !$error): ?>
            <div class="results">
                <h2>Results</h2>
                <p>Input Rows: <strong><?= count($rows) ?></strong></p>
                <p>Valid Output Rows (Unique): <strong><?= count($validResults) ?></strong></p>
                <p>Invalid/Discarded Rows: <strong><?= count($invalidResults) ?></strong></p>

                <?php if (count($invalidResults) > 0): ?>
                    <h3 class="error-title">Discarded Inputs:</h3>
                    <ul class="error-list">
                        <?php foreach ($invalidResults as $invalid): ?>
                            <li class="error-item"><?= htmlspecialchars($invalid['invalid']) ?> - <?= htmlspecialchars($invalid['reason']) ?></li>
                        <?php endforeach; ?>
                    </ul>
                <?php endif; ?>

                <form method="post" class="download-buttons">
                    <input type="hidden" name="csrf_token" value="<?= htmlspecialchars($_SESSION['csrf_token']) ?>">
                    <input type="hidden" name="input_data" value="<?= htmlspecialchars($_POST['input_data']) ?>">
                    <?php if (count($validResults) > 0): ?>
                        <button type="submit" name="download_valid" class="btn">Download Valid Results</button>
                    <?php endif; ?>
                    <?php if (count($invalidResults) > 0): ?>
                        <button type="submit" name="download_invalid" class="btn btn-error">Download Invalid Results</button>
                    <?php endif; ?>
                </form>
            </div>
        <?php endif; ?>
    </div>
</body>
</html>