<?
require_once 'functions.php';
//request is ok when user token and device id are present and valid in the db
//if request is valid, sanitized params are returned
//if request is not valid, the negative response is automatically produced
//and the rest of the script is not executed
$params = verifyRequest($_POST);
if (hasValidToken($params['user'], $params['device_id'], $params['token']))
{
$data = array("shortcut1"=>"this is the first shortcut",
"shortcut2"=>"second shortcut");
$resp = response(1,"SHORTCUTS_LIST","LIST OF SHORTCUTS",$params['user'],$data);
echo $resp;
}
else
{
$resp = response(2,"SHORTCUTS_LIST","ACCESS DENIED",$params['user'],FALSE);
echo $resp;
}
?>
<?php
session_start();
require "pdo.php";
$userID = $_SESSION["userID"];
$targetID = $_POST["targetID"];
$daySlot = $_POST["daySlot"];
if (verifyRequest($userID, $targetID, $daySlot) == false) {
$status = addRequest($userID, $targetID, $daySlot);
echo $status;
} else {
echo false;
}
<?
require_once 'functions.php';
verifyRequest($mysqli, $_POST);
//echo "request verified";
/*
$user = "******";
$device_id = "iphone34958";
$token = "73a6499ae8ad44fcbfbdca3dd6d15445";
$ret = hasValidToken($mysqli, $user, $device_id, $token);
echo "<br>hasvalidtoken:$ret";
*/
/*$user = sanitize('gluseppe');
$email = sanitize('*****@*****.**');
$password = sanitize('123buona');
$role = "user";
//$password = "******";
$salt = bin2hex(openssl_random_pseudo_bytes(16));
echo "<br>salt: $salt";
$psw_salt = $password.$salt;
echo "<br>psw_salt: $psw_salt";
$salted_and_hashed = md5($psw_salt);
echo "<br>salted and hashed: $salted_and_hashed";
