PBCA Geocaching Coordinates Checker

'); define(FOOT, '

'); define(USAGE, '

Getting Started
It seems as though you\'ve called this script from an outside source without a code to check. We\'ll present you with instructions.

Purpose
This script is used to check coordinates solutions, generally from a puzzle cache. The user is presented with a link. In this link is some encoded information. The user follows the link to this script and enters the coordinates into the boxes presented. The script tells the user if the coordinates entered match the code in the link.

Note: this version only processes coordinates in the North and West direction, i.e. North America.

Usage for Cache Owner
The cache owner enters the cache name, waypoint, and coordinates that will need checked in the boxes below. Press the button. The next page will present the owner with the HTML code for a hyper link to be inserted into the cache description. It\'s important to keep the HTML code intact or the checker may fail to properly check the coordinates. It\'s a good idea for the owner to make sure the link works properly and the correct coordinates return a positive result.

Usage for Puzzle Solver
Simply follow the link from the cache page and enter the coordinates to be checked in the appropriate boxes. Press the button. The script will tell the solver if his solution is correct or not.

Security
In case you\'re wondering how secure this script is or if the person who hosts it can get the coordinates, not to worry. This script was written intentionally to prevent direct analysis as it uses a one-way hash. The only way to attack it is brute strength. In other words, try every combination until the solution is presented. Considering there\'s approximately 2.8 million unique coordinates in a one mile radius, that\'s a lot of trying. :)

'); switch ($_POST['action']) { case 'new': echo HEAD; echo USAGE; echo ''; echo '

Cache Name:
Waypoint:
LAT:	° . N	S
LON:	° . W	E

'; echo FOOT; Break; case 'create': echo HEAD; $lat1 = abs($_POST['lat1']); $lat2 = str_pad($_POST['lat2'], 2, "0", STR_PAD_LEFT); $lat3 = str_pad($_POST['lat3'], 3, "0", STR_PAD_RIGHT); $lon1 = abs($_POST['lon1']); $lon2 = str_pad($_POST['lon2'], 2, "0", STR_PAD_LEFT); $lon3 = str_pad($_POST['lon3'], 3, "0", STR_PAD_RIGHT); $latd = $_POST['latdir']; $lond = $_POST['londir']; $combined = sprintf( "%u%s%s%u%s%s%s%s",$lat1,$lat2,$lat3,$lon1,$lon2,$lon3,$latd,$lond ); $pretty = sprintf( "%s %u° %s.%s %s %u° %s.%s",$latd,$lat1,$lat2,$lat3,$lond,$lon1,$lon2,$lon3 ); $wp = strtoupper($_POST['wp']); $name = stripslashes($_POST['name']); $urlname = urlencode($name); echo 'Code Created!
The URL for "'.$name.'" with waypoint "'.$wp.'"
with coordinates '.$pretty.' is:

'; echo "

<a href=\"".$this_script."?code=".md5($key.$combined.$wp)."&action=check&wp=".$wp."&name=".$urlname."\">Check Coordinates</a>

"; echo "

Highlight the whole line and copy it to your cache page.

"; echo FOOT; break; case 'check': $wp = $_GET['wp']; $name = stripslashes(urldecode($_GET['name'])); $code = $_GET['code']; $name = ( $name === "" )?"No cache name defined":$name; echo HEAD; echo ''; echo '

Cache Name:	'.$name.'
Waypoint:	'.$wp.'
LAT:	° .	N	S
LON:	° .	W	E
Security Check:

'; echo '

Checking Your Solution
It appears you have followed a link with an embedded code.

How to Check Your Solution
First make sure you are checking the solution for the cache displayed below. Enter the coordinates you wish to confirm. Press "Check Coordinates".

Security Check
In order to increase the difficulty of cheating the system a human is needed to enter 5 digits in the Security Check box. These is an image to the right the box. Enter those numbers in the box for the script to work.

'; echo FOOT; break; // case 'confirm': session_start(); $digit = $_SESSION['digit']; $userdigit = $_POST['security']; session_destroy(); echo HEAD; $lat1 = abs($_POST['lat1']); $lat2 = str_pad($_POST['lat2'], 2, "0", STR_PAD_LEFT); $lat3 = str_pad($_POST['lat3'], 3, "0", STR_PAD_RIGHT); $lon1 = abs($_POST['lon1']); $lon2 = str_pad($_POST['lon2'], 2, "0", STR_PAD_LEFT); $lon3 = str_pad($_POST['lon3'], 3, "0", STR_PAD_RIGHT); $latd = $_POST['latdir']; $lond = $_POST['londir']; $combined = sprintf( "%u%s%s%u%s%s%s%s",$lat1,$lat2,$lat3,$lon1,$lon2,$lon3,$latd,$lond ); $pretty = sprintf( "%s %u° %s.%s %s %u° %s.%s",$latd,$lat1,$lat2,$lat3,$lond,$lon1,$lon2,$lon3 ); $wp = strtoupper($_POST['wp']); $name = stripslashes($_POST['name']); $urlname = urlencode($name); $code = $_POST['code']; $attempt = md5($key.$combined.$wp); if (($digit == $userdigit) && ($digit > 1)) { echo "

· ".$name." ·
· ".$wp." ·

".$pretty."

"; if ( $attempt == $code){ Echo '

Your Correct!

Fantastic work, job well done! HIGH FIVE!

Now, go get it!
'; }else{ echo '

Incorrect

Your coordinates are not correct. Try alittle more, you\'ll get it.

'; } echo "

"; } else { Echo '

Security Check Failed

Make sure you are entering the 5 digits in the Security Check field.
You may have to refresh the page to get a new set of numbers.

'; } echo FOOT; break; } ?>

· ".$name." ·· ".$wp." ·".$pretty."

· ".$name." ·
· ".$wp." ·

".$pretty."