servnest/pg-act/ht/keys.php

<?php declare(strict_types=1);

$el_nb = count($_POST['keys']);
if ($el_nb < 1 OR $el_nb > 8)
	output(403, 'Wrong elements number.');

foreach ($_POST['keys'] as $i => $key) {
	if (($key['public-key'] ?? '') === '') {
		unset($_POST['keys'][$i]);
		continue;
	}
	if (preg_match('#^/[/\p{L}\{M}\p{N}\p{P}\p{S}\p{Zs}]{0,254}$#Du', $key['dir'] ?? '') !== 1)
		output(403, _('Path is not valid.'));
	if (preg_match('#' . ED25519_PUBKEY_REGEX . '#D', $key['public-key']) !== 1)
		output(403, _('Ed25519 public key seems wrongly formatted.'));
}
$keys = array_values($_POST['keys']);

rateLimit();

try {
	DB->beginTransaction();

	query('delete', 'ssh-keys', ['username' => $_SESSION['id']]);

	foreach ($keys as $key)
		insert('ssh-keys', [
			'key' => $key['public-key'],
			'username' => $_SESSION['id'],
			'directory' => $key['dir'],
		]);

	DB->commit();
} catch (Exception $e) {
	DB->rollback();
	output(500, 'Database error.', [$e->getMessage()]);
}

output(200, _('SSH keys updated.'));