class SFEAuth { function requestToken($request_type, $request_time, $username) { //Request types can be one of two catagories, internal requests (0) or API requests (1) if ($request_type == '0') { $userAuthQuery = mysql_query("SELECT session_start,password FROM users WHERE username='******' LIMIT 1"); $userAuth = mysql_fetch_assoc($userAuthQuery); echo '<pre>'; print_r($userAuth); echo '<br/>'; print_r($_SESSION); echo '<br/>'; print_r('API request time: ' . $request_time); echo '<br/>'; print_r('username: '******'</pre>'; } } function newToken() { } function renewToken() { } function destroyToken() { } } $a = new SFEAuth(); $a->requestToken(0, $request_time, $username);
<?php session_start(); date_default_timezone_set('America/Chicago'); require_once '../api/SFEAuth.php'; //Test SFEAuth $SFEAuth = new SFEAuth(); //$SFEAuth->authServer(time(),$_GET['type'],$_GET['client_id'],$_GET['client_secret'],$_GET['redirect_uri'],$_GET['state'],$_GET['scope']); //$SFEAuth->unitTest(time(),"hello",$_GET['scope']); $client_name = 'localhost'; $client_id = hash_hmac('sha1', $client_name, mt_rand()); $client_secret = $SFEAuth->unitTest(time(), $client_id, 'internal'); $redirect_uri = 'weather.php?city=52242'; echo '<pre>'; echo 'client ID: ' . $client_id . '<br/>'; echo 'API key: ' . $client_secret . '<br/>'; echo 'Request URI: ' . $_SERVER['REQUEST_URI'] . '<br/>'; print_r($_SESSION); echo '</pre>'; ?>
<?php //Create new session session_start(); date_default_timezone_set('America/Chicago'); $time = time(); require_once '../../lib/db.php'; // Connect database. $db = new Database(); $db->connect(); require_once '../../api/SFEAuth.php'; //SFEAuth $SFEAuth = new SFEAuth(); $SFEAuth->authServer($time, $_POST['type'], $_POST['client_id'], $_POST['client_secret'], $_POST['redirect_uri'], $_POST['state'], $_POST['scope']); $username = $_POST['username']; $password = hash('sha256', $_POST['password']); $authQuery = "SELECT * FROM users WHERE username='******' AND password='******' LIMIT 1"; $result = mysql_query($authQuery); if (mysql_num_rows($result) != '0') { // If match. $_SESSION['username'] = $username; // Create session username. $_SESSION['studio'] = $_POST['studio']; mysql_query(" UPDATE users SET session_start='" . mysql_real_escape_string($time) . "' WHERE username='******' "); header("Content-Type: application/json"); header("Cache-Control: no-store"); echo '{"state":"verified", "redirect_uri":"' . $_POST['redirect_uri'] . '"}'; exit; } else { // If not match //Verify that existing user sessions are cleared