PHP Classes
elePHPant
Icontem

File: engine/handler.api.php

Recommend this page to a friend!
Stumble It! Stumble It! Bookmark in del.icio.us Bookmark in del.icio.us
  Classes of Kristo Vaher  >  Wave Framework  >  engine/handler.api.php  >  Download  
File: engine/handler.api.php
Role: Application script
Content type: text/plain
Description: API Handler
Class: Wave Framework
MVC framework for building Web sites and APIs
Author: By
Last change: It is now possible to define a sitemap URL that does not return a View or even HTML. This is useful for API requests that require a specific target URL without GET parameters. It is now also possible to synchronize timestamps when creating an API session. Factory MVC loading now uses a wrapper method that reduces near-duplicate code. Version numbers of API and system version are now consistent with one another.
Date: 2 years ago
Size: 6,336 bytes
 

Contents

Class file image Download
<?php

/**
 * Wave Framework <http://www.waveframework.com>
 * API Handler
 *
 * API Handler is loaded whenever a HTTP request is made to *.api extension. API Handler takes all
 * the input from GET, POST, FILES; SESSION and COOKIE variables, loads Wave Framework API and sends
 * all the input to the API and then returns the result to the user agent. By default the API Handler
 * returns data in JSON format. It also loads Database class for additional functionality.
 *
 * @package Index Gateway
 * @author Kristo Vaher <kristo@waher.net>
 * @copyright Copyright (c) 2012, Kristo Vaher
 * @license GNU Lesser General Public License Version 3
 * @tutorial /doc/pages/handler_api.htm
 * @since 1.5.0
 * @version 3.7.0
 */

//INITIALIZATION

    // Stopping all requests that did not come from Index Gateway
   
if(!isset($resourceAddress)){
       
header('HTTP/1.1 403 Forbidden');
        die();
    }

   
// State class is used by API and Factory created objects to keep track of request state
   
require(__ROOT__.'engine'.DIRECTORY_SEPARATOR.'class.www-state.php');
   
$state=new WWW_State($config);
   
// DATABASE AND SESSIONS

    // This holds link to database
   
$databaseConnection=false;
   
   
// Connecting to database, if configuration is set
   
if(isset($config['database-name'],$config['database-type'],$config['database-host'],$config['database-username'],$config['database-password'])){
       
// Including the required class and creating the object
       
require(__ROOT__.'engine'.DIRECTORY_SEPARATOR.'class.www-database.php');
       
$databaseConnection=new WWW_Database($config['database-type'],$config['database-host'],$config['database-name'],$config['database-username'],$config['database-password'],((isset($config['database-errors']))?$config['database-errors']:false),((isset($config['database-persistent']))?$config['database-persistent']:false));
       
// Passing the database to State object
       
$state->databaseConnection=$databaseConnection;
    }
   
   
// Loading sessions class
   
require(__ROOT__.'engine'.DIRECTORY_SEPARATOR.'class.www-sessions.php');
   
// Loading sessions class with the session namespace
   
$state->sessionHandler=new WWW_Sessions($state->data['session-name'],$state->data['session-lifetime'],$databaseConnection);
   
// Assigning session data to State
   
if(!empty($state->sessionHandler->sessionData)){
       
$state->data['session-original-data']=$state->sessionHandler->sessionData;
       
$state->data['session-data']=$state->sessionHandler->sessionData;
    }
   
// AUTOLOAD AND SESSIONS FUNCTIONALITY

    // This functions file is not required, but can be used for system wide functions
    // If you want to include additional libraries, do so here
   
if(file_exists(__ROOT__.'overrides'.DIRECTORY_SEPARATOR.'resources'.DIRECTORY_SEPARATOR.'scripts'.DIRECTORY_SEPARATOR.'script.php')){
        require(
__ROOT__.'overrides'.DIRECTORY_SEPARATOR.'resources'.DIRECTORY_SEPARATOR.'scripts'.DIRECTORY_SEPARATOR.'script.php');
    } elseif(
file_exists(__ROOT__.'resources'.DIRECTORY_SEPARATOR.'scripts'.DIRECTORY_SEPARATOR.'script.php')){
        require(
__ROOT__.'resources'.DIRECTORY_SEPARATOR.'scripts'.DIRECTORY_SEPARATOR.'script.php');
    }
   
// LOADING API AND GATHERING INPUT DATA

    // API is used to process all requests and it handles caching and API validations
   
require(__ROOT__.'engine'.DIRECTORY_SEPARATOR.'class.www-api.php');
   
$api=new WWW_API($state);

   
// All the data sent by the user agent is stored in this variable
   
$inputData=array();

   
// If additional data was sent as part of input stream
   
if($state->data['http-input']){
       
// If state has converted the stream to array (if it was in XML or JSON format)
       
if(is_array($state->data['http-input']) && !empty($state->data['http-input'])){
           
$inputData=$state->data['http-input'];
        } else {
           
$inputData['www-data']=$state->data['http-input'];
        }
    }
   
   
// This holds information about API validation and its exceptions
   
$validationExceptions=array();
   
   
// All the data sent by user agent is added here and merged into one array
   
if(!empty($_POST)){
       
$inputData+=$_POST;
    }
    if(!empty(
$_GET)){
       
$inputData+=$_GET;
    }
    if(!empty(
$_COOKIE)){
        foreach(
$_COOKIE as $key=>$cookie){
           
// This is a security measure to make sure that only actual cookies can be negated from validation
           
if(!isset($inputData[$key])){
               
$inputData[$key]=$cookie;
               
// Cookies are not part of input data validation, so they are added to exceptions
               
$validationExceptions[]=$key;
            }
        }
    }
    if(!empty(
$_FILES)){
        foreach(
$_FILES as $key=>$file){
           
// This is a security measure to make sure that only uploaded files can be negated from validation
           
if(!isset($inputData[$key])){
               
$inputData[$key]=$file;
               
// File uploads are not part of input data validation, so they are added to exceptions
               
$validationExceptions[]=$key;
            }
        }
    }
   
   
// Removing input stream related data that was read in the previous section
   
if($state->data['http-input']){
       
// Removing input stream related data
       
unset($inputData['www-xml'],$inputData['www-json']);
    }
   
// SENDING COMMAND TO API

    // Setting current API profile in state
   
if(isset($inputData['www-profile']) && $inputData['www-profile']!=$state->data['api-public-profile']){
       
$state->data['api-profile']=$inputData['www-profile'];
    } else {
       
$state->data['api-profile']=$state->data['api-public-profile'];
    }
   
   
// API command is executed with all the data that was sent by the user agent, along with other www-* settings
   
$api->command($inputData,false,((!empty($validationExceptions))?$validationExceptions:true),true);
   
// LOGGER
   
    // API Logging
   
if(isset($config['api-logging']) && $config['api-logging']!=false && isset($inputData['www-command']) && ((in_array('*',$config['api-logging']) && !in_array('!'.$state->data['api-profile'],$config['api-logging'])) || in_array($state->data['api-profile'],$config['api-logging']))){
       
file_put_contents(__ROOT__.'filesystem'.DIRECTORY_SEPARATOR.'logs'.DIRECTORY_SEPARATOR.'api.tmp',$state->data['request-time']."\t".$state->data['api-profile']."\t".$inputData['www-command']."\n",FILE_APPEND);
    }

   
// Logger notifications
   
if(isset($logger)){
       
$logger->setCustomLogData(array('category'=>'API['.$apiHandler.']','api-profile'=>$state->data['api-profile'],'database-query-count'=>(($databaseConnection)?$databaseConnection->queryCounter:0))+$api->apiLoggerData);
       
$logger->writeLog();
    }

?>