From c83fd453a034f445c0b1ad88ec35ee5da75ecf8d Mon Sep 17 00:00:00 2001 From: Pierre Date: Sun, 7 Jan 2018 17:15:26 +0100 Subject: [PATCH] Get securely a timestamp sent in a POST request --- functions/requests.php | 24 +++++++++++++++++++++++- 1 file changed, 23 insertions(+), 1 deletion(-) diff --git a/functions/requests.php b/functions/requests.php index 25d3edc..393e0e5 100644 --- a/functions/requests.php +++ b/functions/requests.php @@ -236,6 +236,28 @@ function getPostMovieId(string $name = "movieID") : int { return $movieID; } +/** + * Get a timestamp posted in a post request + * + * @param string $name The name of the $_POST entry + * @return int The timestamp if everything went well + */ +function getPostTimeStamp(string $name) : int { + + //Check if the variable exists + if(!isset($_POST[$name])) + Rest_fatal_error(400, "Please specify a timestamp in '".$name."' ! "); + $timestamp = toInt($_POST[$name]); + + //Check timestamp validity + if($timestamp < 10000) + Rest_fatal_error(400, "Please specify a valid timestamp value in ".$timestamp." !"); + + //Return timestamp + return $timestamp; + +} + /** * Check the validity of an file posted in a request * @@ -244,7 +266,7 @@ function getPostMovieId(string $name = "movieID") : int { */ function check_post_file(string $name) : bool { - //Check if image exists + //Check if file exists if(!isset($_FILES[$name])) return false;