beikeland · June 27, 2019 18:10
diff --git a/door.php b/door.php
 <?php
 require_once __DIR__.'/vendor/autoload.php';
 use Hashids\Hashids;

 $hashids = new Hashids('somerandomtext', 6, 'abcdefghijklmnopqrstuvwxyz');

 $db = new SQLite3('door.db');
 $db->busyTimeout(5000);
 $db->exec('CREATE TABLE IF NOT EXISTS tokens (id INTEGER PRIMARY KEY AUTOINCREMENT, refrence TEXT(64), count INTEGER, valid_from DATETIME, valid_to DATETIME)');

 function validate_token($token, $time=0)
 {
  global $hashids, $db;
  if ($time == 0)
    $time = time();

  $token = @$hashids->decode($token);
  if (isset($token[0]))
    $token = $token[0];
  else
    return "false";

  $query = 'SELECT refrence, count, valid_from, valid_to FROM tokens where id="'.$token.'"';
  $results = $db->query($query);
  $row = $results->fetchArray(SQLITE3_ASSOC);
  if ($row["valid_from"] > $time)
    return false; //" Not yet valid";
  if ($time >= $row["valid_to"])
    return false; //" No longer valid";
  if ($row["count"] <= 0)
    return false; //" No more uses";
  return true;
 }

 function consume_token($token)
 {
  global $hashids, $db;
  $token = @$hashids->decode($token);
  if (isset($token[0]))
    $token = $token[0];
  else
    return false;
  $query = 'UPDATE tokens SET count=count-1 where id="'.$token.'"';
  return $db->exec($query);
 }


 //web stuff
 if (http_response_code()!==FALSE)
 {
  if (isset($_GET['token']))
  {
    $token = $_GET['token'];
    $access = validate_token($token, $start);
    if ($access === true)
    {
      consume_token($token);
      $ch = curl_init();
      curl_setopt($ch, CURLOPT_URL,"http://10.10.0.162/switch/front_door/turn_on");
      curl_setopt($ch, CURLOPT_POST, 1);
      curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
      $server_output = curl_exec($ch);
      curl_close ($ch);
      header('Content-Type: application/json');
      echo "{Status:\"OK\"}\n";
      exit(0);
    }
  }
  header($_SERVER["SERVER_PROTOCOL"]." 403 Forbidden");
  exit(0);
 }
 //cli stuff
 else
 {
  //validate token on command line
  if (isset($argv[1]))
  {
    $token = $argv[1];
    echo $token."\n";
    $start = readline("Valid when(now): ");
    readline_add_history($start);
    if ($start == "")
        $start=time();
    else 
        $start = strtotime($start);

    echo "Start: ".date("c", $start)."\n";

    $access = validate_token($token, $start);
    if ($access === true)
      echo "valid token\n";
    else
      echo "invalid token\n";
    exit(0);
  }

  //register new token
  $ref = readline("Refrence: ");
  if ($ref == "")
     $ref = "No refrence";

  $count = readline("Valid count(1): ");
  if (!is_numeric($count))
     $count = 1;

  //add some history for easy selection.
  readline_add_history("now");
  readline_add_history("+1 day");
  readline_add_history("+2 days");
  readline_add_history("+1 week");
  readline_add_history("+2 weeks");
  readline_add_history("+1 month");
  //valid_from
  $start = readline("Valid from(now): ");
  readline_add_history($start);
  if ($start == "")
      $start=time();                      //default is current time
  else 
      $start = strtotime($start);         //or whatever the user specified.
  //valid_to
  do 
  {
    $stop = readline("Valid to(+1 day): ");
    readline_add_history($stop);
    if ($stop == "")
        $stop=strtotime("+1 day", $start);  //default is one day
    else 
        $stop = strtotime($stop, $start);   //or whatever the user specified.
    if ($stop <= $start)
        echo "enter time in the future!\n";
  } 
  while ($stop <= $start);
  
  echo "Start: ".date("c", $start)."\n";
  echo "Stop:  ".date("c", $stop)."\n";
  
  readline_clear_history();
  $ok = readline("Insert now (yes): ");
  if ($ok == "")
  {
    $query = 'INSERT INTO tokens(refrence, count, valid_from, valid_to) VALUES("'.$ref.'", '.$count.', "'.$start.'", "'.$stop.'")';
    $db->exec($query);
    echo "https://....?token=".$hashids->encode($db->lastInsertRowID())."\n";
  }
 }
	<?php
	require_once __DIR__.'/vendor/autoload.php';
	use Hashids\Hashids;

	$hashids = new Hashids('somerandomtext', 6, 'abcdefghijklmnopqrstuvwxyz');

	$db = new SQLite3('door.db');
	$db->busyTimeout(5000);
	$db->exec('CREATE TABLE IF NOT EXISTS tokens (id INTEGER PRIMARY KEY AUTOINCREMENT, refrence TEXT(64), count INTEGER, valid_from DATETIME, valid_to DATETIME)');

	function validate_token($token, $time=0)
	{
	global $hashids, $db;
	if ($time == 0)
	$time = time();

	$token = @$hashids->decode($token);
	if (isset($token[0]))
	$token = $token[0];
	else
	return "false";

	$query = 'SELECT refrence, count, valid_from, valid_to FROM tokens where id="'.$token.'"';
	$results = $db->query($query);
	$row = $results->fetchArray(SQLITE3_ASSOC);
	if ($row["valid_from"] > $time)
	return false; //" Not yet valid";
	if ($time >= $row["valid_to"])
	return false; //" No longer valid";
	if ($row["count"] <= 0)
	return false; //" No more uses";
	return true;
	}

	function consume_token($token)
	{
	global $hashids, $db;
	$token = @$hashids->decode($token);
	if (isset($token[0]))
	$token = $token[0];
	else
	return false;
	$query = 'UPDATE tokens SET count=count-1 where id="'.$token.'"';
	return $db->exec($query);
	}


	//web stuff
	if (http_response_code()!==FALSE)
	{
	if (isset($_GET['token']))
	{
	$token = $_GET['token'];
	$access = validate_token($token, $start);
	if ($access === true)
	{
	consume_token($token);
	$ch = curl_init();
	curl_setopt($ch, CURLOPT_URL,"http://10.10.0.162/switch/front_door/turn_on");
	curl_setopt($ch, CURLOPT_POST, 1);
	curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
	$server_output = curl_exec($ch);
	curl_close ($ch);
	header('Content-Type: application/json');
	echo "{Status:\"OK\"}\n";
	exit(0);
	}
	}
	header($_SERVER["SERVER_PROTOCOL"]." 403 Forbidden");
	exit(0);
	}
	//cli stuff
	else
	{
	//validate token on command line
	if (isset($argv[1]))
	{
	$token = $argv[1];
	echo $token."\n";
	$start = readline("Valid when(now): ");
	readline_add_history($start);
	if ($start == "")
	$start=time();
	else
	$start = strtotime($start);

	echo "Start: ".date("c", $start)."\n";

	$access = validate_token($token, $start);
	if ($access === true)
	echo "valid token\n";
	else
	echo "invalid token\n";
	exit(0);
	}

	//register new token
	$ref = readline("Refrence: ");
	if ($ref == "")
	$ref = "No refrence";

	$count = readline("Valid count(1): ");
	if (!is_numeric($count))
	$count = 1;

	//add some history for easy selection.
	readline_add_history("now");
	readline_add_history("+1 day");
	readline_add_history("+2 days");
	readline_add_history("+1 week");
	readline_add_history("+2 weeks");
	readline_add_history("+1 month");
	//valid_from
	$start = readline("Valid from(now): ");
	readline_add_history($start);
	if ($start == "")
	$start=time(); //default is current time
	else
	$start = strtotime($start); //or whatever the user specified.
	//valid_to
	do
	{
	$stop = readline("Valid to(+1 day): ");
	readline_add_history($stop);
	if ($stop == "")
	$stop=strtotime("+1 day", $start); //default is one day
	else
	$stop = strtotime($stop, $start); //or whatever the user specified.
	if ($stop <= $start)
	echo "enter time in the future!\n";
	}
	while ($stop <= $start);

	echo "Start: ".date("c", $start)."\n";
	echo "Stop: ".date("c", $stop)."\n";

	readline_clear_history();
	$ok = readline("Insert now (yes): ");
	if ($ok == "")
	{
	$query = 'INSERT INTO tokens(refrence, count, valid_from, valid_to) VALUES("'.$ref.'", '.$count.', "'.$start.'", "'.$stop.'")';
	$db->exec($query);
	echo "https://....?token=".$hashids->encode($db->lastInsertRowID())."\n";
	}
	}