HTTP Post request to a PHP server
Revision as of 14:08, 9 September 2007 by Spam Burger (talk | contribs)
integer SECRET_NUMBER=123456789; xrequest(string url, list l) { integer i; integer len=llGetListLength(l) & 0xFFFE; // makes the list count even string body; for (i=0;i<len;i+=2) { string varname=llList2String(l,i); string varvalue=llList2String(l,i + 1); if (i>0) body+="&"; body+=llEscapeURL(varname)+"="+llEscapeURL(varvalue); } string hash=llMD5String(body,SECRET_NUMBER); http_request_id = llHTTPRequest(url+"?hash="+hash,[HTTP_METHOD,"POST",HTTP_MIMETYPE,"application/x-www-form-urlencoded"],body); }
On the server side here is the PHP function which will allow your server to check the securty hash:
<?php // this function tweak slightly urlencode to make it behave exactly like llEscapeURL in Second Life. function llEscapeURL($s) { return str_replace( array("+","-",".","_"), array("%20","%2D","%2E","%5F"), urlencode($s)); } // this my main SL page XML-RPC page function checkHash() { global $body; $hash=$_GET["hash"]; $body=""; $cpt=0; $SECRET_NUMBER=123456789; foreach ($_POST as $name => $value) { if ($cpt++>0) $body.="&"; $body.=llEscapeURL($name)."=".llEscapeURL($value); } $calcHash=md5($body.':'.$SECRET_NUMBER); if ($hash!=$calcHash) { sleep(2); // slow down the requests echo "result=FAIL\nMSG=Invalid hash"; + $body=""; die; } } checkHash(); // You can use the parameters here by simply using $_POST["parameter_name"] echo "OK"; ?>