Change secrets from being stored in flat files to being stored in PHP INI configuration

www/webhooks/github.php

@@ -28,7 +28,7 @@ try{
 	$hashAlgorithm = $splitHash[0];
 	$hash = $splitHash[1];
 
-	if(!hash_equals($hash, hash_hmac($hashAlgorithm, $post, preg_replace("/[\r\n]/ius", '', file_get_contents(GITHUB_SECRET_FILE_PATH))))){
+	if(!hash_equals($hash, hash_hmac($hashAlgorithm, $post, get_cfg_var('se.secrets.github.se_vcs_bot.secret')))){
 		throw new Exceptions\InvalidCredentialsException();
 	}
 

www/webhooks/postmark.php

@@ -11,7 +11,7 @@ use function Safe\substr;
 $log = new Log(POSTMARK_WEBHOOK_LOG_FILE_PATH);
 
 try{
-	$smtpUsername = trim(file_get_contents(POSTMARK_SECRET_FILE_PATH));
+	$smtpUsername = get_cfg_var('se.secrets.postmark.username');
 
 	$log->Write('Received Postmark webhook.');
 
@@ -19,7 +19,7 @@ try{
 		throw new Exceptions\WebhookException('Expected HTTP POST.');
 	}
 
-	$apiKey = trim(file_get_contents(SITE_ROOT . '/config/secrets/webhooks@postmarkapp.com'));
+	$apiKey = get_cfg_var('se.secrets.postmark.api_key');
 
 	// Ensure this webhook actually came from Postmark
 	if($apiKey != ($_SERVER['HTTP_X_SE_KEY'] ?? '')){

www/webhooks/zoho.php

@@ -23,7 +23,7 @@ try{
 	$post = file_get_contents('php://input');
 
 	// Validate the Zoho secret.
-	if(!hash_equals($_SERVER['HTTP_X_HOOK_SIGNATURE'], base64_encode(hash_hmac('sha256', $post, preg_replace("/[\r\n]/ius", '', file_get_contents(ZOHO_SECRET_FILE_PATH)), true)))){
+	if(!hash_equals($_SERVER['HTTP_X_HOOK_SIGNATURE'], base64_encode(hash_hmac('sha256', $post, get_cfg_var('se.secrets.zoho.webhook_secret'), true)))){
 		throw new Exceptions\InvalidCredentialsException();
 	}