akroii/fetch.php

## fetch.php
<?php
/*
*
*   DocCheck FETCH Login Script
*   Set the secret_key that has been provided to you by DocCheck or vice versa in row 12
*   Example url:
*     domain.tld/fetch.php?dc_fetch_timestamp=1580983484969&dc_fetch_checksum=abcd
*
*/

ob_start();

$secret_key = "SECRET";
$dc_timestamp = $_GET['dc_fetch_timestamp'];
$dc_checksum = $_GET['dc_fetch_checksum'];
$response = array("error");

function check_server_time_difference($time, $time_span) {
  $server_time = time();
  $min_time = $time - $time_span;
  $max_time = $time + $time_span;

  if ( ( $server_time >= $min_time ) && ( $server_time <= $max_time ) ) {
    return true;
  } else {
    return false;
  }

}

function validate_checksum($key, $timestamp, $checksum) {
  $hash = md5('DC_Login_FetchUrl::' . $key . '::' . $timestamp);
  if ($hash == $checksum) {
    return true;
  } else {
    return false;
  }

}

if (check_server_time_difference($dc_timestamp, 30)) {
  if (validate_checksum($secret_key, $dc_timestamp, $dc_checksum)) {
    session_start();
    $response = array(
      'session_id' => session_id()
    );
  } else {
    die("The checksum or the key do not match.");
  };
} else {
  die ("Timestamp mismatches");
}

//  Get rid of all output buffers
ob_end_clean();

// Return session ID to doccheck
return json_encode($response);
?>
	<?php
	/*
	*
	* DocCheck FETCH Login Script
	* Set the secret_key that has been provided to you by DocCheck or vice versa in row 12
	* Example url:
	* domain.tld/fetch.php?dc_fetch_timestamp=1580983484969&dc_fetch_checksum=abcd
	*
	*/

	ob_start();

	$secret_key = "SECRET";
	$dc_timestamp = $_GET['dc_fetch_timestamp'];
	$dc_checksum = $_GET['dc_fetch_checksum'];
	$response = array("error");

	function check_server_time_difference($time, $time_span) {
	$server_time = time();
	$min_time = $time - $time_span;
	$max_time = $time + $time_span;

	if ( ( $server_time >= $min_time ) && ( $server_time <= $max_time ) ) {
	return true;
	} else {
	return false;
	}

	}

	function validate_checksum($key, $timestamp, $checksum) {
	$hash = md5('DC_Login_FetchUrl::' . $key . '::' . $timestamp);
	if ($hash == $checksum) {
	return true;
	} else {
	return false;
	}

	}

	if (check_server_time_difference($dc_timestamp, 30)) {
	if (validate_checksum($secret_key, $dc_timestamp, $dc_checksum)) {
	session_start();
	$response = array(
	'session_id' => session_id()
	);
	} else {
	die("The checksum or the key do not match.");
	};
	} else {
	die ("Timestamp mismatches");
	}

	// Get rid of all output buffers
	ob_end_clean();

	// Return session ID to doccheck
	return json_encode($response);
	?>