adrinavarro/Superfeedr.wrapper.php

## Superfeedr.wrapper.php
<?php
class Superfeedr {
	protected $callback = 'http://mydomain/callback.php';
	private $authentication = 'myuser:mypassword';
	public $password = 'myrandompassphrase';

	function action($mode = 'subscribe', $url, $secret = null) {
		// if you are going to use HMAC checks in a per-feed basic, use $secret (otherwise it will use the password, which will work great, unless you change it, as it will start rejecting every pushed entry)
		$secret = ($secret?$secret:$this->password);
		$post = '';
		$post .= 'hub.callback='.urlencode($this->callback);
		$post .= '&hub.mode='.$mode;
		$post .= '&hub.topic='.urlencode($url);
		$post .= '&hub.verify=async';
		$post .= '&hub.verify_token='.urlencode(md5($mode.$this->password));
		$post .= '&hub.secret='.urlencode(sha1($secret));

		return $this->request('http://superfeedr.com/hubbub', 'post', $post);
	}

	function verify() {
		// for some reason, php doesn't take in account dots in GET elements
			if($_GET['hub_verify_token'] == md5($_GET['hub_mode'].$this->password)) {
			echo $_GET['hub_challenge'];
		}
	}

	function callback() {
		// requires apache (for apache_request_headers), there's probably a better way to do this
		$input = file_get_contents('php://input');
		if($input) {
			$headers = apache_request_headers();
			if($check = trim($headers['X-Hub-Signature'])) {
				$sum = hash_hmac('sha1', $input, sha1($this->element_secret($input)));
				if($check == "sha1=".$sum) {
					$this->request = trim($input);
					return true;
				} else {
					return false;
				}
			} else {
				return false;
			}
		} else {
			return false;
		}
	}

	function element_secret($element) {
		// here, you can parse the element then get its secret key (the one sent when subscribing), for example, from a database
		return $this->password;
	}

	function request($target, $type = 'get', $parameters = null, $auth = true) {
		// sends an http request, requires curl. adding https support should be pretty easy.
		$ch = curl_init();
		curl_setopt($ch, CURLOPT_URL, $target);
		curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
		if($type == 'post') {
			curl_setopt($ch, CURLOPT_POST, 1);
			if($parameters) {
				curl_setopt($ch, CURLOPT_POSTFIELDS, $parameters);
			}
		}
		if($auth) {
			curl_setopt($ch, CURLOPT_USERPWD, $this->authentication);
			curl_setopt($ch, CURLOPT_HTTPAUTH, CURLAUTH_BASIC);
		}
		$response = curl_exec($ch);
		$info = curl_getinfo($ch);
		curl_close($ch);
		return array('info' => $info, 'response' => $response);
	}
}

/* handler */

$s = new Superfeedr;

switch($_GET['hub_mode']) {
	case 'subscribe':
	case 'unsubscribe':
		$s->verify();
	break;

	default:
		if($s->callback()) {
			// returned & verified content will be placed in $s->request
			// do magic!
		}
	break;
}

switch($_GET['do']) {
	case 'subscribe_dummy':
		$s->action('subscribe', 'http://superfeedr.com/dummy.xml');
	break;

	case 'unsubscribe_dummy':
		$s->action('unsubscribe', 'http://superfeedr.com/dummy.xml');
	break;
}
	<?php
	class Superfeedr {
	protected $callback = 'http://mydomain/callback.php';
	private $authentication = 'myuser:mypassword';
	public $password = 'myrandompassphrase';

	function action($mode = 'subscribe', $url, $secret = null) {
	// if you are going to use HMAC checks in a per-feed basic, use $secret (otherwise it will use the password, which will work great, unless you change it, as it will start rejecting every pushed entry)
	$secret = ($secret?$secret:$this->password);
	$post = '';
	$post .= 'hub.callback='.urlencode($this->callback);
	$post .= '&hub.mode='.$mode;
	$post .= '&hub.topic='.urlencode($url);
	$post .= '&hub.verify=async';
	$post .= '&hub.verify_token='.urlencode(md5($mode.$this->password));
	$post .= '&hub.secret='.urlencode(sha1($secret));

	return $this->request('http://superfeedr.com/hubbub', 'post', $post);
	}

	function verify() {
	// for some reason, php doesn't take in account dots in GET elements
	if($_GET['hub_verify_token'] == md5($_GET['hub_mode'].$this->password)) {
	echo $_GET['hub_challenge'];
	}
	}

	function callback() {
	// requires apache (for apache_request_headers), there's probably a better way to do this
	$input = file_get_contents('php://input');
	if($input) {
	$headers = apache_request_headers();
	if($check = trim($headers['X-Hub-Signature'])) {
	$sum = hash_hmac('sha1', $input, sha1($this->element_secret($input)));
	if($check == "sha1=".$sum) {
	$this->request = trim($input);
	return true;
	} else {
	return false;
	}
	} else {
	return false;
	}
	} else {
	return false;
	}
	}

	function element_secret($element) {
	// here, you can parse the element then get its secret key (the one sent when subscribing), for example, from a database
	return $this->password;
	}

	function request($target, $type = 'get', $parameters = null, $auth = true) {
	// sends an http request, requires curl. adding https support should be pretty easy.
	$ch = curl_init();
	curl_setopt($ch, CURLOPT_URL, $target);
	curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
	if($type == 'post') {
	curl_setopt($ch, CURLOPT_POST, 1);
	if($parameters) {
	curl_setopt($ch, CURLOPT_POSTFIELDS, $parameters);
	}
	}
	if($auth) {
	curl_setopt($ch, CURLOPT_USERPWD, $this->authentication);
	curl_setopt($ch, CURLOPT_HTTPAUTH, CURLAUTH_BASIC);
	}
	$response = curl_exec($ch);
	$info = curl_getinfo($ch);
	curl_close($ch);
	return array('info' => $info, 'response' => $response);
	}
	}

	/* handler */

	$s = new Superfeedr;

	switch($_GET['hub_mode']) {
	case 'subscribe':
	case 'unsubscribe':
	$s->verify();
	break;

	default:
	if($s->callback()) {
	// returned & verified content will be placed in $s->request
	// do magic!
	}
	break;
	}

	switch($_GET['do']) {
	case 'subscribe_dummy':
	$s->action('subscribe', 'http://superfeedr.com/dummy.xml');
	break;

	case 'unsubscribe_dummy':
	$s->action('unsubscribe', 'http://superfeedr.com/dummy.xml');
	break;
	}