} /** * Timestamp parameter is not checked since current protocol * says that 1 means request timestamp and anything else is discarded. */ /** * Initialize the sync library. Strive to use this instead of custom * DB requests, custom comparisons etc. */ $sync = new SyncLib('ykval-verify:synclib'); $sync->addField('ip', $ipaddr); $sync->addField('otp', $otp); if (!$sync->isConnected()) { sendResp(S_BACKEND_ERROR, $myLog); } if (($cd = $sync->getClientData($client)) === FALSE) { $myLog->log(LOG_NOTICE, "Invalid client id {$client}"); sendResp(S_NO_SUCH_CLIENT, $myLog); } $myLog->log(LOG_DEBUG, 'Client data:', $cd); /** * Check client signature */ $apiKey = $cd['secret']; $apiKey = base64_decode($apiKey); unset($cd); if ($h != '') { // Create the signature using the API key $a; if ($_GET) { $a = $_GET;
// if ($client <= 0) { $myLog->log(LOG_NOTICE, 'Client ID is missing'); sendResp(S_MISSING_PARAMETER, $myLog); exit; } /* Initialize the sync library. Strive to use this instead of custom DB requests, custom comparisons etc */ $sync = new SyncLib('ykval-verify:synclib'); $sync->addField('ip', $_SERVER['REMOTE_ADDR']); $sync->addField('otp', $otp); if (!$sync->isConnected()) { sendResp(S_BACKEND_ERROR, $myLog); exit; } $cd = $sync->getClientData($client); if (!$cd) { $myLog->log(LOG_NOTICE, 'Invalid client id ' . $client); sendResp(S_NO_SUCH_CLIENT, $myLog); exit; } $myLog->log(LOG_DEBUG, "Client data:", $cd); //// Check client signature // $apiKey = base64_decode($cd['secret']); if ($h != '') { // Create the signature using the API key $a; if ($_GET) { $a = $_GET; } elseif ($_POST) {