standardebooks/web
1
0
Fork 0
mirror of https://github.com/standardebooks/web.git synced 2025-07-16 03:16:36 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions

Change secrets from being stored in flat files to being stored in PHP INI configuration

Browse source
This commit is contained in:
Alex Cabal 2022-07-02 13:36:46 -05:00
parent 9d36a7c013
commit 0875e697b4
10 changed files with 24 additions and 32 deletions
Download patch file Download diff file Expand all files Collapse all files

2
www/webhooks/zoho.php
View file

@ -23,7 +23,7 @@ try{
$post = file_get_contents('php://input');
// Validate the Zoho secret.
if(!hash_equals($_SERVER['HTTP_X_HOOK_SIGNATURE'], base64_encode(hash_hmac('sha256', $post, preg_replace("/[\r\n]/ius", '', file_get_contents(ZOHO_SECRET_FILE_PATH)), true)))){
if(!hash_equals($_SERVER['HTTP_X_HOOK_SIGNATURE'], base64_encode(hash_hmac('sha256', $post, get_cfg_var('se.secrets.zoho.webhook_secret'), true)))){
throw new Exceptions\InvalidCredentialsException();
}