1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
|
DEFINE CLASS WsOrder_Item AS Session OLEPUBLIC
ArtID = .NULL.
ArtQty = .NULL.
ENDDEFINE
DEFINE CLASS WsOrder_CodeDate AS Session OLEPUBLIC
ReturnCode = .NULL.
ReturnDate = .NULL.
* PROCEDURE init
* this.ReturnDate = DATETIME()
* ENDPROC
ENDDEFINE
DEFINE CLASS WsOrder AS Session OLEPUBLIC
DbfDirectory = .NULL.
OrderJounal = .NULL.
SecureKeyLifeTime = 300
ReturnValue = .NULL.
DIMENSION ReturnValue_COMATTRIB[4]
ReturnValue_COMATTRIB[1] = 0 && Full Access
ReturnValue_COMATTRIB[2] = "ReturnValue"
ReturnValue_COMATTRIB[3] = "RETURNVALUE" && Proper capitalization.
ReturnValue_COMATTRIB[4] = "WsOrder_CodeDate" && Data type
* FUNCTION - return the curent date
FUNCTION GetDate() AS Datetime
RETURN DATETIME()
ENDFUNC
* FUNCTION - try to add an orderline
*
* retuns code
* 0 : Failed
* 1 : Succeeded
*
* 400 : Wrong Access
* 404 : Wrong article(s)
* 500 : Wrong signature
* 501 : Wrong date
*
PROCEDURE PassOrder(tcUserID AS String, tcCode AS String, ttSentDate AS Datetime, tcKey AS String, taItems AS Dimension)
LOCAL liReturnCode AS Integer
liReturnCode = this.pPassOrder(tcUserID, tcCode, ttSentDate, tcKey, taItems)
this.ReturnValue = CREATEOBJECT("WsOrder_CodeDate")
this.ReturnValue.ReturnCode = liReturnCode
ENDPROC
FUNCTION pPassOrder(tcUserID AS String, tcCode AS String, ttSentDate AS Datetime, tcKey AS String, taItems AS Dimension) AS Integer
IF PCOUNT( ) <> 5
* wrong function signature
RETURN 500
ENDIF
* right function signature
IF (ttSentDate > DATETIME()) OR (ttSentDate < (DATETIME() - this.SecureKeyLifeTime))
* date out of valid range
RETURN 501
ENDIF
* date inside of valid range
USE this.DbfDirectory + "Cust.dbf"
LOCATE FOR Cust.CUSTID == tcUserID
IF !FOUND( )
* user not found
RETURN 400
ENDIF
* user found
LOCAL lcPassword AS String
STORE Cust.ECOM_PASS TO lcPassword
LOCAL lcCode AS String
* yyyymmddhhmmss + tcKey + lcPassword
lcCode = TTOC(ttSentDate) + tcKey + lcPassword
* check for code
LOCAL luMD5 AS MD5
luMD5 = CREATEOBJECT('MD5')
luMD5.tohash = lcCode
IF tcCode <> luMD5.compute()
* wrong access code
RETURN 400
ENDIF
* right access code
* check for user, date, key triplet uniquity
USE this.DbfDirectory + "SecureKeys.dbf"
LOCATE FOR (SecureKeys.CUSTID == tcUserID) AND (SecureKeys.USEDKEY == tcKey) AND (SecureKeys.USEDDATE = ttSentDate)
IF FOUND( )
* triplet non unique (potent hacking attempt)
RETURN 0
ENDIF
* triplet unique
* remove obsolete SecureKeys
DELETE FROM SecureKeys WHERE SecureKeys.USEDDATE < (DATETIME() - this.SecureKeyLifeTime)
* insert new triplet
APPEND BLANK
REPLACE SecureKeys.CUSTID WITH tcUserID, SecureKeys.USEDKEY WITH tcKey, SecureKeys.USEDDATE WITH ttSentDate
RETURN LEN(lcPassword)
RETURN ALEN(items)
ENDFUNC
ENDDEFINE |
[Visual FoxPro 9.0] Problème dll COM
Répondre avec citation
Partager