From 04dbe33ae74c93ca6ec4355a96349730b178e3e9 Mon Sep 17 00:00:00 2001
From: MarkusGaertner <mg@shopmodule.com>
Date: Fri, 20 Dec 2024 10:18:15 +0100
Subject: [PATCH] add/remove comments

---
 src/public/connect.php | 15 ++++++---------
 1 file changed, 6 insertions(+), 9 deletions(-)

diff --git a/src/public/connect.php b/src/public/connect.php
index d9d7255..f958931 100644
--- a/src/public/connect.php
+++ b/src/public/connect.php
@@ -218,16 +218,12 @@ MSQL;
 
     public function checkParameter()
     {
+        //todo add more check, maybe for methode
         $aParameter = $this->getParameter();
-        // todo check accesstoken
-        //fnc
-        //oxid
-        //
-
-        //simple check, should optimize
         $myConfig = Registry::getConfig();
-        $sSHOPCONNECTTOKEN = $myConfig->getConfigParam("d3xrechnung_SHOPCONNECTTOKEN");
-
+        $sSHOPCONNECTTOKEN = md5($aParameter['OXID'].$myConfig->getConfigParam("d3xrechnung_SHOPCONNECTTOKEN"). $aParameter['OXID']);
+        //dumpvar($aParameter,true);
+        //dumpvar($sSHOPCONNECTTOKEN,true);
         if($aParameter['ID'] != $sSHOPCONNECTTOKEN)
         {
             return false;
@@ -237,8 +233,9 @@ MSQL;
 
     public function getParameter()
     {
+        //todo maybe to some sanitize
        return array(
-           'SecureID' => $_GET['ID'],
+           'ID' => $_GET['ID'],
            'FNC' => $_GET['FNC'],
            'OXID' => $_GET['OXID'],
        );