true, 'message' => 'Unauthorized', 'success' => false)); file_put_contents("log.txt", date("[d/m/Y H:i]") . "Unauthorized access to private API! SIG used : " . $sig . ", Key used : " . $key . ", data : " . var_export($data, true) . "\n", FILE_APPEND); exit(); } } function generateSig($key, $collection) { $str = ''; $object_keys = array_keys($collection); //ksort($object_keys); foreach($object_keys as $idx => $k) { $str .= $collection[$k]; } return hash_hmac("sha256", $str, $key); } if(isset($_POST) && isset($_POST['key']) && isset($_GET['sig'])) authorize($_POST['key'], $_GET['sig'], $_POST); else exit; ?>