HTTP Post request to a PHP server

From Second Life Wiki
Revision as of 14:08, 9 September 2007 by Spam Burger (talk | contribs)
Jump to navigation Jump to search
integer SECRET_NUMBER=123456789;

xrequest(string url, list l)
{
    integer i;
    integer len=llGetListLength(l) & 0xFFFE; // makes the list count even
    string body;

   for (i=0;i<len;i+=2)
   {
        string varname=llList2String(l,i);
        string varvalue=llList2String(l,i + 1);
        if (i>0) body+="&";
        body+=llEscapeURL(varname)+"="+llEscapeURL(varvalue);
    }
    string hash=llMD5String(body,SECRET_NUMBER);
    http_request_id = llHTTPRequest(url+"?hash="+hash,[HTTP_METHOD,"POST",HTTP_MIMETYPE,"application/x-www-form-urlencoded"],body);
}

On the server side here is the PHP function which will allow your server to check the securty hash:


 <?php
 // this function tweak slightly urlencode to make it behave exactly like llEscapeURL in Second Life.
 function llEscapeURL($s)
 {
 	return str_replace(
 		array("+","-",".","_"),
 		array("%20","%2D","%2E","%5F"),
 		urlencode($s));
 }   
 
 // this my main SL page XML-RPC page
 function checkHash()
 {
 	global $body;
 	$hash=$_GET["hash"];
 	$body="";
 	$cpt=0;
 	$SECRET_NUMBER=123456789;
 	foreach ($_POST as $name => $value) {
 		if ($cpt++>0) $body.="&";
 		$body.=llEscapeURL($name)."=".llEscapeURL($value);
 	}
 	$calcHash=md5($body.':'.$SECRET_NUMBER);
 	if ($hash!=$calcHash) 
 	{
 		sleep(2); // slow down the requests
 		echo "result=FAIL\nMSG=Invalid hash"; + $body=""; 
 		die;
 	}
 }
 
 
 checkHash();
 // You can use the parameters here by simply using $_POST["parameter_name"] 
 echo "OK";
 ?>