function test_verifyMd5Hash() { //Arrange $prefix = null; $sharedKey = "zaqxswcdevfrbgtnhymjukiloZAQCDEFRBGTNHYMJUKILOPlkjhgfdsapoiuytrewqmnbvcx"; $expectedPlaceInqueue = 7810; $expectedQueueId = "fe070f51-5548-403c-9f0a-2626c15cb81b"; $placeInQueueEncrypted = "3d20e598-0304-474f-87e8-371a34073d3b"; $unixTimestamp = 1360241766; $expectedTimeStamp = new DateTime("2013-02-07 12:56:06", new DateTimeZone("UTC")); $expectedCustomerId = "somecust"; $expectedEventId = "someevent"; $expectedOriginalUrl = "http://www.example.com/test.aspx?prop=value"; $expectedRedirectType = RedirectType::Queue; $urlNoHash = $expectedOriginalUrl . "?" . $prefix . "c=somecust&" . $prefix . "e=someevent&" . $prefix . "q=" . $expectedQueueId . "&" . $prefix . "p=" . $placeInQueueEncrypted . "&" . $prefix . "ts=" . $unixTimestamp . "&" . $prefix . "rt=queue&" . $prefix . "h="; $expectedHash = md5(utf8_encode($urlNoHash . $sharedKey)); $url = $urlNoHash . $expectedHash; $urlProvider = new MockUrlProvider($url, $expectedOriginalUrl, $expectedQueueId, $placeInQueueEncrypted, (string) $unixTimestamp, $expectedCustomerId, $expectedEventId, "queue"); //Act $knownUser = QueueIT\Security\KnownUserFactory::verifyMd5Hash($sharedKey, $urlProvider, $prefix); $this->assertNotNull($knownUser); $this->assertEqual($expectedQueueId, $knownUser->getQueueId()); $this->assertEqual($expectedPlaceInqueue, $knownUser->getPlaceInQueue()); $this->assertEqual($expectedTimeStamp, $knownUser->getTimeStamp()); $this->assertEqual($expectedCustomerId, $knownUser->getCustomerId()); $this->assertEqual($expectedEventId, $knownUser->getEventId()); $this->assertEqual($expectedRedirectType, $knownUser->getRedirectType()); $this->assertEqual($expectedOriginalUrl, $knownUser->getOriginalUrl()); }
function test_verifyMd5Hash_KnownUserException() { //Arrange $prefix = null; $sharedKey = "zaqxswcdevfrbgtnhymjukiloZAQCDEFRBGTNHYMJUKILOPlkjhgfdsapoiuytrewqmnbvcx"; $expectedPlaceInqueue = 7810; $expectedQueueId = "fe070f51-5548-403c-9f0a-2626c15cb81b"; $placeInQueueEncrypted = "3d20e598-0304-474f-87e8-371a34073d3b"; $unixTimestamp = 1360241766; $expectedTimeStamp = new DateTime("2013-02-07 12:56:06", new DateTimeZone("UTC")); $expectedCustomerId = "somecust"; $expectedEventId = "someevent"; $expectedOriginalUrl = "http://www.example.com/test.aspx?prop=value"; $urlNoHash = $expectedOriginalUrl . "?" . $prefix . "c=somecust&" . $prefix . "e=someevent&" . $prefix . "q=" . $expectedQueueId . "&" . $prefix . "p=" . $placeInQueueEncrypted . "&" . $prefix . "ts=" . $unixTimestamp . "&" . $prefix . "h="; $expectedHash = "INVALIDHASHxxxxxxxxxxxxxxxxxxxx"; $url = $urlNoHash . $expectedHash; $urlProvider = new MockUrlProvider($url, $expectedOriginalUrl, $expectedQueueId, $placeInQueueEncrypted, (string) $unixTimestamp, $expectedCustomerId, $expectedEventId); //Act try { $knownUser = KnownUserFactory::verifyMd5Hash($sharedKey, $urlProvider, $prefix); } catch (QueueIT\Security\KnownUserException $e) { $this->assertEqual($url, $e->getValidationUrl()); $this->assertEqual($expectedOriginalUrl, $e->getOriginalUrl()); } }
{ $ssl = isset($_SERVER["HTTPS"]) && $_SERVER["HTTPS"] == "on"; $pageURL = 'http'; if ($ssl) { $pageURL .= "s"; } $pageURL .= "://"; if (!$ssl && $_SERVER["SERVER_PORT"] != "80" || $ssl && $_SERVER["SERVER_PORT"] != "443") { $pageURL .= $_SERVER["SERVER_NAME"] . ":" . $_SERVER["SERVER_PORT"] . '/link.php'; } else { $pageURL .= $_SERVER["SERVER_NAME"] . '/link.php'; } return $pageURL; } try { $knownUser = KnownUserFactory::verifyMd5Hash(); if ($knownUser == null) { header('Location: link.php'); } if ($knownUser->getTimeStamp()->getTimestamp() < time() - 180) { header('Location: link.php'); } } catch (KnownUserException $ex) { header('Location: error.php?queuename=link&t=' . urlencode(getLinkUrl())); } //Buffer larger content areas like the main page content ob_start(); ?> <h3>Setting up the queue:</h3> <ol class="round"> <li class="one">