diff --git a/fulcrm_webhook.module b/fulcrm_webhook.module index 291592d..d2ce2d2 100644 --- a/fulcrm_webhook.module +++ b/fulcrm_webhook.module @@ -49,22 +49,30 @@ function fulcrm_webhook_webhook( $uuid ) { $payload_error_msg = json_last_error_msg(); } - switch ( $method ) { - case 'GET': - drupal_json_output( array( "status" => "error", "info" => "GET requests do nothing; webhooks must be POST, PATCH, PUT, or DELETE" ) ); - break; - case 'DELETE': - case 'POST': - case 'PATCH': - case 'PUT': - if ( $payload === null ) { - // actually do something :) - drupal_json_output( array( 'status' => 'error', 'info' => $payload_error_msg ) ); - } else { - drupal_json_output( array( 'status' => 'ok', 'headers' => $headers, 'method' => $method ) ); + $client_id = variable_get( 'fulcrm_apiv2_client_id' ); + + if ( fulcrm_apiv2_prevent_loop( $headers ) ) { + switch ( $method ) { + case 'GET': + drupal_json_output( array( "status" => "error", "info" => "GET requests do nothing; webhooks must be POST, PATCH, PUT, or DELETE" ) ); + break; + case 'DELETE': + case 'POST': + case 'PATCH': + case 'PUT': + if ( $payload === null ) { + drupal_json_output( array( 'status' => 'error', 'info' => $payload_error_msg ) ); + } else { + // actually do something :) + drupal_json_output( array( 'status' => 'ok', 'headers' => $headers, 'method' => $method ) ); + } + break; + default: + drupal_json_output( array( 'status' => 'error', 'info' => 'unsupported method' ) ); + break; } - break; - default: + } else { + drupal_json_output( array( 'status' => 'ok', 'info' => 'loop prevention' ) ); } } else { drupal_access_denied();