Last active
December 6, 2019 19:49
-
-
Save onliniak/1535c208fc9d087f4deda31e93846bd3 to your computer and use it in GitHub Desktop.
Something like WP-nonce for AJAX authentication.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| include_once $_SERVER['DOCUMENT_ROOT'] . '/wp-config.php'; | |
| global $wpdb; | |
| // Set timezone | |
| date_default_timezone_set('Europe/Warsaw'); | |
| $select = file_get_contents('php://input'); | |
| $decode = json_decode($select, true); | |
| // timestamp | |
| $time = time(); | |
| // day name | |
| $day = idate('w', time()); | |
| // in JavaScript we have 13 characters, but in PHP only 10. | |
| $time_client = substr($decode["token"], 0, 3); | |
| $time_server = substr($time, 7, 10); | |
| $travelTime = $time_server - $time_client; | |
| if (strlen($decode["token"]) == 14 && $travelTime <= 10 && substr($decode["token"], 3, 1) == $day){ | |
| // OK | |
| // […] | |
| // $hash = substr($decode["it's.me"], 4, 14); | |
| var_dump($wpdb->last_error); | |
| }else{ | |
| // Not OK | |
| die('Unvalid token'); | |
| } | |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| function hash() { | |
| identification = window.crypto.getRandomValues(new Uint32Array(1)) | |
| timestamp = new Date() | |
| // day name | |
| day = timestamp.getDay() | |
| // timestamp | |
| today = timestamp.getTime() | |
| minute = today.toString().substr(7, 3) | |
| return minute.concat(day).concat(identification) | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment