Merge branch 'master' of github.com:londonhackspace/hackspace-foundat…

…ion-sites
londonhackspace · May 1, 2016 · cc8378d · cc8378d
2 parents a301090 + b98b73e
commit cc8378d
Show file tree

Hide file tree

Showing 5 changed files with 30 additions and 14 deletions.
diff --git a/lib/init.php b/lib/init.php
@@ -54,3 +54,26 @@ function send404($message) {
   echo $message;
   exit;
 }
+
+// Throw an exception if the card UID is invalid
+function validateCardUID($uid) {
+    if ($uid == '21222324' || $uid == '01020304') {
+        /* Some Visa cards issued around 2013 return 21222324, presumably for privacy.
+         * Android phones always return 01020304. */
+        throw new fValidationException('Non-unique UID. This card cannot be added to the system.');
+    }
+
+    // Random IDs are 4 bytes long and start with 0x08
+    // http://www.nxp.com/documents/application_note/AN10927.pdf
+    if(strlen($uid) === 8 && substr($uid,0,2) === "08") {
+        throw new fValidationException('ID is randomly generated and will change every time the card is used!');
+    }
+
+    if(strlen($uid) === 8 && substr($uid,0,2) === "88") {
+        throw new fValidationException('Card UID\'s can\'t start with 88');
+    }
+
+    if(strlen($uid) > 8 && substr($uid,6,8) === "88") {
+        throw new fValidationException('Can\'t have cards with long uid\'s and UID3 == 88');
+    }
+}
diff --git a/london.hackspace.org.uk/kiosk/addcard.php b/london.hackspace.org.uk/kiosk/addcard.php
@@ -12,10 +12,7 @@
         $validator->validate();
 
         $uid = strtoupper($_POST['uid']);
-        if ($uid == '21222324') {
-            /* New Visa cards return this, presumably for privacy */
-            throw new fValidationException('Non-unique UID. This card cannot be added to the system.');
-        }
+        validateCardUID($uid);
 
         // Random IDs are 4 bytes long and start with 0x08
         // http://www.nxp.com/documents/application_note/AN10927.pdf

diff --git a/london.hackspace.org.uk/login_and_addcard.php b/london.hackspace.org.uk/login_and_addcard.php
@@ -23,10 +23,7 @@
         $validator->validate();
 
         $uid = strtoupper($_POST['uid']);
-        if ($uid == '21222324') {
-            /* New Visa cards return this, presumably for privacy */
-            throw new fValidationException('Non-unique UID. This card cannot be added to the system.');
-        }
+        validateCardUID($uid);
 
         // Random IDs are 4 bytes long and start with 0x08
         // http://www.nxp.com/documents/application_note/AN10927.pdf

diff --git a/london.hackspace.org.uk/members/addcard.php b/london.hackspace.org.uk/members/addcard.php
@@ -19,11 +19,8 @@
         $validator->validate();
 
         $uid = strtoupper($_POST['uid']);
-        if ($uid == '21222324') {
-            /* New Visa cards return this, presumably for privacy */
-            throw new fValidationException('Non-unique UID. This card cannot be added to the system.');
-        }
-
+        validateCardUID($uid);
+
         $card = new Card();
         $card->setUserId($user->getId());
         $card->setAddedDate(time());

diff --git a/london.hackspace.org.uk/members/webcams.php b/london.hackspace.org.uk/members/webcams.php
@@ -9,7 +9,9 @@
   3 => "Main Room",
   6 => "Classroom",
   5 => "Workshop",
-  1 => "Back Gate"
+  1 => "Back Gate",
+  8 => "Back Door",
+  9 => "Quiet Room"
 );
 
 if (!isset($user) || !$user->isMember()) {