/**
* Output the json with encrypted params
*
* @param CONST|string $result from the bfReply:: namespace
* @param string $msg Normally JSON
*/
public static function reply($result = 'NOT_SET', $msg = 'NOT_SET')
{
if ($result === bfReply::ERROR) {
bfLog::log('ERROR = ' . json_encode($msg));
}
// remove any stray output
echo ' ';
// must have something to clean else warning occurs
$contents = ob_get_contents();
if (trim($contents)) {
bfLog::log('Buffer Contents Found: ' . $contents);
}
// tmp debug the buffer
if (TRUE === _BF_API_DEBUG && $contents) {
bfLog::log('WE HAVE AN OUTPUT BUFFER - Saving to file for debugging');
file_put_contents(dirname(__FILE__) . '/tmp/tmp.ob', $contents);
}
ob_clean();
// ahhh nice and clean again
$returnJson = new stdClass();
$returnJson->METHOD = 'Encrypted';
// This is NOT encrypted
$returnJson->RESULT = $result;
// This is NOT encrypted
// This is encrypted
$returnJson->ENCRYPTED = bfEncrypt::getEncrypted($msg);
// This is NOT encrypted
$returnJson->CLIENT_VER = file_get_contents('./VERSION');
/**
* DO NOT ENABLE DEBUG THIS - It will mean that replies are sent as
* encrypted AND non-encrypted
* and so this is insecure (albeit very useful during development!)
*/
$isLocalDevelopmentServer = defined('APPLICATION_ENV') && (APPLICATION_ENV == 'development' || APPLICATION_ENV == 'local') ? TRUE : FALSE;
if ($isLocalDevelopmentServer || TRUE === _BF_API_DEBUG && TRUE === _BF_API_REPLY_DEBUG_NEVER_ENABLE_THIS_EVER_WILL_LEAK_CONFIDENTIAL_INFO_IN_RESPONSES) {
$returnJson->DEBUG = json_encode($msg);
}
bfLog::log('Returning encrypted status to server');
die(json_encode($returnJson));
}
