I'm getting that error code (I'm using a public API so it's certainly working on their side ;)):
HMAC authentication key and signature was given, but they are invalid.
function get_myself($request){
$public_key = "MY_PUBLIC_KEY";
$secret = "MY_PRIVATE_KEY";
$parameters = array(
"client_id" => $public_key,
"client_secret" => $secret
);
$data = http_build_query($parameters);
$ch = curl_init("https://localbitcoins.com".$request);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
curl_setopt($ch, CURLOPT_USERAGENT, "curl");
curl_setopt($ch, CURLOPT_POSTFIELDS, $data);
$nonce = time();
$sig = base64_encode ( hash_hmac("sha256", $nonce.$public_key.$request, $secret ) );
$options = array(
CURLOPT_RETURNTRANSFER => 1,
CURLOPT_TIMEOUT => 30,
CURLOPT_HTTPHEADER => array(
"Apiauth-Key:".$public_key,
"Apiauth-Nonce:".$nonce,
"Apiauth-Signature:".$sig
),
);
curl_setopt_array($ch, $options);
$result = curl_exec($ch);
curl_close($ch);
return $result;
}
$getinfo = array();
$getinfo = get_myself("/api/myself/");
echo "<pre>"; print_r($getinfo); echo "</pre>";
After 3 days, I found the 'solution'... here's a working example:
function localbitcoins_query($path, array $req = Array()) {
$key='MY_KEY';
$secret='MY_SECRET';
$mt = explode(' ', microtime());
$nonce = $mt[1].substr($mt[0], 2, 6);
if ($req) {
$get=httpbuildquery($req);
$path=$path.'?'.$get;
}
$postdata=$nonce.$key.$path;
$sign = strtoupper(hash_hmac('sha256', $postdata, $secret));
$headers = array(
'Apiauth-Signature:'.$sign,
'Apiauth-Key:'.$key,
'Apiauth-Nonce:'.$nonce
);
$ch = null;
$ch = curl_init('https://localbitcoins.com'.$path);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_HTTPHEADER, $headers);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, TRUE);
curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 20);
$res = curl_exec($ch);
if ($res === false) throw new Exception('Curl error: '.curlerror($ch));
$dec = json_decode($res, true);
if (!$dec) throw new Exception('Invalid data: '.$res);
curl_close($ch);
return $dec;
}
$getinfo = array();
$devise = "EUR";
$url = "/buy-bitcoins-online/".$devise."/western-union/.json";
$getinfo = localbitcoins_query($url);
echo "<pre>"; print_r($getinfo); echo "</pre>";
It's working on my side, I suppose the POST / GET notion wasn't previously handle properly whereas it is in that version.
Enjoy :p
Related
What is wrong with my array? Im trying to add product on shopify using the API. But it does not add the Price and Image of the product.
Here's the example array:
Array
(
[product] => Array
(
[title] => TITLE
[body_html] => <p><strong>DESCRIPTION</strong></p>
[vendor] => TESTSTORE
[product_type] =>
[tags] =>
[published] => 1
[variants] => Array
(
[0] => Array
(
[price] => 1160
)
)
[images] => Array
(
[0] => Array
(
[src] => urlofimage.jpg
)
[1] => Array
(
[src] => urlofimage.jpg
)
)
)
)
And here'is the code that i call to add it on shopify:
function shopify_call($token, $shop, $api_endpoint, $query = array(), $method = 'GET', $request_headers = array()) {
// Build URL
$url = "https://" . $shop . $api_endpoint;
if (!is_null($query) && in_array($method, array('GET', 'DELETE'))) $url = $url . "?" . http_build_query($query);
// Configure cURL
$curl = curl_init($url);
curl_setopt($curl, CURLOPT_HEADER, TRUE);
curl_setopt($curl, CURLOPT_RETURNTRANSFER, TRUE);
curl_setopt($curl, CURLOPT_FOLLOWLOCATION, TRUE);
curl_setopt($curl, CURLOPT_MAXREDIRS, 3);
curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, FALSE);
// curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, 3);
// curl_setopt($curl, CURLOPT_SSLVERSION, 3);
curl_setopt($curl, CURLOPT_USERAGENT, 'My New Shopify App v.1');
curl_setopt($curl, CURLOPT_CONNECTTIMEOUT, 30);
curl_setopt($curl, CURLOPT_TIMEOUT, 30);
curl_setopt($curl, CURLOPT_CUSTOMREQUEST, $method);
// Setup headers
$request_headers[] = "";
if (!is_null($token)) $request_headers[] = "X-Shopify-Access-Token: " . $token;
curl_setopt($curl, CURLOPT_HTTPHEADER, $request_headers);
if ($method != 'GET' && in_array($method, array('POST', 'PUT'))) {
if (is_array($query)) $query = http_build_query($query);
curl_setopt ($curl, CURLOPT_POSTFIELDS, $query);
}
// Send request to Shopify and capture any errors
$response = curl_exec($curl);
$error_number = curl_errno($curl);
$error_message = curl_error($curl);
// Close cURL to be nice
curl_close($curl);
// Return an error is cURL has a problem
if ($error_number) {
return $error_message;
} else {
// No error, return Shopify's response by parsing out the body and the headers
$response = preg_split("/\r\n\r\n|\n\n|\r\r/", $response, 2);
// Convert headers into an array
$headers = array();
$header_data = explode("\n",$response[0]);
$headers['status'] = $header_data[0]; // Does not contain a key, have to explicitly set
array_shift($header_data); // Remove status, we've already set it above
foreach($header_data as $part) {
$h = explode(":", $part);
$headers[trim($h[0])] = trim($h[1]);
}
// Return headers and Shopify's response
return array('headers' => $headers, 'response' => $response[1]);
}
}
The array above is the value of $query variable. What do you think is the problem?
I am checking the same all thing are fine
Please check your token and endpoints
Please update your image url like : https://www.apple.com/ac/structured-data/images/knowledge_graph_logo.png?201809210816
you can try my code it might be help you
<?php
$params = [];
$params['product'] = [
'title'=>'TITLEcus',
'body_html'=>'<p><strong>DESCRIPTION</strong></p>',
'vendor'=>'TESTSTORE',
'product_type'=>'',
'tags' =>'' ,
'published'=>1,
'variants'=> [
[
'price'=>1160
]
],
'images'=> [
[
'src'=>'urlofimage.jpg',
],
[
'src'=>'urlofimage.jpg',
]
]
];
function shopify_call($token, $shop, $api_endpoint, $query = array(), $method = 'GET', $request_headers = array()) {
$url = "https://" . $shop . $api_endpoint;
if (!is_null($query) && in_array($method, array('GET', 'DELETE'))) $url = $url . "?" . http_build_query($query);
// Configure cURL
$curl = curl_init($url);
curl_setopt($curl, CURLOPT_HEADER, TRUE);
curl_setopt($curl, CURLOPT_RETURNTRANSFER, TRUE);
curl_setopt($curl, CURLOPT_FOLLOWLOCATION, TRUE);
curl_setopt($curl, CURLOPT_MAXREDIRS, 3);
curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, FALSE);
// curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, 3);
// curl_setopt($curl, CURLOPT_SSLVERSION, 3);
curl_setopt($curl, CURLOPT_USERAGENT, 'ohShopify-php-api-client');
curl_setopt($curl, CURLOPT_CONNECTTIMEOUT, 30);
curl_setopt($curl, CURLOPT_TIMEOUT, 30);
curl_setopt($curl, CURLOPT_CUSTOMREQUEST, $method);
// Setup headers
$request_headers[] = "";
$query = in_array($method, array('POST','PUT')) ? json_encode($query) : array();
$request_headers = in_array($method, array('POST','PUT')) ? array("Content-Type: application/json; charset=utf-8", 'Expect:') : array();
if (!is_null($token)) $request_headers[] = "X-Shopify-Access-Token: " . $token;
curl_setopt($curl, CURLOPT_HTTPHEADER, $request_headers);
if ($method != 'GET' && in_array($method, array('POST', 'PUT'))) {
if (is_array($query)) $query = http_build_query($query);
curl_setopt ($curl, CURLOPT_POSTFIELDS, $query);
}
// Send request to Shopify and capture any errors
$response = curl_exec($curl);
$error_number = curl_errno($curl);
$error_message = curl_error($curl);
// Close cURL to be nice
curl_close($curl);
// Return an error is cURL has a problem
if ($error_number) {
return $error_message;
} else {
// No error, return Shopify's response by parsing out the body and the headers
$response = preg_split("/\r\n\r\n|\n\n|\r\r/", $response, 2);
// Convert headers into an array
$headers = array();
$header_data = explode("\n",$response[0]);
$headers['status'] = $header_data[0]; // Does not contain a key, have to explicitly set
array_shift($header_data); // Remove status, we've already set it above
foreach($header_data as $part) {
$h = explode(":", $part);
$headers[trim($h[0])] = trim($h[1]);
}
// Return headers and Shopify's response
return array('headers' => $headers, 'response' => $response[1]);
}
}
var_dump(shopify_call($token, $shop, '/admin/api/2019-07/products.json', $params, 'POST', $request_headers = array()));
?>
I'm using the Aliexpress API generatePromotionLinks. This API requires an parameter which is _aop_signature
URL is this :
https://gw.api.alibaba.com/openapi/param2/1/portals.open/api.generatePromotionLinks/[appKey]?trackingId=[trackingId]&targetUrls=[url]&locale=[global]&linkType=HOT_PRODUCT_LINK&_aop_signature=[signature]
I want to know where I can get the _aop_signature, or how to generate the _aop_signature using PHP.
<?php
$url = 'https://gw.api.alibaba.com/openapi/';
$appKey = ***;
$appSecret ='***';
$apiInfo = 'param2/1/portals.open/api.generatePromotionLinks/' . $appKey;
$code_arr = array(
'urls' => 'https://ru.aliexpress.com/af/mp3.html?d=y&origin=n&SearchText=mp3&catId=0&initiative_id=SB_20191106040548',
'linkType' => 'SEARCH_LINK',
'fields' => 'promotionUrls,trackingId,publisherId',
'trackingId' => 'Please create a unique affiliate ID for your site(s).',
);
$aliParams = array();
foreach ($code_arr as $key => $val) {
$aliParams[] = $key . $val;
}
sort($aliParams);
$sign_str = join('', $aliParams);
$sign_str = $apiInfo . $sign_str;
$code_sign = strtoupper(bin2hex(hash_hmac("sha1", $sign_str, $appSecret, true)));
$url = $url.$apiInfo.'?'.http_build_query($code_arr)."&_aop_signature=".$code_sign;
$ch = curl_init();
curl_setopt($ch, CURLOPT_HEADER, 0);
curl_setopt($ch, CURLOPT_VERBOSE, 0);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_USERAGENT, "Mozilla/4.0 (compatible;)");
curl_setopt($ch, CURLOPT_URL, $url);
$response = curl_exec($ch);
curl_close($ch);
print_r($response);
?>
Quickblox admin panel in content section images status is Uploaded but nethier image is previewing nor the AWS(amazons3) link is working.
Step 1- Created session using quickblox account(main account) and get session token from response.
Step 2- Log in API user using user credentials and session token.
Step 3- Created a blob and and from response extracted all the blob info param and made a json array.
Step 4- Uploaded user image / avatar and getting response
HTTP/1.1 100 Continue
HTTP/1.1 201 Created
x-amz-id-2: CaF37TJwdt0PZjGdquV4yQSeNqtDyWrZge1DfkBinhNdhHYb635nsWcECFhUoRgiYzuAAxf+z2Q=
x-amz-request-id: F24A002779D03E34
Date: Tue, 21 Mar 2017 13:15:17 GMT
ETag: "3b45dadd80ddb4019e129e1c8469ca40"
Location: http://qbprod.s3.amazonaws.com/2e5b9610a6ff4a8395ade21377def2f500
Content-Type: application/xml
Content-Length: 269
Server: AmazonS3
Step 5- Declared File uploaded.
Step 6- Connected blob id to API user.
Here is my all code, tell me what i am doing wrong:
note: login credentials are not real.
<?php
$quickblox_user_name = "quickblox_agicent"; //quickblox account
$quickblox_password = "quickblox#123";
$user_login = "quickblox_qb_130"; //API
$user_pwd = "21663496";
$profile_pic = "c.png"; // image path
$file_size = filesize($profile_pic);
//CREATE SESSION
$session = createSession($quickblox_user_name,$quickblox_password);
$token = $session->token;
//LOGIN USER
$login_user = loginUser($user_login,$user_pwd,$token);
$login_user_decode = json_decode($login_user);
$log_in = $login_user_decode->user;
$user_id = $log_in->id;
//CREATE A BLOB
$create_blob = createBlob($profile_pic, $token);
$res = json_decode($create_blob)->blob;
$blob_id = $res->id;
$name = $res->name;
$size = $res->size;
$res_en = json_encode($res->blob_object_access);
$rr = json_decode($res_en);
$get_params = $rr->params;
//EXTRACTING BLOB PARAMETER FROM QUERY STRING
$Query_String = explode("&", explode("?", $get_params)[1] );
$content_type = urldecode(substr($Query_String[0], strpos($Query_String[0], "=") + 1));
$expires = urldecode(substr($Query_String[1], strpos($Query_String[1], "=") + 1));
$acl = substr($Query_String[2], strpos($Query_String[2], "=") + 1);
$key = substr($Query_String[3], strpos($Query_String[3], "=") + 1);
$policy = substr($Query_String[4], strpos($Query_String[4], "=") + 1);
$success_action_status = substr($Query_String[5], strpos($Query_String[5], "=") + 1);
$x_amz_algorithm = substr($Query_String[6], strpos($Query_String[6], "=") + 1);
$x_amz_credential = urldecode(substr($Query_String[7], strpos($Query_String[7], "=") + 1));
$x_amz_date = substr($Query_String[8], strpos($Query_String[8], "=") + 1);
$x_amz_signature = substr($Query_String[9], strpos($Query_String[9], "=") + 1);
//CREATE JSON ARRAY OF EXTRATED PARAMETER
$fields = array
(
"Content-Type" => $content_type,
"Expires" => $expires,
"acl" => $acl,
"key" => $key,
"policy" => $policy,
"success_action_status" => $success_action_status,
"x-amz-algorithm" => $x_amz_algorithm,
"x-amz-credential" => $x_amz_credential,
"x-amz-date" => $x_amz_date,
"x-amz-signature" => $x_amz_signature,
"file" => "#".$profile_pic
);
//UPLOAD AVATAR / IMAGE
$upload_avatar = uploadAvatar($fields);
$resPP = json_decode($upload_avatar);
//DECLARE FILE UPLOAD
$declare_upload_avatar = declareUploadAvatar($file_size,$blob_id,$token);
//CONNECT BLOB ID TO API USER
$resultConnect = connectBlobToUser($blob_id,$user_id,$token);
//FUNCTIONS
function createSession($login,$pwd)
{
// Application credentials - change to yours (found in QB Dashboard)
DEFINE('APPLICATION_ID', 12345);
DEFINE('AUTH_KEY', "MDJ8979q328");
DEFINE('AUTH_SECRET', 'asDCE-JLDJCEU');
DEFINE("RESETPWD_BASE_URL", strtolower(stristr($_SERVER["SERVER_PROTOCOL"], "/", true)) . "://" . $_SERVER["HTTP_HOST"] ."/img");
// User credentials
DEFINE('USER_LOGIN', $login);
DEFINE('USER_PASSWORD', $pwd);
// Quickblox endpoints
DEFINE('QB_API_ENDPOINT', "https://api.quickblox.com");
DEFINE('QB_PATH_SESSION', "session.json");
// Generate signature
$nonce = rand();
$timestamp = time();
$signature_string = "application_id=".APPLICATION_ID."&auth_key=".AUTH_KEY."&nonce=".$nonce."×tamp=".$timestamp."&user[login]=".USER_LOGIN."&user[password]=".USER_PASSWORD;
$signature = hash_hmac('sha1', $signature_string , AUTH_SECRET);
$post_body = "application_id=" . APPLICATION_ID . "&auth_key=" . AUTH_KEY . "×tamp=" . $timestamp . "&nonce=" . $nonce . "&signature=" . $signature . "&user[login]=" . USER_LOGIN . "&user[password]=" . USER_PASSWORD;
// Configure cURL
$curl = curl_init();
curl_setopt($curl, CURLOPT_URL, QB_API_ENDPOINT . '/' . QB_PATH_SESSION); // Full path is - https://api.quickblox.com/session.json
curl_setopt($curl, CURLOPT_POST, true); // Use POST
curl_setopt($curl, CURLOPT_POSTFIELDS, $post_body); // Setup post body
curl_setopt($curl, CURLOPT_RETURNTRANSFER, true); // Receive server response
curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, FALSE);
curl_setopt($curl, CURLOPT_CAINFO,RESETPWD_BASE_URL."/quickblox.com.crt");
// Execute request and read response
$response = curl_exec($curl);
$responseJSON = json_decode($response);
// Check errors
if ($response)
{
$rs = json_decode($response)->session;
return $rs;
} else {
echo "0";
// $error = curl_error($curl). '(' .curl_errno($curl). ')';
// echo $error . "\n";
}
// Close connection
curl_close($curl);
}
function loginUser($login1,$pwd1,$token)
{
$requestCred = '{"login": "'.$login1.'", "password": "'.$pwd1.'"}';
$ch = curl_init('http://api.quickblox.com/login.json');
curl_setopt($ch, CURLOPT_CUSTOMREQUEST, "POST");
curl_setopt($ch, CURLOPT_POSTFIELDS, $requestCred);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_HTTPHEADER, array(
'Content-Type: application/json',
'QuickBlox-REST-API-Version: 0.1.1',
'QB-Token: ' . $token
));
$res = curl_exec($ch);
curl_close( $ch );
return $res;
}
function createBlob($profile_pic,$token)
{
$ext = pathinfo($profile_pic, PATHINFO_EXTENSION);
if($ext == 'png' || $ext == "Png" || $ext == "PNG")
$request = '{"blob": {"content_type": "image/png", "name": "'.$profile_pic.'", "public": "true"}}';
else
$request = '{"blob": {"content_type": "image/jpeg", "name": "'.$profile_pic.'"}}';
$ch = curl_init('http://api.quickblox.com/blobs.json');
curl_setopt($ch, CURLOPT_CUSTOMREQUEST, "POST");
curl_setopt($ch, CURLOPT_POSTFIELDS, $request);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_HTTPHEADER, array(
'Content-Type: application/json',
'QuickBlox-REST-API-Version: 0.1.1',
'QB-Token: ' . $token
));
$res = curl_exec($ch);
curl_close( $ch );
return $res;
}
function uploadAvatar($fields)
{
$ch = curl_init('http://qbprod.s3.amazonaws.com/');
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_HEADER, true);
curl_setopt($ch, CURLOPT_POST, true);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($ch, CURLOPT_POSTFIELDS, $fields );
$res = curl_exec($ch);
curl_close( $ch );
return $res;
}
function declareUploadAvatar($file_size,$blob_id,$token)
{
$request_size = '{"blob": {"size": '.$file_size.'}}';
$ch = curl_init("http://api.quickblox.com/blobs/".$blob_id."/complete.json/");
curl_setopt($ch, CURLOPT_CUSTOMREQUEST, "PUT");
curl_setopt($ch, CURLOPT_POSTFIELDS, $request_size );
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_HTTPHEADER, array(
'Content-Type: application/json',
'QuickBlox-REST-API-Version: 0.1.1',
'QB-Token: ' . $token
));
$res = curl_exec($ch);
curl_close( $ch );
return $res;
}
function connectBlobToUser($blob_id,$user_id,$token)
{
$update_user = '{"user": {"blob_id": '.$blob_id.'}}';
$ch = curl_init("http://api.quickblox.com/users/$user_id.json/");
curl_setopt($ch, CURLOPT_CUSTOMREQUEST, "PUT");
curl_setopt($ch, CURLOPT_POSTFIELDS, $update_user );
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_HTTPHEADER, array(
'Content-Type: application/json',
'QuickBlox-REST-API-Version: 0.1.1',
'QB-Token: ' . $token
));
$res = curl_exec($ch);
curl_close( $ch );
return $res;
}
?>
Before curl request you should create new CURLFile object
and use it in $fields array.
$file_ext = mime_content_type($profile_pic);
$file_path = realpath($profile_pic);
$curl_file = new CURLFile($file_path, $file_ext, $profile_pic);
$fields = array
(
"Content-Type" => $content_type,
"Expires" => $expires,
"acl" => $acl,
"key" => $key,
"policy" => $policy,
"success_action_status" => $success_action_status,
"x-amz-algorithm" => $x_amz_algorithm,
"x-amz-credential" => $x_amz_credential,
"x-amz-date" => $x_amz_date,
"x-amz-signature" => $x_amz_signature,
"file" => $curl_file
);
You can read about CURLOPT_POSTFIELDS here: http://php.net/manual/en/class.curlfile.php
I had tried to send info in a post and a header throw localbitcoins and get one error:
HMAC authentication key and signature was given, but they are invalid
From what i learn with localbitcoins api is this just a code u get when u mess with the header can someone help me to solve why I get this error because don't know whats wrong in my code:
function localbitcoins_query2($path, array $req = Array()) {
$key='mycode';
$secret='mycode';
$mt = explode(' ', microtime());
$nonce = $mt[1].substr($mt[0], 2, 6);
if ($req) {
$get=httpbuildquery($req);
$path=$path.'?'.$get;
}
$postdata=$nonce.$key.$path;
$sign = strtoupper(hash_hmac('sha256', $postdata, $secret));
$headers = array(
'Apiauth-Signature:'.$sign,
'Apiauth-Key:'.$key,
'Apiauth-Nonce:'.$nonce
);
$ch = null;
$ch = curl_init();
$data = array("lat" => "Hagrid", "price_equation" => "36");
$data_string = json_encode($data);
curl_setopt($ch, CURLOPT_URL,"https://localbitcoins.com".$path);
curl_setopt($ch, CURLOPT_CUSTOMREQUEST, "POST");
curl_setopt($ch, CURLOPT_POSTFIELDS, $data);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_HTTPHEADER, $headers);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 20);
$res = curl_exec($ch);
if ($res === false) throw new Exception('Curl error: '.curl_error($ch));
$dec = json_decode($res, true);
if (!$dec) throw new Exception('Invalid data: '.$res);
curl_close($ch);
return $dec;
}
Try this solution:
function localbitcoins_query2($path, array $req = Array()) {
$key='mycode';
$secret='mycode';
$mt = explode(' ', microtime());
$nonce = $mt[1].substr($mt[0], 2, 6);
$get = "";
if ($req) {
$get=httpbuildquery($req);
}
$postdata=$nonce.$key.$path.$get; // NOTE: $postdata without '?' char before the parameters!;
$sign = strtoupper(hash_hmac('sha256', $postdata, $secret));
$headers = array(
'Apiauth-Signature:'.$sign,
'Apiauth-Key:'.$key,
'Apiauth-Nonce:'.$nonce
);
$ch = null;
$ch = curl_init();
$data = array("lat" => "Hagrid", "price_equation" => "36");
$data_string = json_encode($data);
curl_setopt($ch, CURLOPT_URL,"https://localbitcoins.com".$path.( $get=="" ? "" : "?".$get)); // NOTE: here it's necesary '?' char before the parameters!);
curl_setopt($ch, CURLOPT_CUSTOMREQUEST, "POST");
curl_setopt($ch, CURLOPT_POSTFIELDS, $data);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_HTTPHEADER, $headers);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 20);
$res = curl_exec($ch);
if ($res === false) throw new Exception('Curl error: '.curl_error($ch));
$dec = json_decode($res, true);
if (!$dec) throw new Exception('Invalid data: '.$res);
curl_close($ch);
return $dec;
}
I have looked over the code many times but whenever I send request to API it returns "message":"invalid signature"
I am thinking it has to do with hashing the body, possibly. I'm new to PHP and its my first project. :)
Anyone see an error? Thanks.
<?php
$arr = array('size' => ".01", 'price' => '240', 'side' => 'sell',
'product_id' => 'BTC-USD');
$output = json_encode($arr);
echo json_encode($arr)."<br/>";
$key = "f23612b06cb4d020cda7e04b1ae6ef9a";
$secret = "RENqodtuTCn4v7g7Pn/FFdQAIKReVXGayNPrNN/Zb7AjATI0hP4R0MCDD5RqnDu60qTZ5Qry329fFu7kcObGBw==";
$passphrase = "tradebot";
$time = time();
$url = "https://api.gdax.com/orders";
$data = $time."POST"."/orders";
echo $data . "<br/>";
$hashinput = "$output"."$data";
$sign = base64_encode(hash_hmac("sha256", $hashinput, base64_decode($secret), true));
echo $sign . "<br/>";
$headers = array(
'CB-ACCESS-KEY: '.$key,
'CB-ACCESS-SIGN: '.$sign,
'CB-ACCESS-TIMESTAMP: '.$time,
'CB-ACCESS-PASSPHRASE: '.$passphrase,
'Content-Type: application/json'
);
var_dump($headers);
echo $url;
static $ch = null;
if (is_null($ch)) {
$ch = curl_init($url);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_USERAGENT, 'local server');
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch,CURLOPT_POST, $output);
curl_setopt($ch, CURLOPT_HTTPHEADER, $headers);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE);
$res = curl_exec($ch);
echo $res;
}
replace
$hashinput = "$output"."$data";
with
$hashinput = "$data"."$output";
and replace
curl_setopt($ch, CURLOPT_POST, $output);
with
curl_setopt($ch, CURLOPT_POST, true);
curl_setopt($ch, CURLOPT_POSTFIELDS, $output);
(from Coinbase Community forum)