如何处理收到的 HTTP Header
How to handle received HTTP Header
我的问题是如何使用从其他站点接收到的 php 信息来读取 header 信息。 (我正在使用 patreon webhooks)
文档页面说:
When one of these events occurs, our servers will send an HTTP POST to a URL you specify. This HTTP POST will contain the relevant data from the user action in JSON format. It will also have headers
X-Patreon-Event: <trigger>
X-Patreon-Signature: <message signature>
where the message signature is the JSON POST body HMAC signed (with MD5) with your client_secret
这是我的代码:
<?php
logData("asd");
$headers = getallheaders();
$X_Patreon_Event = $headers['X-Patreon-Event'];
$X_Patreon_Signature = $headers['X-Patreon-Signature'];
logMusic(json_decode($X_Patreon_Event));
logMusic(json_decode($X_Patreon_Signature));
function logData($str){
$url = '/var/www/websitelog.txt';
$current = "$str\n";
file_put_contents($url,$current,FILE_APPEND | LOCK_EX);
}
在你的脚本中写:
var_dump($_SERVER);
你会看到返回的变量。然后您可以像访问数组一样访问它们。
正如此处的回答,getallheaders() 是您要查找的内容。
并且由于其 JSON,请在这些变量上使用 json_decode(),请阅读有关 json_decode/encode 的手册。
getallheaders(自 PHP 5.4.0 起)将 return 所有 headers 作为关联数组...
$headers = getallheaders();
...然后您将能够检查以获取所需的 headers 值
$X_Patreon_Event = $headers['X-Patreon-Event'];
$X_Patreon_Signature = $headers['X-Patreon-Signature'];
旁注:getallheaders() 功能可能不可用(例如,如果您的网络服务器是 nginx)。在那种情况下,您总是可以 re-implement 使用一小段代码的函数:Get the http headers from current request in PHP
我有一个完全可用的 webhooks 页面使用 php 和 mysql我希望这有帮助
注意** 您需要 php 5.6 > 才能正常工作
我的实施需要
mysql 数据库 table
/**
-- Table table 赞助人的结构
CREATE TABLE IF NOT EXISTS patrons (
patron_key bigint(20) NOT NULL AUTO_INCREMENT COMMENT 'key to row',
patron_id tinytext NOT NULL COMMENT 'patron id',
patron_fullname tinytext NOT NULL COMMENT 'fullname',
patron_firstname tinytext NOT NULL,
patron_lastname tinytext NOT NULL,
patron_email tinytext NOT NULL,
patron_image_url tinytext NOT NULL,
patron_pledge bigint(20) NOT NULL,
patron_list tinyint(4) NOT NULL COMMENT 'include in patrons honour list',
patron_decline tinytext,
PRIMARY KEY (patron_key)
) ENGINE=InnoDB DEFAULT CHARSET=latin1 AUTO_INCREMENT=1 ;
--
-- Table table 通知的结构
CREATE TABLE IF NOT EXISTS notifications (
notification_id bigint(20) NOT NULL AUTO_INCREMENT,
notification_type tinytext NOT NULL,
notification text NOT NULL,
notification_action int(11) NOT NULL,
notification_date tinytext NOT NULL,
notification_archived tinytext NOT NULL,
PRIMARY KEY (notification_id)
) ENGINE=InnoDB DEFAULT CHARSET=latin1 AUTO_INCREMENT=1401 ;
*/
$secret_webhook_id = "your-secret-key-here";
/** get the headers */
$headers = getallheaders();
$X_Patreon_Event = $headers['X-Patreon-Event'];
$X_Patreon_Signature = $headers['X-Patreon-Signature'];
/** get the json body */
$body = @file_get_contents("php://input");
/** get json body as array */
$patron_data = json_decode($body, true);
/** compute an md5 hash using the body and your secret key */
$signature = hash_hmac('md5', $body, $secret_webhook_id);
/** Timing attack safe string comparison */
if (hash_equals ($X_Patreon_Signature, $signature)){
/** get the data from the json array - look for errors*/
if (isset($patron_data['included']) && isset($patron_data['data'])) {
$data = $patron_data['data'];
$declined = $data['attributes']['declined_since'];
/** stored as a string*/
$declined = is_null($declined) ? "":$declined;
$included = $patron_data['included'];
$patron_id = $included[0]['id'];
$patron_full_name = $included[0]['attributes']['full_name'];
$patron_firstname = $included[0]['attributes']['first_name'];
$patron_lastname = $included[0]['attributes']['last_name'];
$patron_email = $included[0]['attributes']['email'];
$patron_image_url = $included[0]['attributes']['image_url'];
$pledge = $included[1]['attributes']['amount_cents'];
/** select event for db insert/update/delete*/
switch ($X_Patreon_Event){
case "pledges:create":
$sql = "INSERT INTO patrons SET patron_id = ?, patron_fullname = ?, patron_firstname = ?, patron_lastname = ?, patron_email = ?, patron_image_url = ?, patron_pledge = ?, patron_list = 1, patron_decline = ?";
$stmt = $conn->prepare($sql);
$stmt->bind_param("ssssssis", $patron_id, $patron_full_name, $patron_firstname, $patron_lastname, $patron_email, $patron_image_url, $pledge, $declined);
if (!$stmt->execute()) {
/** your_error_routine(__LINE__, __FILE__, $sql, $stmt->error); */
}
break;
case "pledges:update":
$sql = "UPDATE patrons SET patron_fullname = ?, patron_firstname = ?, patron_lastname = ?, patron_email = ?, patron_image_url = ?, patron_pledge = ?, patron_decline = ? WHERE patron_id = ?";
$stmt = $conn->prepare($sql);
$stmt->bind_param("sssssiss", $patron_full_name, $patron_firstname, $patron_lastname, $patron_email, $patron_image_url, $pledge, $declined, $patron_id);
if (!$stmt->execute()) {
/** your_error_routine(__LINE__, __FILE__, $sql, $stmt->error); */
}
break;
case "pledges:delete":
$sql = "DELETE FROM patrons WHERE patron_id = ?";
$stmt = $conn->prepare($sql);
$stmt->bind_param("s", $patron_id);
if (!$stmt->execute()) {
/** your_error_routine(__LINE__, __FILE__, $sql, $stmt->error); */
}
break;
}
/** now update your own admin notifications */
$notification = "Patreon Webhook update for: $patron_full_name - X_Patreon_Event: $X_Patreon_Event";
$sql = "INSERT INTO notifications SET notification_type = 'Patreon', notification = ?, notification_date = ".time();
$stmt = $conn->prepare($sql);
$stmt->bind_param("s", $notification);
if (!$stmt->execute()) {
/** your_error_routine(__LINE__, __FILE__, $sql, $stmt->error); */
}
}
我的问题是如何使用从其他站点接收到的 php 信息来读取 header 信息。 (我正在使用 patreon webhooks) 文档页面说:
When one of these events occurs, our servers will send an HTTP POST to a URL you specify. This HTTP POST will contain the relevant data from the user action in JSON format. It will also have headers
X-Patreon-Event:<trigger>
X-Patreon-Signature:<message signature>
where the message signature is the JSON POST body HMAC signed (with MD5) with your client_secret
这是我的代码:
<?php
logData("asd");
$headers = getallheaders();
$X_Patreon_Event = $headers['X-Patreon-Event'];
$X_Patreon_Signature = $headers['X-Patreon-Signature'];
logMusic(json_decode($X_Patreon_Event));
logMusic(json_decode($X_Patreon_Signature));
function logData($str){
$url = '/var/www/websitelog.txt';
$current = "$str\n";
file_put_contents($url,$current,FILE_APPEND | LOCK_EX);
}
在你的脚本中写:
var_dump($_SERVER);
你会看到返回的变量。然后您可以像访问数组一样访问它们。
正如此处的回答,getallheaders() 是您要查找的内容。
并且由于其 JSON,请在这些变量上使用 json_decode(),请阅读有关 json_decode/encode 的手册。
getallheaders(自 PHP 5.4.0 起)将 return 所有 headers 作为关联数组...
$headers = getallheaders();
...然后您将能够检查以获取所需的 headers 值
$X_Patreon_Event = $headers['X-Patreon-Event'];
$X_Patreon_Signature = $headers['X-Patreon-Signature'];
旁注:getallheaders() 功能可能不可用(例如,如果您的网络服务器是 nginx)。在那种情况下,您总是可以 re-implement 使用一小段代码的函数:Get the http headers from current request in PHP
我有一个完全可用的 webhooks 页面使用 php 和 mysql我希望这有帮助
注意** 您需要 php 5.6 > 才能正常工作
我的实施需要
mysql 数据库 table
/**
-- Table table 赞助人的结构
CREATE TABLE IF NOT EXISTS patrons (
patron_key bigint(20) NOT NULL AUTO_INCREMENT COMMENT 'key to row',
patron_id tinytext NOT NULL COMMENT 'patron id',
patron_fullname tinytext NOT NULL COMMENT 'fullname',
patron_firstname tinytext NOT NULL,
patron_lastname tinytext NOT NULL,
patron_email tinytext NOT NULL,
patron_image_url tinytext NOT NULL,
patron_pledge bigint(20) NOT NULL,
patron_list tinyint(4) NOT NULL COMMENT 'include in patrons honour list',
patron_decline tinytext,
PRIMARY KEY (patron_key)
) ENGINE=InnoDB DEFAULT CHARSET=latin1 AUTO_INCREMENT=1 ;
-- -- Table table 通知的结构
CREATE TABLE IF NOT EXISTS notifications (
notification_id bigint(20) NOT NULL AUTO_INCREMENT,
notification_type tinytext NOT NULL,
notification text NOT NULL,
notification_action int(11) NOT NULL,
notification_date tinytext NOT NULL,
notification_archived tinytext NOT NULL,
PRIMARY KEY (notification_id)
) ENGINE=InnoDB DEFAULT CHARSET=latin1 AUTO_INCREMENT=1401 ;
*/
$secret_webhook_id = "your-secret-key-here";
/** get the headers */
$headers = getallheaders();
$X_Patreon_Event = $headers['X-Patreon-Event'];
$X_Patreon_Signature = $headers['X-Patreon-Signature'];
/** get the json body */
$body = @file_get_contents("php://input");
/** get json body as array */
$patron_data = json_decode($body, true);
/** compute an md5 hash using the body and your secret key */
$signature = hash_hmac('md5', $body, $secret_webhook_id);
/** Timing attack safe string comparison */
if (hash_equals ($X_Patreon_Signature, $signature)){
/** get the data from the json array - look for errors*/
if (isset($patron_data['included']) && isset($patron_data['data'])) {
$data = $patron_data['data'];
$declined = $data['attributes']['declined_since'];
/** stored as a string*/
$declined = is_null($declined) ? "":$declined;
$included = $patron_data['included'];
$patron_id = $included[0]['id'];
$patron_full_name = $included[0]['attributes']['full_name'];
$patron_firstname = $included[0]['attributes']['first_name'];
$patron_lastname = $included[0]['attributes']['last_name'];
$patron_email = $included[0]['attributes']['email'];
$patron_image_url = $included[0]['attributes']['image_url'];
$pledge = $included[1]['attributes']['amount_cents'];
/** select event for db insert/update/delete*/
switch ($X_Patreon_Event){
case "pledges:create":
$sql = "INSERT INTO patrons SET patron_id = ?, patron_fullname = ?, patron_firstname = ?, patron_lastname = ?, patron_email = ?, patron_image_url = ?, patron_pledge = ?, patron_list = 1, patron_decline = ?";
$stmt = $conn->prepare($sql);
$stmt->bind_param("ssssssis", $patron_id, $patron_full_name, $patron_firstname, $patron_lastname, $patron_email, $patron_image_url, $pledge, $declined);
if (!$stmt->execute()) {
/** your_error_routine(__LINE__, __FILE__, $sql, $stmt->error); */
}
break;
case "pledges:update":
$sql = "UPDATE patrons SET patron_fullname = ?, patron_firstname = ?, patron_lastname = ?, patron_email = ?, patron_image_url = ?, patron_pledge = ?, patron_decline = ? WHERE patron_id = ?";
$stmt = $conn->prepare($sql);
$stmt->bind_param("sssssiss", $patron_full_name, $patron_firstname, $patron_lastname, $patron_email, $patron_image_url, $pledge, $declined, $patron_id);
if (!$stmt->execute()) {
/** your_error_routine(__LINE__, __FILE__, $sql, $stmt->error); */
}
break;
case "pledges:delete":
$sql = "DELETE FROM patrons WHERE patron_id = ?";
$stmt = $conn->prepare($sql);
$stmt->bind_param("s", $patron_id);
if (!$stmt->execute()) {
/** your_error_routine(__LINE__, __FILE__, $sql, $stmt->error); */
}
break;
}
/** now update your own admin notifications */
$notification = "Patreon Webhook update for: $patron_full_name - X_Patreon_Event: $X_Patreon_Event";
$sql = "INSERT INTO notifications SET notification_type = 'Patreon', notification = ?, notification_date = ".time();
$stmt = $conn->prepare($sql);
$stmt->bind_param("s", $notification);
if (!$stmt->execute()) {
/** your_error_routine(__LINE__, __FILE__, $sql, $stmt->error); */
}
}