0

我的问题是如何使用从其他站点收到的 php 读取标头信息。(我正在使用 patreon webhooks)文档页面说:

当这些事件之一发生时,我们的服务器将向您指定的 URL 发送 HTTP POST。此 HTTP POST 将包含来自 JSON 格式的用户操作的相关数据。它还将具有消息签名的标头
X-Patreon-Event: <trigger>
X-Patreon-Signature: <message signature>
,其中消息签名是使用您的 client_secret 签名的 JSON POST 正文 HMAC(使用 MD5)

这是我的代码:

<?php
logData("asd");
$headers = getallheaders();
$X_Patreon_Event = $headers['X-Patreon-Event'];
$X_Patreon_Signature = $headers['X-Patreon-Signature'];
logMusic(json_decode($X_Patreon_Event));
logMusic(json_decode($X_Patreon_Signature));
function logData($str){
    $url = '/var/www/websitelog.txt';
    $current = "$str\n";
    file_put_contents($url,$current,FILE_APPEND | LOCK_EX);
}
4

3 回答 3

3

getallheaders(自 PHP 5.4.0 起)会将所有标头作为关联数组返回...

$headers = getallheaders();

...然后您将能够检查以获取所需的标头值

$X_Patreon_Event = $headers['X-Patreon-Event'];
$X_Patreon_Signature = $headers['X-Patreon-Signature'];

旁注:getallheaders()功能可能不可用(例如,如果您的 Web 服务器是 nginx)。在这种情况下,您总是可以使用一小段代码重新实现该函数:Get the http headers from current request in PHP

于 2016-02-28T21:01:36.677 回答
2


我有一个使用 php 和 mysqli 的完整工作 webhook 页面,希望这会有所帮助
注意**您需要 php 5.6 >
才能使用我的实现所需的 mysql DB 表

/**

-- 餐桌顾客的餐桌结构

CREATE TABLE IF NOT EXISTS patrons (
patron_key bigint(20) NOT NULL AUTO_INCREMENT COMMENT 'key to row',
patron_id tinytext NOT NULL COMMENT 'patron id',
patron_fullname tinytext NOT NULL COMMENT 'fullname',
patron_firstname tinytext NOT NULL,
patron_lastname tinytext NOT NULL,
patron_email tinytext NOT NULL,
patron_image_url tinytext NOT NULL,
patron_pledge bigint(20) NOT NULL,
patron_list tinyint(4) NOT NULL COMMENT 'include in patrons honour list',
patron_decline tinytext,
PRIMARY KEY (patron_key)
) ENGINE=InnoDB DEFAULT CHARSET=latin1 AUTO_INCREMENT=1 ;

-- -- 表通知的表结构

CREATE TABLE IF NOT EXISTS notifications (
notification_id bigint(20) NOT NULL AUTO_INCREMENT,
notification_type tinytext NOT NULL,
notification text NOT NULL,
notification_action int(11) NOT NULL,
notification_date tinytext NOT NULL,
notification_archived tinytext NOT NULL,
PRIMARY KEY (notification_id)
) ENGINE=InnoDB DEFAULT CHARSET=latin1 AUTO_INCREMENT=1401 ;

*/

$secret_webhook_id = "your-secret-key-here";

/** get the headers */
$headers = getallheaders();
$X_Patreon_Event = $headers['X-Patreon-Event'];
$X_Patreon_Signature = $headers['X-Patreon-Signature'];

/** get the json body */
$body = @file_get_contents("php://input");

/** get json body as array */
$patron_data = json_decode($body, true);

/** compute an md5 hash using the body and your secret key */
$signature = hash_hmac('md5', $body, $secret_webhook_id);

/** Timing attack safe string comparison */
if (hash_equals ($X_Patreon_Signature, $signature)){

/** get the data from the json array - look for errors*/
if (isset($patron_data['included']) && isset($patron_data['data'])) {
$data             = $patron_data['data'];
$declined         = $data['attributes']['declined_since'];

/** stored as a string*/
$declined         = is_null($declined) ? "":$declined;

$included         = $patron_data['included'];
$patron_id        = $included[0]['id'];
$patron_full_name = $included[0]['attributes']['full_name'];
$patron_firstname = $included[0]['attributes']['first_name'];
$patron_lastname  = $included[0]['attributes']['last_name'];
$patron_email     = $included[0]['attributes']['email'];
$patron_image_url = $included[0]['attributes']['image_url'];
$pledge           = $included[1]['attributes']['amount_cents'];

/** select event for db insert/update/delete*/
switch ($X_Patreon_Event){
    case "pledges:create":
        $sql = "INSERT INTO patrons SET patron_id  = ?, patron_fullname = ?, patron_firstname = ?, patron_lastname = ?, patron_email = ?, patron_image_url = ?, patron_pledge = ?, patron_list = 1, patron_decline = ?";
        $stmt = $conn->prepare($sql);
        $stmt->bind_param("ssssssis", $patron_id, $patron_full_name, $patron_firstname, $patron_lastname, $patron_email, $patron_image_url, $pledge, $declined);
        if (!$stmt->execute()) {
            /** your_error_routine(__LINE__, __FILE__, $sql, $stmt->error); */
        }
        break;
    case "pledges:update":
        $sql = "UPDATE patrons SET patron_fullname = ?, patron_firstname = ?, patron_lastname = ?, patron_email = ?, patron_image_url = ?, patron_pledge = ?, patron_decline = ? WHERE patron_id = ?";
        $stmt = $conn->prepare($sql);
        $stmt->bind_param("sssssiss", $patron_full_name, $patron_firstname, $patron_lastname, $patron_email, $patron_image_url, $pledge, $declined, $patron_id);
        if (!$stmt->execute()) {
            /** your_error_routine(__LINE__, __FILE__, $sql, $stmt->error); */
        }
        break;
    case "pledges:delete":
        $sql = "DELETE FROM patrons WHERE patron_id = ?";
        $stmt = $conn->prepare($sql);
        $stmt->bind_param("s", $patron_id);
        if (!$stmt->execute()) {
             /** your_error_routine(__LINE__, __FILE__, $sql, $stmt->error); */
        }
        break;
}

/** now update your own admin notifications */
$notification = "Patreon Webhook update for: $patron_full_name - X_Patreon_Event: $X_Patreon_Event";
$sql = "INSERT INTO notifications SET notification_type = 'Patreon', notification = ?, notification_date = ".time();
$stmt = $conn->prepare($sql);
$stmt->bind_param("s", $notification);
if (!$stmt->execute()) {
    /** your_error_routine(__LINE__, __FILE__, $sql, $stmt->error); */
}

}

于 2017-11-05T19:40:56.297 回答
1

在你的脚本中写:

var_dump($_SERVER);

你会看到返回的变量。然后,您可以像访问数组一样访问它们。

正如在这里回答的那样, getallheaders() 就是您要寻找的。

并且由于它的 JSON,在这些变量上使用 json_decode(),阅读有关 json_decode/encode 的手册。

于 2016-02-28T21:00:50.260 回答