-
Notifications
You must be signed in to change notification settings - Fork 46
/
api.php
60 lines (47 loc) · 1.33 KB
/
api.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
<?php
header('Access-Control-Allow-Origin: *');
header('Access-Control-Allow-Headers: origin, content-type, accept');
header('Content-Type: application/json');
require __DIR__."/bootstrap.php";
if (!isset($_GET["mod"])) {
header("HTTP/1.0 400 Bad Request");
exit;
}
$module = $_GET["mod"];
$action = "index";
if (isset($_GET["a"])) {
$action = $_GET["a"];
}
$storageType = $config->get("storage", "type", "files");
if ($storageType == "db") {
$userStorage = new \App\Storage\Db\User($dbConnection);
} else {
$userStorage = new \App\Storage\File\User(DOCUMENT_ROOT."/var/users.db");
}
// Identification par clé API
$auth = new Auth\ApiKey($userStorage);
if (!$userAuthed = $auth->authenticate()) {
header("HTTP/1.0 401 Unauthorized");
exit;
}
// Si une action de modification de données est demandée, il faut que ce soit
// en POST.
if (in_array($action, array("create", "modify", "delete"))
&& $_SERVER["REQUEST_METHOD"] != "POST") {
header("HTTP/1.0 400 Bad Request");
exit;
}
$init = DOCUMENT_ROOT."/app/".$module."/init.php";
$script = DOCUMENT_ROOT."/app/api/".$module."/".$action.".php";
if (!is_file($script)) {
header("HTTP/1.0 400 Bad Request");
exit;
}
if (is_file($init)) {
require $init;
}
$data = require $script;
if (empty($data)) {
$data = array();
}
echo json_encode($data);