HTTP Post request to a PHP server
Revision as of 05:13, 19 September 2007 by Huney Jewell (talk | contribs) (Added header template and Category 'LSL Scripts')
| LSL Portal | Functions | Events | Types | Operators | Constants | Flow Control | Script Library | Categorized Library | Tutorials |
integer SECRET_NUMBER=123456789;
xrequest(string url, list l)
{
integer i;
integer len=llGetListLength(l) & 0xFFFE; // makes the list count even
string body;
for (i=0;i<len;i+=2)
{
string varname=llList2String(l,i);
string varvalue=llList2String(l,i + 1);
if (i>0) body+="&";
body+=llEscapeURL(varname)+"="+llEscapeURL(varvalue);
}
string hash=llMD5String(body,SECRET_NUMBER);
http_request_id = llHTTPRequest(url+"?hash="+hash,[HTTP_METHOD,"POST",HTTP_MIMETYPE,"application/x-www-form-urlencoded"],body);
}
On the server side here is the PHP function which will allow your server to check the security hash:
<?php
// this function tweak slightly urlencode to make it behave exactly like llEscapeURL in Second Life.
function llEscapeURL($s)
{
return str_replace(
array("+","-",".","_"),
array("%20","%2D","%2E","%5F"),
urlencode($s));
}
// this my main SL page XML-RPC page
function checkHash()
{
global $body;
$hash=$_GET["hash"];
$body="";
$cpt=0;
$SECRET_NUMBER=123456789;
foreach ($_POST as $name => $value) {
if ($cpt++>0) $body.="&";
$body.=llEscapeURL($name)."=".llEscapeURL($value);
}
$calcHash=md5($body.':'.$SECRET_NUMBER);
if ($hash!=$calcHash)
{
sleep(2); // slow down the requests
echo "result=FAIL\nMSG=Invalid hash"; + $body="";
die;
}
}
checkHash();
// You can use the parameters here by simply using $_POST["parameter_name"]
echo "OK";
?>