door token

door.php

<?php
require_once __DIR__.'/vendor/autoload.php';
use Hashids\Hashids;

$hashids = new Hashids('somerandomtext', 6, 'abcdefghijklmnopqrstuvwxyz');

$db = new SQLite3('door.db');
$db->busyTimeout(5000);
$db->exec('CREATE TABLE IF NOT EXISTS tokens (id INTEGER PRIMARY KEY AUTOINCREMENT, refrence TEXT(64), count INTEGER, valid_from DATETIME, valid_to DATETIME)');

function validate_token($token, $time=0)
{
  global $hashids, $db;
  if ($time == 0)
    $time = time();

  $token = @$hashids->decode($token);
  if (isset($token[0]))
    $token = $token[0];
  else
    return "false";

  $query = 'SELECT refrence, count, valid_from, valid_to FROM tokens where id="'.$token.'"';
  $results = $db->query($query);
  $row = $results->fetchArray(SQLITE3_ASSOC);
  if ($row["valid_from"] > $time)
    return false; //" Not yet valid";
  if ($time >= $row["valid_to"])
    return false; //" No longer valid";
  if ($row["count"] <= 0)
    return false; //" No more uses";
  return true;
}

function consume_token($token)
{
  global $hashids, $db;
  $token = @$hashids->decode($token);
  if (isset($token[0]))
    $token = $token[0];
  else
    return false;
  $query = 'UPDATE tokens SET count=count-1 where id="'.$token.'"';
  return $db->exec($query);
}


//web stuff
if (http_response_code()!==FALSE)
{
  if (isset($_GET['token']))
  {
    $token = $_GET['token'];
    $access = validate_token($token, $start);
    if ($access === true)
    {
      consume_token($token);
      $ch = curl_init();
      curl_setopt($ch, CURLOPT_URL,"http://10.10.0.162/switch/front_door/turn_on");
      curl_setopt($ch, CURLOPT_POST, 1);
      curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
      $server_output = curl_exec($ch);
      curl_close ($ch);
      header('Content-Type: application/json');
      echo "{Status:\"OK\"}\n";
      exit(0);
    }
  }
  header($_SERVER["SERVER_PROTOCOL"]." 403 Forbidden");
  exit(0);
}
//cli stuff
else
{
  //validate token on command line
  if (isset($argv[1]))
  {
    $token = $argv[1];
    echo $token."\n";
    $start = readline("Valid when(now): ");
    readline_add_history($start);
    if ($start == "")
        $start=time();
    else 
        $start = strtotime($start);

    echo "Start: ".date("c", $start)."\n";

    $access = validate_token($token, $start);
    if ($access === true)
      echo "valid token\n";
    else
      echo "invalid token\n";
    exit(0);
  }

  //register new token
  $ref = readline("Refrence: ");
  if ($ref == "")
     $ref = "No refrence";

  $count = readline("Valid count(1): ");
  if (!is_numeric($count))
     $count = 1;

  //add some history for easy selection.
  readline_add_history("now");
  readline_add_history("+1 day");
  readline_add_history("+2 days");
  readline_add_history("+1 week");
  readline_add_history("+2 weeks");
  readline_add_history("+1 month");
  //valid_from
  $start = readline("Valid from(now): ");
  readline_add_history($start);
  if ($start == "")
      $start=time();                      //default is current time
  else 
      $start = strtotime($start);         //or whatever the user specified.
  //valid_to
  do 
  {
    $stop = readline("Valid to(+1 day): ");
    readline_add_history($stop);
    if ($stop == "")
        $stop=strtotime("+1 day", $start);  //default is one day
    else 
        $stop = strtotime($stop, $start);   //or whatever the user specified.
    if ($stop <= $start)
        echo "enter time in the future!\n";
  } 
  while ($stop <= $start);
  
  echo "Start: ".date("c", $start)."\n";
  echo "Stop:  ".date("c", $stop)."\n";
  
  readline_clear_history();
  $ok = readline("Insert now (yes): ");
  if ($ok == "")
  {
    $query = 'INSERT INTO tokens(refrence, count, valid_from, valid_to) VALUES("'.$ref.'", '.$count.', "'.$start.'", "'.$stop.'")';
    $db->exec($query);
    echo "https://....?token=".$hashids->encode($db->lastInsertRowID())."\n";
  }
}