From 66d4554d0a88d6f1c51d02741aa6d9785b2afcdb Mon Sep 17 00:00:00 2001
From: Remo Zaros <remo@localhost.localdomain>
Date: Thu, 7 May 2026 17:51:53 +0200
Subject: [PATCH] make nonce, add verification functions

---
 session_dialog.php | 61 +++++++++++++++++++++++++++++++++++++---------
 1 file changed, 50 insertions(+), 11 deletions(-)

diff --git a/session_dialog.php b/session_dialog.php
index 06e362a..7823056 100644
--- a/session_dialog.php
+++ b/session_dialog.php
@@ -57,16 +57,19 @@ function send_postcode_data()
 function render_dialog_html()
 {
     ?>
-    <dialog id="postcode_modal" class="postcode_modal">
+    <dialog id="postcode_modal" class="postcode_modal" closedby="none">
+        <h2>Vul je postcode en huisnummer in.</h2>
         <form id="postcode_modal_form" method="post" action="">
             <input type="text" name="postcode"
                title="Voer een geldige Nederlandse postcode in (bijv. 1234AB of 1234 AB)."
                pattern="[1-9][0-9]{3} ?(?!sa|sd|ss)[a-zA-Z]{2}"
+               placeholder= "1010 AA"
             />
 
             <input type="text" name="huisnummer"
                 pattern="\d+([-\s]?[a-zA-Z]+)?"
                 title="Voer een geldig huisnummer in (bijv. 1, 1A, 1-A, 1a)."
+                placeholder= "12a"
             />
             <button id="postcode_modal_submit" type="submit">verzend</button>
         <form>
@@ -84,23 +87,20 @@ function has_postcode()
 
 function handle_postcode_modal($data)
 {
-    $headers = $data->get_headers();
     $params = $data->get_params();
-    $nonce = $headers["X-WP-Nonce"];
+    $nonce = $data->get_header("X-WP-Nonce");
 
-    if (!wp_verify_nonce($nonce, "wp_rest")) {
+    if (wp_verify_nonce($nonce, "wp_rest")) {
         $resp = [
             "status" => "succes",
             "message" => $nonce,
         ];
-        echo json_encode($resp);
-        exit();
+    } else {
+        $resp = [
+            "status" => "error",
+            "message" => "nononce",
+        ];
     }
-
-    $resp = [
-        "status" => "error",
-        "message" => "nonce do",
-    ];
     echo json_encode($resp);
     exit();
 }
@@ -112,3 +112,42 @@ function register_modal_api()
         "callback" => "handle_postcode_modal",
     ]);
 }
+
+function verifyPostcode()
+{
+    if (preg_match('/^[0-9]{4}\s?[A-Za-z]{2}$/', $postcode)) {
+        return true;
+    }
+    return false;
+}
+
+function verifyHuisnummer() {}
+
+function check_data_at_openpostcode($oostcode, $huisnummer)
+{
+    $urk =
+        "https//openpostcode.nl/api/v2/address?postcode=" .
+        $postcode .
+        "&" .
+        $huisnummer;
+    $options = [
+        "http" => [
+            "method" => "GET",
+            "header" => "Accept: application/json\r\n",
+        ],
+        "ssl" => [
+            "verify_peer" => true,
+            "verify_peer_name" => true,
+        ],
+    ];
+
+    $context = stream_context_create($options);
+    $response = file_get_contents($url, false, $context);
+
+    if ($response === false) {
+        // Handle error
+    } else {
+        $data = json_decode($response, true);
+    }
+    return data;
+}