forked from srajbr/OpenInviter
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathnotifier.php
69 lines (62 loc) · 2.43 KB
/
notifier.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
<?php
/*
* Created on Sep 3, 2008
*
* Owner: DORU
*/
class notifications_response
{
private $response="";
private $ersArray=array(
'method'=>array('code'=>'100','desc'=>'Invalid Method','fatal'=>false),
'headers'=>array('code'=>'101','desc'=>'Incomplete headers','fatal'=>true),
'post'=>array('code'=>'102','desc'=>'Invalid POST content','fatal'=>false),
'auth'=>array('code'=>'103','desc'=>'Bad authentification data','fatal'=>true),
'xml'=>array('code'=>'105','desc'=>'Invalid XML structure','fatal'=>true),
'api_version'=>array('code'=>'106', 'desc'=>'Invalid Api version please upgrade manually','fatal'=>true),
);
private $privateKey;
private $username;
private function getAuth()
{
include(dirname(__FILE__).'/config.php');
$this->privateKey=$openinviter_settings['private_key'];
$this->username=$openinviter_settings['username'];
global $HTTP_RAW_POST_DATA;
if ($_SERVER['REQUEST_METHOD']!='POST') $this->error('method');
if (!isset($_SERVER['HTTP_X_USER'])) $this->error('headers');
elseif (!isset($_SERVER['HTTP_X_SIGNATURE'])) $this->error('headers');
if (empty($HTTP_RAW_POST_DATA)) $this->error('post');
$this->user=htmlentities($_SERVER['HTTP_X_USER'],ENT_QUOTES);
$xml=trim(gzuncompress($HTTP_RAW_POST_DATA));
$signature=$_SERVER['HTTP_X_SIGNATURE'];
if ($this->username!=$this->user) $this->error('auth');
$signature_check=$this->makeSignature($this->privateKey,$xml);
if ($signature_check!=$signature) $this->error('auth');
if ($xml=='<notification>CHECK STATUS</notification>') $this->requestTypes='check';
elseif ($xml=='<notification>UPDATE</notification>') $this->requestTypes='update';
else $this->error['xml'];
return true;
}
public function response()
{
if ($this->getAuth())
{
if ($this->requestTypes=='update') { include('autoupdate.php'); return gzcompress("<response>NOTIFICATIONS OK</response>",9); }
elseif($this->requestTypes=='check') return gzcompress("<response>WAITING FOR UPDATES</response>",9);
}
else return false;
}
private function error($errorID,$header="HTTP/1.0 400 Bad Request")
{
$error=$this->ersArray[$errorID];
header($header);echo (gzcompress("<error>{$error['desc']}</error>",9));exit;
}
private function makeSignature($var1,$var2)
{
return md5(md5($var1).md5($var2));
}
}
$notifications=new notifications_response();
echo $notifications->response();
?>