public function verify_signature($signature, $arr, $apisecret)
{
$sig_check = Notifo_Webhook::compute_signature($arr, $apisecret);
if ($signature == $sig_check) {
return TRUE;
} else {
return FALSE;
}
return FALSE;
}
<?php
include "Notifo_Webhook.php";
/* replace with your actual APISecret (found on notifo.com settings page) */
define("NOTIFO_APISECRET", "myNotifoAPISecret");
if (Notifo_Webhook::verify_signature($_POST["notifo_signature"], $_POST, NOTIFO_APISECRET)) {
/* the signature is valid! */
/*
* do whatever you want with the data at this point.
* in this example we dump it to a log file
*/
file_put_contents("/path/to/notifo.log", "at time " . time() . ":\n" . print_r($_POST, TRUE), FILE_APPEND);
} else {
/* signature verification failed. corrupted or spoofed message!!! */
/*
* do some error logging at this point, or just ignore
*/
}
