standardebooks/web
1
0
Fork 0
mirror of https://github.com/standardebooks/web.git synced 2025-07-10 00:30:28 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions

Update PHPStan and Safe PHP, and review codebase for further type correctness

Browse source
This commit is contained in:
Alex Cabal 2025-02-25 22:09:35 -06:00
parent e2e14a3551
commit 9d1b66d19e
35 changed files with 301 additions and 169 deletions
Download patch file Download diff file Expand all files Collapse all files

9
www/webhooks/zoho.php
View file

@ -1,12 +1,13 @@
<?
use function Safe\file_get_contents;
use function Safe\get_cfg_var;
use function Safe\preg_match;
use function Safe\json_decode;
// This webhook receives POSTs when email from a Fractured Atlas donation is received at the SE Zoho email account. This script processes the email, and inserts the donation ID into the database for later processing by `~se/web/scripts/process-pending-payments`.
try{
$log = new Log(ZOHO_WEBHOOK_LOG_FILE_PATH);
$log = new Log(ZOHO_WEBHOOK_LOG_FILE_PATH);
try{
HttpInput::ValidateRequestMethod([Enums\HttpMethod::Post]);
$log->Write('Received Zoho webhook.');
@ -17,7 +18,9 @@ try{
/** @var string $zohoWebhookSecret */
$zohoWebhookSecret = get_cfg_var('se.secrets.zoho.webhook_secret');
if(!hash_equals($_SERVER['HTTP_X_HOOK_SIGNATURE'], base64_encode(hash_hmac('sha256', $post, $zohoWebhookSecret, true)))){
/** @var string $zohoHookSignature */
$zohoHookSignature = $_SERVER['HTTP_X_HOOK_SIGNATURE'];
if(!hash_equals($zohoHookSignature, base64_encode(hash_hmac('sha256', $post, $zohoWebhookSecret, true)))){
throw new Exceptions\InvalidCredentialsException();
}