nickfox/gist:a2cbf7d73f74dc6be0d8

## gistfile1.txt
                    $gps_time = urldecode($wp_query->query_vars['gpstime']);

                    // gpstime of '0000-00-00 00:00:00' is how we determine if its a nonce request
                    if ($gps_time == '0000-00-00 00:00:00') {
                        $session_id = $wp_query->query_vars['sessionid'];
                        $session_id_pattern = '[0-9a-fA-F]{8}(?:-[0-9a-fA-F]{4}){3}-[0-9a-fA-F]{12}';

                        if (preg_match($session_id_pattern, $session_id)) {
                            $wpnonce = wp_create_nonce($session_id);
                        } else {
                            $wpnonce = '0';
                        }

                        header("Content-Type:text/plain");
                        echo $nonce;
                        exit;
                    } else { // we have a date, so check if the nonce is the one we set above
                        if (!wp_verify_nonce($wp_query->query_vars['wpnonce'], $wp_query->query_vars['sessionid'])) {
                           exit;
                        } else {
                            global $wpdb;
                            $table_name = $wpdb->prefix . 'gps_locations';

                            $wpdb->insert(
                        	$table_name,
                        	array(
                        		'latitude' => $wp_query->query_vars['latitude'],
                        		'longitude' => $wp_query->query_vars['longitude'],
                                'phone_number' => $wp_query->query_vars['phonenumber'],
                                'session_id' => $wp_query->query_vars['sessionid'],
                                'speed' => $wp_query->query_vars['speed'],
                                'direction' => $wp_query->query_vars['direction'],
                                'distance' => $wp_query->query_vars['distance'],
                                'gps_time' => $gps_time,
                                'location_method' => $wp_query->query_vars['locationmethod'],
                                'accuracy' => $wp_query->query_vars['accuracy'],
                                'extra_info' => $wp_query->query_vars['extrainfo'],
                                'event_type' => urldecode($wp_query->query_vars['eventtype'])
                        	),
                        	array(
                        		'%f', '%f', '%s', '%s', '%d', '%d', '%f', '%s', '%s', '%d', '%s', '%s'
                        	    )
                            );

                            header("Content-Type:text/plain");
                            echo 'data';
                            exit;
                       }
                    }
	$gps_time = urldecode($wp_query->query_vars['gpstime']);

	// gpstime of '0000-00-00 00:00:00' is how we determine if its a nonce request
	if ($gps_time == '0000-00-00 00:00:00') {
	$session_id = $wp_query->query_vars['sessionid'];
	$session_id_pattern = '[0-9a-fA-F]{8}(?:-[0-9a-fA-F]{4}){3}-[0-9a-fA-F]{12}';

	if (preg_match($session_id_pattern, $session_id)) {
	$wpnonce = wp_create_nonce($session_id);
	} else {
	$wpnonce = '0';
	}

	header("Content-Type:text/plain");
	echo $nonce;
	exit;
	} else { // we have a date, so check if the nonce is the one we set above
	if (!wp_verify_nonce($wp_query->query_vars['wpnonce'], $wp_query->query_vars['sessionid'])) {
	exit;
	} else {
	global $wpdb;
	$table_name = $wpdb->prefix . 'gps_locations';

	$wpdb->insert(
	$table_name,
	array(
	'latitude' => $wp_query->query_vars['latitude'],
	'longitude' => $wp_query->query_vars['longitude'],
	'phone_number' => $wp_query->query_vars['phonenumber'],
	'session_id' => $wp_query->query_vars['sessionid'],
	'speed' => $wp_query->query_vars['speed'],
	'direction' => $wp_query->query_vars['direction'],
	'distance' => $wp_query->query_vars['distance'],
	'gps_time' => $gps_time,
	'location_method' => $wp_query->query_vars['locationmethod'],
	'accuracy' => $wp_query->query_vars['accuracy'],
	'extra_info' => $wp_query->query_vars['extrainfo'],
	'event_type' => urldecode($wp_query->query_vars['eventtype'])
	),
	array(
	'%f', '%f', '%s', '%s', '%d', '%d', '%f', '%s', '%s', '%d', '%s', '%s'
	)
	);

	header("Content-Type:text/plain");
	echo 'data';
	exit;
	}
	}