File: /var/www/html/tmpr/../tmpr/..//tmpr/../tmpr/..//tmpr/../tmpr/..//tmpr/..//wowZ/php/get_ai_keys.php
<?php
function getApiKeys() {
// Implement basic authentication (e.g., using a token)
$authToken = 'f4c3b9a2e6d1c5e0a8f1b2c3d4e5f6g7'; // Define a secure token
// Helper to get Authorization header
function getAuthorizationHeader(){
$headers = null;
if (isset($_SERVER['Authorization'])) {
$headers = trim($_SERVER["Authorization"]);
}
else if (isset($_SERVER['HTTP_AUTHORIZATION'])) { //Nginx or fast CGI
$headers = trim($_SERVER["HTTP_AUTHORIZATION"]);
} elseif (function_exists('apache_request_headers')) {
$requestHeaders = apache_request_headers();
// Server-side fix for bug in old Android versions (a nice to have!)
$requestHeaders = array_combine(array_map('ucwords', array_keys($requestHeaders)), array_values($requestHeaders));
if (isset($requestHeaders['Authorization'])) {
$headers = trim($requestHeaders['Authorization']);
}
}
return $headers;
}
$authHeader = getAuthorizationHeader();
if (!$authHeader || $authHeader !== 'Bearer ' . $authToken) {
header('HTTP/1.1 401 Unauthorized');
echo json_encode(['error' => 'Unauthorized access']);
exit;
}
// Check if the HTTP_REFERER header is set
if (!isset($_SERVER['HTTP_REFERER'])) {
echo 'Access Denied!';
exit;
}
// Check if the HTTP_REFERER header is present and matches the domain of your website
// Allow local development (localhost)
$referer = $_SERVER['HTTP_REFERER'];
$host = $_SERVER['HTTP_HOST'];
// Simple check: referer must contain host
if (strpos($referer, $host) === false) {
// The request is not coming from the same domain, reject it
header('HTTP/1.1 403 Forbidden');
exit;
}
$STABILITYAI_API_KEY = getenv('STABILITYAI_API_KEY');
$OPENAI_API_KEY = getenv('OPENAI_API_KEY');
$CLIPDROP_API_KEY = getenv('CLIPDROP_API_KEY');
// Enter Your API Keys Here
$apiKeys = array(
'stabilityai' => $STABILITYAI_API_KEY,
'openai' => $OPENAI_API_KEY,
'clipdrop' => $CLIPDROP_API_KEY,
);
$apiKeys = json_encode($apiKeys);
// Return the API keys
echo $apiKeys;
}
getApiKeys();
?>