make nonce, add verification functions

2026-05-07 17:51:53 +02:00
parent ec5186f811
commit 66d4554d0a
1 changed files with 50 additions and 11 deletions
--- a/session_dialog.php
+++ b/session_dialog.php
@@ -57,16 +57,19 @@ function send_postcode_data()
 function render_dialog_html()
 {
    ?>
-    <dialog id="postcode_modal" class="postcode_modal">
+    <dialog id="postcode_modal" class="postcode_modal" closedby="none">
        <h2>Vul je postcode en huisnummer in.</h2>
        <form id="postcode_modal_form" method="post" action="">
            <input type="text" name="postcode"
               title="Voer een geldige Nederlandse postcode in (bijv. 1234AB of 1234 AB)."
               pattern="[1-9][0-9]{3} ?(?!sa|sd|ss)[a-zA-Z]{2}"
               placeholder= "1010 AA"
            />
            <input type="text" name="huisnummer"
                pattern="\d+([-\s]?[a-zA-Z]+)?"
                title="Voer een geldig huisnummer in (bijv. 1, 1A, 1-A, 1a)."
                placeholder= "12a"
            />
            <button id="postcode_modal_submit" type="submit">verzend</button>
        <form>
@@ -84,23 +87,20 @@ function has_postcode()
 function handle_postcode_modal($data)
 {
    $headers = $data->get_headers();
    $params = $data->get_params();
-    $nonce = $headers["X-WP-Nonce"];
+    $nonce = $data->get_header("X-WP-Nonce");
-    if (!wp_verify_nonce($nonce, "wp_rest")) {
+    if (wp_verify_nonce($nonce, "wp_rest")) {
        $resp = [
            "status" => "succes",
            "message" => $nonce,
        ];
-        echo json_encode($resp);
+    } else {
        exit();
    }
        $resp = [
            "status" => "error",
-        "message" => "nonce do",
+            "message" => "nononce",
        ];
    }
    echo json_encode($resp);
    exit();
 }
@@ -112,3 +112,42 @@ function register_modal_api()
        "callback" => "handle_postcode_modal",
    ]);
 }
 function verifyPostcode()
 {
    if (preg_match('/^[0-9]{4}\s?[A-Za-z]{2}$/', $postcode)) {
        return true;
    }
    return false;
 }
 function verifyHuisnummer() {}
 function check_data_at_openpostcode($oostcode, $huisnummer)
 {
    $urk =
        "https//openpostcode.nl/api/v2/address?postcode=" .
        $postcode .
        "&" .
        $huisnummer;
    $options = [
        "http" => [
            "method" => "GET",
            "header" => "Accept: application/json\r\n",
        ],
        "ssl" => [
            "verify_peer" => true,
            "verify_peer_name" => true,
        ],
    ];
    $context = stream_context_create($options);
    $response = file_get_contents($url, false, $context);
    if ($response === false) {
        // Handle error
    } else {
        $data = json_decode($response, true);
    }
    return data;
 }