- Joined
- May 2, 2018
- Messages
- 2,947
Most trackers these days have the option to protect your landing pages with a custom PHP code that you need to put in your landing page code. But if you have a simple html landing page, and you want to protect your landing page with PHP script, then you can’t host your page on CloudFlare Pages, and that’s a shame.
What if you COULD host your landers on Cloudflare pages and still protect them in the same way, but without the PHP script?
We’ll just need to “convert” PHP code to CloudFlare Workers code for this to work. Let’s try!
So, BeMob will provide you with something like this:
What if you COULD host your landers on Cloudflare pages and still protect them in the same way, but without the PHP script?
We’ll just need to “convert” PHP code to CloudFlare Workers code for this to work. Let’s try!
So, BeMob will provide you with something like this:
Code:
define('LANDING_SECRET_KEY', 'ODk4ZDc2MjM2MGE4NmRjMmRiY2E3Njg1MDFlZTU0MTIxNjU5YzE1Yw=='); // Your landing secret key from panel.bemob.com -> Settings -> Tracker
define('SIGNATURE_TTL', '1 minute'); // How long signature should be valid. Valid formats are explained here: http://php.net/manual/en/datetime.formats.php
define('SIGNATURE_GET_PARAM', 'key'); // GET parameter with BeMob landing signature
$signature = isset($_GET[SIGNATURE_GET_PARAM]) ? rawurldecode($_GET[SIGNATURE_GET_PARAM]) : exit('Access denied');
if (!$signature = base64_decode($signature)) {
exit('Access denied');
}
if (!$signature = json_decode($signature, true)) {
exit('Access denied');
}
if (!isset($signature['timestamp']) || !isset($signature['hash'])) {
exit('Access denied');
}
$signedHash = hash_hmac('sha1', $signature['timestamp'], LANDING_SECRET_KEY);
if ($signedHash !== $signature['hash'] ||
