Here is an example for webhooks that you can use as a basis to modify the method for eventsub https://github.com/BarryCarlyon/twitch_misc/blob/main/webhooks/handlers/php/index.php
The method to validate is similar. So this should help you convert to eventsub
$raw_data = file_get_contents('php://input');
PHP would use hash_hmac - PHP: hash_hmac - Manual
$our_signature = hash_hmac($protocol, $raw_data, WEBHOOKS_SECRET);
For eventsub rather than just $raw_data you would have to string concat the needed headers (id/timestamp) and the raw data. Before passing to hash_hmac