/** * Checks if a message is authentic from Plivo. * * @throws \InvalidArgumentException */ protected function validateRequest() { $data = $_POST; $url = $this->url; $signature = $_SERVER['X-Plivo-Signature']; $authToken = $this->authToken; if (!$this->plivo->validate_signature($url, $data, $signature, $authToken)) { throw new \InvalidArgumentException('This request was not able to verify it came from Plivo.'); } return true; }
<?php require 'vendor/autoload.php'; use Plivo\RestAPI; $auth_token = "Your AUTH_TOKEN"; $signature = $_SERVER["HTTP_X_PLIVO_SIGNATURE"]; $url = 'http' . (isset($_SERVER['HTTPS']) ? 's' : '') . '://' . "{$_SERVER['HTTP_HOST']}{$_SERVER['REQUEST_URI']}"; $uri = explode('?', $url); $uri1 = $uri[0]; $parse = parse_url($url, PHP_URL_QUERY); parse_str($parse, $get_array); $post_params = $_POST; $array = array_merge($get_array, $post_params); $valid = RestAPI::validate_signature($uri1, $array, $signature, $auth_token); $valid_message = "Signature is " . ($valid ? "" : "not ") . "valid"; // Report signature validity to web server log error_log($valid_message); if ($valid) { // Signature is valid // Sender's phone numer $from_number = $_REQUEST["From"]; // Receiver's phone number - Plivo number $to_number = $_REQUEST["To"]; // The SMS text message which was received $text = $_REQUEST["Text"]; // Output the text which was received, you could // also store the text in a database. error_log("Message received from {$from_number}: {$text}"); } else { // Signature is invalid error_log("Error! Something is wrong. Please check!");