/** * Output the json with encrypted params * * @param CONST|string $result from the bfReply:: namespace * @param string $msg Normally JSON */ public static function reply($result = 'NOT_SET', $msg = 'NOT_SET') { if ($result === bfReply::ERROR) { bfLog::log('ERROR = ' . json_encode($msg)); } // remove any stray output echo ' '; // must have something to clean else warning occurs $contents = ob_get_contents(); if (trim($contents)) { bfLog::log('Buffer Contents Found: ' . $contents); } // tmp debug the buffer if (TRUE === _BF_API_DEBUG && $contents) { bfLog::log('WE HAVE AN OUTPUT BUFFER - Saving to file for debugging'); file_put_contents(dirname(__FILE__) . '/tmp/tmp.ob', $contents); } ob_clean(); // ahhh nice and clean again $returnJson = new stdClass(); $returnJson->METHOD = 'Encrypted'; // This is NOT encrypted $returnJson->RESULT = $result; // This is NOT encrypted // This is encrypted $returnJson->ENCRYPTED = bfEncrypt::getEncrypted($msg); // This is NOT encrypted $returnJson->CLIENT_VER = file_get_contents('./VERSION'); /** * DO NOT ENABLE DEBUG THIS - It will mean that replies are sent as * encrypted AND non-encrypted * and so this is insecure (albeit very useful during development!) */ $isLocalDevelopmentServer = defined('APPLICATION_ENV') && (APPLICATION_ENV == 'development' || APPLICATION_ENV == 'local') ? TRUE : FALSE; if ($isLocalDevelopmentServer || TRUE === _BF_API_DEBUG && TRUE === _BF_API_REPLY_DEBUG_NEVER_ENABLE_THIS_EVER_WILL_LEAK_CONFIDENTIAL_INFO_IN_RESPONSES) { $returnJson->DEBUG = json_encode($msg); } bfLog::log('Returning encrypted status to server'); die(json_encode($returnJson)); }