jkpl/ghwh.php

## ghwh.php
<?php

// Conf
$secret = 'mysecret';
$command = '/path/to/script.sh';

function fail($msg) {
  http_response_code(400);
  echo $msg;
  exit(1);
}

function forbidden($msg) {
  http_response_code(403);
  echo 'forbidden access: ' . $msg;
  exit(1);
}

// Request
$headers = getallheaders();
$event = $headers['X-Github-Event'];
$signature = $headers['X-Hub-Signature'];
list($algo, $hash) = explode('=', $signature, 2);
$payload = file_get_contents('php://input');
$payloadHash = hash_hmac($algo, $payload, $secret);

// Verify secret
if ($hash !== $payloadHash) forbidden('invalid secret');

// Verify request
if ($event === 'ping') {
  echo 'pong';
  exit(1);
}

if ($event !== 'push') fail('only accepting push events. got ' . $event . ' instead.');

// Execute command
$status = 0;
$out = "";
exec($command, $out, $status);

if ($status !== 0) {
  error_log($out);
  fail('error occurred while executing the command');
}

?>
	<?php

	// Conf
	$secret = 'mysecret';
	$command = '/path/to/script.sh';

	function fail($msg) {
	http_response_code(400);
	echo $msg;
	exit(1);
	}

	function forbidden($msg) {
	http_response_code(403);
	echo 'forbidden access: ' . $msg;
	exit(1);
	}

	// Request
	$headers = getallheaders();
	$event = $headers['X-Github-Event'];
	$signature = $headers['X-Hub-Signature'];
	list($algo, $hash) = explode('=', $signature, 2);
	$payload = file_get_contents('php://input');
	$payloadHash = hash_hmac($algo, $payload, $secret);

	// Verify secret
	if ($hash !== $payloadHash) forbidden('invalid secret');

	// Verify request
	if ($event === 'ping') {
	echo 'pong';
	exit(1);
	}

	if ($event !== 'push') fail('only accepting push events. got ' . $event . ' instead.');

	// Execute command
	$status = 0;
	$out = "";
	exec($command, $out, $status);

	if ($status !== 0) {
	error_log($out);
	fail('error occurred while executing the command');
	}

	?>