exit;
} else {
$extra['sl'] = $sl_success_rate;
sendResp(S_NOT_ENOUGH_ANSWERS, $myLog, $apiKey, $extra);
exit;
}
}
/* Recreate parameters to make phising test work out
TODO: use timefunctionality in deltatime library instead */
$sessionCounter = $otpParams['yk_counter'];
$sessionUse = $otpParams['yk_use'];
$seenSessionCounter = $localParams['yk_counter'];
$seenSessionUse = $localParams['yk_use'];
$ad['high'] = $localParams['yk_high'];
$ad['low'] = $localParams['yk_low'];
$ad['accessed'] = $sync->unixToDbTime($localParams['modified']);
//// Check the time stamp
//
if ($sessionCounter == $seenSessionCounter && $sessionUse > $seenSessionUse) {
$ts = ($otpinfo['high'] << 16) + $otpinfo['low'];
$seenTs = ($ad['high'] << 16) + $ad['low'];
$tsDiff = $ts - $seenTs;
$tsDelta = $tsDiff * TS_SEC;
//// Check the real time
//
$lastTime = strtotime($ad['accessed']);
$now = time();
$elapsed = $now - $lastTime;
$deviation = abs($elapsed - $tsDelta);
// Time delta server might verify multiple OTPS in a row. In such case validation server doesn't
// have time to tick a whole second and we need to avoid division by zero.
