Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
E
E
Eugene2018-06-27 09:56:22
Yii
Eugene, 2018-06-27 09:56:22

Is it possible to confirm the letter within two hours?

The bottom line is, the client is sent a letter and he needs to confirm it.

Чтобы подтвердить  <a href="http://med.maz.by/site/confim?secretkey=<?=$secretkey;?>">нажмите здесь.</a>

Where is secret key
$secretkey = Yii::$app->security->hashData($id, '8036121');

In Action, I just get the order ID using validateData and change the status to 1.
But now the problem is that the client can confirm both after 8 hours and after 12.
And we need it to be valid within two hours from sending him a letter.
As I understand it, in the letter, the current date should be sent as a get-parameter.
And then, when confirming, check the difference between the time when it confirms and the time that the get flies, and if we allow more than two hours, then display another view that the confirmation time has expired.
Or are there other options?

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

3 answer(s)
Report
D
Dmitry Kim, 2018-06-27
@evgen9586 

$token = Yii::$app->security->hashData(time().'|'.$id, 'secret-key');

$data = Yii::$app->security->validateData($token, 'secret-key');
try {
  list($time, $id) = explode('|', $data);
  $model = MyModel::findOne($id);
  if (null === $model || time() > $time + 2 * 3600) {
    throw new Exception();
  }
}
catch (Exception $e) {
  echo 'Token invalid';
}

Report
M
Maxim Fedorov, 2018-06-27
@qonand

1. Generate a secretKey and save it along with the date and time of generation
2. Send an email with a link to the client
3. When the client follows the link, check if the specified secretKey exists and if its date has expired.
4. Depending on the result of the check, display the desired page

Report
M
Maxim Timofeev, 2018-06-27
@webinar

I don't see the point in messing with the database. It is necessary to form a link with id, time and token for verification

$secret = 'some string';
$i = $model->id;
$time = strtotime('now');
$token = md5($i.$time.$secret);
$url = Url::toRoute([
      'controller/action', 
      'i' => $id,
      't' => $time,
      's' => $token,
]);

and when accessing such a link, we check the token, if the token is valid, we check the transferred time, etc.

Similar questions
Y
Yura Mailler2021-04-01 17:40:00
How to hide buttons in a VK bot and enable others? 3Reply
N
nSnayp2014-07-03 17:36:25
What to use for IOS Android development? 4Reply
S
shaivam2015-06-12 15:18:38
What are the requirements for software and network for working with state secrets? 5Reply
M
Maxim2016-06-28 16:09:44
Error when migrating yii2 to hosting? 1Reply
A
AlexSer2020-09-29 08:33:06
How to make the controller in yii2 check the version of the widget? 0Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question