-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathindex.php
More file actions
102 lines (83 loc) · 2.82 KB
/
Copy pathindex.php
File metadata and controls
102 lines (83 loc) · 2.82 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
<?php
require_once __DIR__ . '/config/consts.php';
$origin = $_SERVER['HTTP_ORIGIN'] ?? '';
if (in_array($origin, ALLOWED_ORIGINS, true)) {
header('Access-Control-Allow-Origin: ' . $origin);
header('Vary: Origin');
header('Access-Control-Allow-Methods: GET, POST, OPTIONS');
header('Access-Control-Allow-Headers: Content-Type, Authorization');
}
if ($_SERVER['REQUEST_METHOD'] === 'OPTIONS') {
http_response_code(in_array($origin, ALLOWED_ORIGINS, true) ? 204 : 403);
exit();
}
$connection = null;
$error = 1;
$error_message = '';
$error_code = 'unknown';
$path = 'ihome/';
$res = $result_data = [];
$menu = [];
if (file_exists(__DIR__ . '/config/config.php')) {
require_once __DIR__ . '/config/config.php';
}
require_once __DIR__ . '/ihome/vendor/autoload.php';
require_once __DIR__ . '/ihome/classes/autoload.php';
try {
if (!$connection) {
throw new ApiException('No database connection', 500);
}
else {
header('Content-Type:application/json');
$menu = $_SERVER["REQUEST_URI"];
if (substr($menu, -1) <> '/') {
$menu = $menu . '/';
}
$menu = explode("/", $menu);
// exec api method
try {
$token_in = getparam('token');
// В рабочем проекте токен проверяется по данным из базы данных с использованием внутренней логики авторизации.
if ((string) $token_in !== DEMO_ACCESS_TOKEN) {
API::throwAccessDenied();
}
$allowed_modules = ['interface']; // whitelist
$module = basename($menu[2] ?? '');
if (!in_array($module, $allowed_modules, true)) {
API::throwUnknown('Not found');
}
include($path . $module . '.php');
} catch (ApiReturnException $e) {
$error_message = $e->getMessage();
$error = 0;
$error_code = $e->getErrorCode();
} catch (ApiException $e) {
$error_message = $e->getMessage();
$error = 1;
$error_code = $e->getErrorCode();
}
$res['command'] = ($menu[2] ?? '') . '->' . ($menu[3] ?? '');
$res['error'] = $error;
if ($error === 1) {
$res['error_code'] = $error_code ?? 'unknown';
}
$res['message'] = $error_message;
$res['data'] = $result_data ?? null;
echo json_encode($res);
}
}
catch (Throwable $e) {
$result_data = [
'command' => ($menu[2] ?? '') . '->' . ($menu[3] ?? ''),
'error' => 1,
'message' => API::MESSAGES[API::BAD_REQUEST],
'data' => null
];
echo json_encode($result_data);
}
finally {
if ($connection !== null) {
pg_close($connection);
}
}
?>