How to validate a wmsAuthSign hash in php?

Navigation
1

I have the following code that creates a security hash for authentication on media servers, I would like to know how it could be validated in php itself, media servers should use some logic for this , and that's what I want, a code that does the same thing in php.

I think the biggest difficulty is with gmdate that changes the face access to the hash generation function, such as hash is passed via md5 , you can not get gmdate for a comparison, for security of course, so what could be done to create a new hash wmsAuthSign validation function? >

The wmsAuthSign generation code >: 

$today = gmdate("n/j/Y g:i:s A");
$ip = $_SERVER['REMOTE_ADDR'];
$key = "defaultpassword";
$validminutes = 20;
$str2hash = $ip . $key . $today . $validminutes;
$md5raw = md5($str2hash, true);
$base64hash = base64_encode($md5raw);
$urlsignature = "server_time=" . $today ."&hash_value=" . $base64hash. "&validminutes=$validminutes";
$base64urlsignature = base64_encode($urlsignature);
wmsAuthSign=<?php echo $base64urlsignature;?>

In summary, I create my own hash , but I do not know how to validate it in php.

    
asked by anonymous 11.10.2016 / 18:50

1 answer

2
base64_decode($urlsignature);
$dados = explode($urlsignature,"&");
$validar = [];
foreach($dados as $k=>$v){
    //converte a url em array
    $temp = explode($v,"=");
    $key = $temp[0];
    unset($temp[0]);
    if(count($temp)>1){
        $value = implode($temp,"=");
    }
    else{
        $value = $temp[1];
    }
    $validar[$key] = $value;
}

// O array Validar terá todos os seus dados, mas saiba que uma vez que você converter para md5, o mesmo não poderá ser "desconvertido" (na verdade é pra isso mesmo que o md5 serve kkkkk)
    
11.10.2016 / 22:21
CAST for monetary value stored in text in MySQL JList - does not update when logging in again