<? require_once 'functions.php'; //request is ok when user token and device id are present and valid in the db //if request is valid, sanitized params are returned //if request is not valid, the negative response is automatically produced //and the rest of the script is not executed $params = verifyRequest($_POST); if (hasValidToken($params['user'], $params['device_id'], $params['token'])) { $data = array("shortcut1"=>"this is the first shortcut", "shortcut2"=>"second shortcut"); $resp = response(1,"SHORTCUTS_LIST","LIST OF SHORTCUTS",$params['user'],$data); echo $resp; } else { $resp = response(2,"SHORTCUTS_LIST","ACCESS DENIED",$params['user'],FALSE); echo $resp; } ?>
<?php session_start(); require "pdo.php"; $userID = $_SESSION["userID"]; $targetID = $_POST["targetID"]; $daySlot = $_POST["daySlot"]; if (verifyRequest($userID, $targetID, $daySlot) == false) { $status = addRequest($userID, $targetID, $daySlot); echo $status; } else { echo false; }
<? require_once 'functions.php'; verifyRequest($mysqli, $_POST); //echo "request verified"; /* $user = "******"; $device_id = "iphone34958"; $token = "73a6499ae8ad44fcbfbdca3dd6d15445"; $ret = hasValidToken($mysqli, $user, $device_id, $token); echo "<br>hasvalidtoken:$ret"; */ /*$user = sanitize('gluseppe'); $email = sanitize('*****@*****.**'); $password = sanitize('123buona'); $role = "user"; //$password = "******"; $salt = bin2hex(openssl_random_pseudo_bytes(16)); echo "<br>salt: $salt"; $psw_salt = $password.$salt; echo "<br>psw_salt: $psw_salt"; $salted_and_hashed = md5($psw_salt); echo "<br>salted and hashed: $salted_and_hashed";