@@ -233,16 +233,20 @@ public static function in_string($needle, $string) {
233233 } else return stripos ($ string$ needlefalse ;
234234 }
235235
236- public static function save_session_result ($ data
237- $ uuidself ::uuid ();
238- $ _SESSION $ uuidjson_encode ($ data
236+ public static function save_session_result ($ data$ key
237+ $ json_datajson_encode ($ data
238+ $ tokenhash_hmac ('sha1 ' , $ json_data$ key
239+ $ _SESSION $ tokenjson_encode ($ data
239240
240- return $ uuid
241+ return $ token
241242 }
242243
243- public static function get_session_result ($ token
244- $ dataisset ($ _SESSION $ token$ _SESSION $ tokennull ;
245- return json_decode ($ data
244+ public static function get_session_result ($ token$ key
245+ $ json_dataisset ($ _SESSION $ token$ _SESSION $ tokennull ;
246+
247+ // verify data by token
248+ $ signaturehash_hmac ('sha1 ' , $ json_data$ key
249+ return $ signature$ tokenjson_decode ($ json_datafalse ;
246250 }
247251
248252 public static function explode_ids ($ src$ separator'; ' ) {
@@ -642,19 +646,19 @@ public static function set_content_type($type = 'application/json') {
642646 header ('Content-Type: ' . $ type
643647 }
644648
645- public static function encode_api_result ($ result$ format" json "
649+ public static function encode_result ($ result$ format' json '
646650 switch ($ format
647- case " json "
648- set_content_type (" application/json "
649- return json_encode ($ result
650- break ;
651- case " xml "
652- set_content_type (" text/xml "
653- $ xmlnew XMLHelper (" Response "
654- return $ xmlto_xml ($ result
655- break ;
651+ case ' json '
652+ self :: set_content_type (' application/json '
653+ echo json_encode ($ result
654+ break ;
655+ case ' xml '
656+ self :: set_content_type (' text/xml '
657+ $ xmlnew XMLHelper (' Response '
658+ echo $ xmlto_xml ($ result
659+ break ;
656660 default :
657- return $ result
661+ echo $ result
658662 }
659663 }
660664
0 commit comments