| public static api_sign_request ( $params_to_sign, $api_secret ) |
public function test_upload()
{
$result = Cloudinary\Uploader::upload("tests/logo.png");
$this->assertEquals($result["width"], 241);
$this->assertEquals($result["height"], 51);
$expected_signature = Cloudinary::api_sign_request(array("public_id" => $result["public_id"], "version" => $result["version"]), Cloudinary::config_get("api_secret"));
$this->assertEquals($result["signature"], $expected_signature);
}
public static function sign_request($params, &$options)
{
$api_key = Cloudinary::option_get($options, "api_key", Cloudinary::config_get("api_key"));
if (!$api_key) {
throw new \InvalidArgumentException("Must supply api_key");
}
$api_secret = Cloudinary::option_get($options, "api_secret", Cloudinary::config_get("api_secret"));
if (!$api_secret) {
throw new \InvalidArgumentException("Must supply api_secret");
}
# Remove blank parameters
$params = array_filter($params, function ($v) {
return isset($v) && $v !== "";
});
$params["signature"] = Cloudinary::api_sign_request($params, $api_secret);
$params["api_key"] = $api_key;
return $params;
}
public function is_valid()
{
$public_id = $this->resource_type == "raw" ? $this->filename : $this->public_id;
$expected_signature = \Cloudinary::api_sign_request(array("public_id" => $public_id, "version" => $this->version), \Cloudinary::config_get("api_secret"));
return $this->signature == $expected_signature;
}
function prepare_cloudinary_media_lib_url($mode)
{
if (!$this->configured()) {
return NULL;
}
$params = array("timestamp" => time(), "mode" => $mode, "plugin_version" => cloudinary_VERSION);
$params["signature"] = Cloudinary::api_sign_request($params, Cloudinary::config_get("api_secret"));
$params["api_key"] = Cloudinary::config_get("api_key");
$query = http_build_query($params);
return CLOUDINARY_BASE_URL . "/console/media_library/cms?{$query}";
}
<?php
require 'main.php';
# You can add here your custom verification code
# Check for a valid Cloudinary response
$api_secret = Cloudinary::config_get("api_secret");
if (!$api_secret) {
throw new \InvalidArgumentException("Must supply api_secret");
}
$existing_signature = \Cloudinary::option_consume($_POST, "signature");
$to_sign = array('public_id' => $_POST['public_id'], 'version' => $_POST['version']);
$calculated_signature = \Cloudinary::api_sign_request($to_sign, $api_secret);
if ($existing_signature == $calculated_signature) {
# Create a model record using the data received (best practice is to save locally
# only data needed for reaching the image on Cloudinary - public_id and version;
# and fields that might be needed for your application (e.g.,), width, height)
$photo = \PhotoAlbum\create_photo_model($_POST);
} else {
error_log("Received signature verficiation failed (" . $existing_signature . " != " . $calculated_signature . "). data: " . \PhotoAlbum\ret_var_dump($_POST));
}
public static function call_api($action, $params, $options = array(), $file = NULL)
{
$return_error = Cloudinary::option_get($options, "return_error");
$api_key = Cloudinary::option_get($options, "api_key", Cloudinary::config_get("api_key"));
if (!$api_key) {
throw new InvalidArgumentException("Must supply api_key");
}
$api_secret = Cloudinary::option_get($options, "api_secret", Cloudinary::config_get("api_secret"));
if (!$api_secret) {
throw new InvalidArgumentException("Must supply api_secret");
}
$params["signature"] = Cloudinary::api_sign_request($params, $api_secret);
$params["api_key"] = $api_key;
# Remove blank parameters
$params = array_filter($params);
$api_url = Cloudinary::cloudinary_api_url($action, $options);
$api_url .= "?" . preg_replace("/%5B\\d+%5D/", "%5B%5D", http_build_query($params));
$ch = curl_init($api_url);
$post_params = array();
if ($file) {
if (!preg_match('/^@|^https?:|^s3:|^data:[^;]*;base64,([a-zA-Z0-9\\/+\\n=]+)$/', $file)) {
if (function_exists("curl_file_create")) {
$post_params['file'] = curl_file_create($file);
$post_params['file']->setPostFilename($file);
} else {
$post_params["file"] = "@" . $file;
}
} else {
$post_params["file"] = $file;
}
}
curl_setopt($ch, CURLOPT_POST, true);
curl_setopt($ch, CURLOPT_TIMEOUT, 60);
curl_setopt($ch, CURLOPT_POSTFIELDS, $post_params);
curl_setopt($ch, CURLOPT_CAINFO, realpath(dirname(__FILE__)) . "/cacert.pem");
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_USERAGENT, Cloudinary::USER_AGENT);
$response = curl_exec($ch);
$curl_error = NULL;
if (curl_errno($ch)) {
$curl_error = curl_error($ch);
}
$code = curl_getinfo($ch, CURLINFO_HTTP_CODE);
$response_data = $response;
curl_close($ch);
if ($curl_error != NULL) {
throw new Exception("Error in sending request to server - " . $curl_error);
}
if ($code != 200 && $code != 400 && $code != 500 && $code != 401 && $code != 404) {
throw new Exception("Server returned unexpected status code - " . $code . " - " . $response_data);
}
$result = json_decode($response_data, TRUE);
if ($result == NULL) {
throw new Exception("Error parsing server response (" . $code . ") - " . $response_data);
}
if (isset($result["error"])) {
if ($return_error) {
$result["error"]["http_code"] = $code;
} else {
throw new Exception($result["error"]["message"]);
}
}
return $result;
}
