<?php require_once '../../startup.php'; header('Content-Type: text/plain; charset=utf-8'); function die_gh(int $code, string $msg = ''): void { http_response_code($code); echo $msg; exit; } if(!defined('GITHUB_SECRET') || empty(GITHUB_SECRET)) die_gh(500, 'no token defined'); $rawBody = file_get_contents('php://input'); if(empty($rawBody)) die_gh(404, 'no data'); $sig = explode('=', $_SERVER['HTTP_X_HUB_SIGNATURE'], 2); if(count($sig) !== 2 || $sig[0] !== 'sha1' || !hash_equals(hash_hmac($sig[0], $rawBody, GITHUB_SECRET), $sig[1])) die_gh(403, 'invalid signature'); $body = json_decode($_SERVER['CONTENT_TYPE'] === 'application/x-www-form-urlencoded' ? $_POST['payload'] : $rawBody);