Changeset 10909
- Timestamp:
- 04/16/2021 04:18:55 AM (3 years ago)
- Location:
- sites/trunk/api.wordpress.org/public_html/dotorg/helpscout
- Files:
-
- 2 added
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
sites/trunk/api.wordpress.org/public_html/dotorg/helpscout/profile.php
r9811 r10909 2 2 // Simple profile lookup for HelpScout sidebar. Returns w.org links to HS for emails received. 3 3 4 $base_dir = dirname( dirname( __DIR__ ) ); 5 require( $base_dir . '/wp-init.php' ); 6 7 // function to verify signature from HelpScout 8 function isFromHelpScout($data, $signature) { 9 $calculated = base64_encode( hash_hmac( 'sha1', $data, HELPSCOUT_SECRET_KEY, true ) ); 10 return hash_equals( $signature, $calculated ); 11 } 12 13 // HelpScout sends json data in the POST, so grab it from the input directly 14 $data = file_get_contents( 'php://input' ); 15 16 // check the signature header 17 if ( ! isset( $_SERVER['HTTP_X_HELPSCOUT_SIGNATURE'] ) ) { 18 exit; 19 } 20 21 $signature = $_SERVER['HTTP_X_HELPSCOUT_SIGNATURE']; 22 if ( ! isFromHelpScout( $data, $signature ) ) { 23 // failure = no response 24 exit; 25 } 26 27 // get the info from HS 28 $request = json_decode( $data ); 4 // $request is the validated HelpScout request. 5 $request = include __DIR__ . '/common.php'; 29 6 30 7 // default empty output … … 46 23 47 24 // response to HS is just HTML to display in the sidebar 48 $response = array ('html' => $html);25 $response = array( 'html' => $html ); 49 26 50 27 echo json_encode( $response ); 51
Note: See TracChangeset
for help on using the changeset viewer.