Frequently Asked Questions (FAQ)

Postback Validation


declare(strict_types = 1);

class validatePostBack{
	private ?string $secretKey = null;
	private ?string $payload = null;
	private ?string $signature = null;
	private string $entityBody;
	private array $requestData = [];
	public function __construct(){
		$this->entityBody = file_get_contents('php://input');
		$this->requestData = json_decode($this->entityBody, true);
	public function setSecretKey(string $key): void{
		$this->secretKey = $key;
	private function getHeaders(): array{
		return array_change_key_case(getallheaders(), CASE_LOWER);
	private function checkHeaders(): void{
		$headers = $this->getHeaders();
		$this->payload = $headers["dmntopsite-timestamp"] . "\n" . $headers["dmntopsite-nonce"] . "\n" . $this->entityBody . "\n";
		$this->signature = base64_decode($headers["dmntopsite-signature"]);
	public function verifyRequest(): bool{
		$computedSignature = hash_hmac('sha256', $this->payload, $this->secretKey);

		return hash_equals($computedSignature, $this->signature);
	public function data(): array{
		return $this->requestData;

$secretKey = 'your secret key';
$validatePostBack = new validatePostBack;

if($validatePostBack->verifyRequest() === true){
	//postback request validated
	//parse data run your code
	$data = $validatePostBack->data();
	$timeStamp = $data['timestamp']; //unix timestamp of user vote time
	$ip = $data['ip']; //user ip
	$user = $data['user']; //custom parameter
	echo 'SUCCESS'; // return SUCCESS
	//signature verification failed
	echo 'FAILED';

We reset votes every 12 hours so you and your players may vote twice every day. There will be no warning or notification in case you try to re-vote earlier and the vote won't count.