de/d76/Nonce_8php_source.html

 <?php

 require_once 'Auth/OpenID/CryptUtil.php';

 define('Auth_OpenID_Nonce_CHRS',"abcdefghijklmnopqrstuvwxyz" .
        "ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789");

 // Keep nonces for five hours (allow five hours for the combination of
 // request time and clock skew). This is probably way more than is
 // necessary, but there is not much overhead in storing nonces.
 global $Auth_OpenID_SKEW;
 $Auth_OpenID_SKEW = 60 * 60 * 5;

 define('Auth_OpenID_Nonce_REGEX',
        '/(\d{4})-(\d\d)-(\d\d)T(\d\d):(\d\d):(\d\d)Z(.*)/');

 define('Auth_OpenID_Nonce_TIME_FMT',
        '%Y-%m-%dT%H:%M:%SZ');

 function Auth_OpenID_splitNonce($nonce_string)
 {
     // Extract a timestamp from the given nonce string
     $result = preg_match(Auth_OpenID_Nonce_REGEX, $nonce_string, $matches);
     if ($result != 1 || count($matches) != 8) {
         return null;
     }

     list($unused,
          $tm_year,
          $tm_mon,
          $tm_mday,
          $tm_hour,
          $tm_min,
          $tm_sec,
          $uniquifier) = $matches;

     $timestamp =
         @gmmktime($tm_hour, $tm_min, $tm_sec, $tm_mon, $tm_mday, $tm_year);

     if ($timestamp === false || $timestamp < 0) {
         return null;
     }

     return array($timestamp, $uniquifier);
 }

 function Auth_OpenID_checkTimestamp($nonce_string,
                                     $allowed_skew = null,
                                     $now = null)
 {
     // Is the timestamp that is part of the specified nonce string
     // within the allowed clock-skew of the current time?
     global $Auth_OpenID_SKEW;

     if ($allowed_skew === null) {
         $allowed_skew = $Auth_OpenID_SKEW;
     }

     $parts = Auth_OpenID_splitNonce($nonce_string);
     if ($parts == null) {
         return false;
     }

     if ($now === null) {
         $now = time();
     }

     $stamp = $parts[0];

     // Time after which we should not use the nonce
     $past = $now - $allowed_skew;

     // Time that is too far in the future for us to allow
     $future = $now + $allowed_skew;

     // the stamp is not too far in the future and is not too far
     // in the past
     return (($past <= $stamp) && ($stamp <= $future));
 }

 function Auth_OpenID_mkNonce($when = null)
 {
     // Generate a nonce with the current timestamp
     $salt = Auth_OpenID_CryptUtil::randomString(
         6, Auth_OpenID_Nonce_CHRS);
     if ($when === null) {
         // It's safe to call time() with no arguments; it returns a
         // GMT unix timestamp on PHP 4 and PHP 5.  gmmktime() with no
         // args returns a local unix timestamp on PHP 4, so don't use
         // that.
         $when = time();
     }
     $time_str = gmstrftime(Auth_OpenID_Nonce_TIME_FMT, $when);
     return $time_str . $salt;
 }

$result
$result
Definition: CleanUpTest.php:407

Auth_OpenID_splitNonce
Auth_OpenID_splitNonce($nonce_string)
Definition: Nonce.php:30

Auth_OpenID_Nonce_CHRS
const Auth_OpenID_Nonce_CHRS
Need CryptUtil to generate random strings.
Definition: Nonce.php:17

Auth_OpenID_CryptUtil\randomString
static randomString($length, $population=null)
Produce a string of length random bytes, chosen from chrs.
Definition: CryptUtil.php:80

$timestamp
foreach($mandatory_scripts as $file) $timestamp
Definition: buildRTE.php:81

Auth_OpenID_mkNonce
Auth_OpenID_mkNonce($when=null)
Definition: Nonce.php:91

$Auth_OpenID_SKEW
global $Auth_OpenID_SKEW
Definition: Nonce.php:23

Auth_OpenID_Nonce_REGEX
const Auth_OpenID_Nonce_REGEX
Definition: Nonce.php:26

Auth_OpenID_Nonce_TIME_FMT
const Auth_OpenID_Nonce_TIME_FMT
Definition: Nonce.php:28

Auth_OpenID_checkTimestamp
Auth_OpenID_checkTimestamp($nonce_string, $allowed_skew=null, $now=null)
Definition: Nonce.php:57