Login   Register  
PHP Classes
elePHPant
Icontem

File: engine/handler.api.php

Recommend this page to a friend!
Stumble It! Stumble It! Bookmark in del.icio.us Bookmark in del.icio.us
  Classes of Kristo Vaher  >  Wave Framework  >  engine/handler.api.php  >  Download  
File: engine/handler.api.php
Role: Application script
Content type: text/plain
Description: API Handler
Class: Wave Framework
MVC framework for building Web sites and APIs
Author: By
Last change: It is now possible to define a sitemap URL that does not return a View or even HTML. This is useful for API requests that require a specific target URL without GET parameters. It is now also possible to synchronize timestamps when creating an API session. Factory MVC loading now uses a wrapper method that reduces near-duplicate code. Version numbers of API and system version are now consistent with one another.
Date: 1 year ago
Size: 6,336 bytes
 

Contents

Class file image Download
<?php

/**
 * Wave Framework <http://www.waveframework.com>
 * API Handler
 *
 * API Handler is loaded whenever a HTTP request is made to *.api extension. API Handler takes all 
 * the input from GET, POST, FILES; SESSION and COOKIE variables, loads Wave Framework API and sends 
 * all the input to the API and then returns the result to the user agent. By default the API Handler 
 * returns data in JSON format. It also loads Database class for additional functionality.
 *
 * @package    Index Gateway
 * @author     Kristo Vaher <kristo@waher.net>
 * @copyright  Copyright (c) 2012, Kristo Vaher
 * @license    GNU Lesser General Public License Version 3
 * @tutorial   /doc/pages/handler_api.htm
 * @since      1.5.0
 * @version    3.7.0
 */

//INITIALIZATION

    // Stopping all requests that did not come from Index Gateway
    
if(!isset($resourceAddress)){
        
header('HTTP/1.1 403 Forbidden');
        die();
    }

    
// State class is used by API and Factory created objects to keep track of request state
    
require(__ROOT__.'engine'.DIRECTORY_SEPARATOR.'class.www-state.php');
    
$state=new WWW_State($config);
    
// DATABASE AND SESSIONS

    // This holds link to database
    
$databaseConnection=false;
    
    
// Connecting to database, if configuration is set
    
if(isset($config['database-name'],$config['database-type'],$config['database-host'],$config['database-username'],$config['database-password'])){
        
// Including the required class and creating the object
        
require(__ROOT__.'engine'.DIRECTORY_SEPARATOR.'class.www-database.php');
        
$databaseConnection=new WWW_Database($config['database-type'],$config['database-host'],$config['database-name'],$config['database-username'],$config['database-password'],((isset($config['database-errors']))?$config['database-errors']:false),((isset($config['database-persistent']))?$config['database-persistent']:false));
        
// Passing the database to State object
        
$state->databaseConnection=$databaseConnection;
    }
    
    
// Loading sessions class
    
require(__ROOT__.'engine'.DIRECTORY_SEPARATOR.'class.www-sessions.php');
    
// Loading sessions class with the session namespace
    
$state->sessionHandler=new WWW_Sessions($state->data['session-name'],$state->data['session-lifetime'],$databaseConnection);
    
// Assigning session data to State
    
if(!empty($state->sessionHandler->sessionData)){
        
$state->data['session-original-data']=$state->sessionHandler->sessionData;
        
$state->data['session-data']=$state->sessionHandler->sessionData;
    }
    
// AUTOLOAD AND SESSIONS FUNCTIONALITY

    // This functions file is not required, but can be used for system wide functions
    // If you want to include additional libraries, do so here
    
if(file_exists(__ROOT__.'overrides'.DIRECTORY_SEPARATOR.'resources'.DIRECTORY_SEPARATOR.'scripts'.DIRECTORY_SEPARATOR.'script.php')){
        require(
__ROOT__.'overrides'.DIRECTORY_SEPARATOR.'resources'.DIRECTORY_SEPARATOR.'scripts'.DIRECTORY_SEPARATOR.'script.php');
    } elseif(
file_exists(__ROOT__.'resources'.DIRECTORY_SEPARATOR.'scripts'.DIRECTORY_SEPARATOR.'script.php')){
        require(
__ROOT__.'resources'.DIRECTORY_SEPARATOR.'scripts'.DIRECTORY_SEPARATOR.'script.php');
    }
    
// LOADING API AND GATHERING INPUT DATA

    // API is used to process all requests and it handles caching and API validations
    
require(__ROOT__.'engine'.DIRECTORY_SEPARATOR.'class.www-api.php');
    
$api=new WWW_API($state);

    
// All the data sent by the user agent is stored in this variable
    
$inputData=array();

    
// If additional data was sent as part of input stream
    
if($state->data['http-input']){
        
// If state has converted the stream to array (if it was in XML or JSON format)
        
if(is_array($state->data['http-input']) && !empty($state->data['http-input'])){
            
$inputData=$state->data['http-input'];
        } else {
            
$inputData['www-data']=$state->data['http-input'];
        }
    }
    
    
// This holds information about API validation and its exceptions
    
$validationExceptions=array();
    
    
// All the data sent by user agent is added here and merged into one array
    
if(!empty($_POST)){
        
$inputData+=$_POST
    }
    if(!empty(
$_GET)){ 
        
$inputData+=$_GET
    }
    if(!empty(
$_COOKIE)){ 
        foreach(
$_COOKIE as $key=>$cookie){
            
// This is a security measure to make sure that only actual cookies can be negated from validation
            
if(!isset($inputData[$key])){
                
$inputData[$key]=$cookie;
                
// Cookies are not part of input data validation, so they are added to exceptions
                
$validationExceptions[]=$key;
            }
        }
    }
    if(!empty(
$_FILES)){
        foreach(
$_FILES as $key=>$file){
            
// This is a security measure to make sure that only uploaded files can be negated from validation
            
if(!isset($inputData[$key])){
                
$inputData[$key]=$file;
                
// File uploads are not part of input data validation, so they are added to exceptions
                
$validationExceptions[]=$key;
            }
        }
    }
    
    
// Removing input stream related data that was read in the previous section
    
if($state->data['http-input']){
        
// Removing input stream related data
        
unset($inputData['www-xml'],$inputData['www-json']);
    }
    
// SENDING COMMAND TO API

    // Setting current API profile in state
    
if(isset($inputData['www-profile']) && $inputData['www-profile']!=$state->data['api-public-profile']){
        
$state->data['api-profile']=$inputData['www-profile'];
    } else {
        
$state->data['api-profile']=$state->data['api-public-profile'];
    }
    
    
// API command is executed with all the data that was sent by the user agent, along with other www-* settings
    
$api->command($inputData,false,((!empty($validationExceptions))?$validationExceptions:true),true);
    
// LOGGER
    
    // API Logging
    
if(isset($config['api-logging']) && $config['api-logging']!=false && isset($inputData['www-command']) && ((in_array('*',$config['api-logging']) && !in_array('!'.$state->data['api-profile'],$config['api-logging'])) || in_array($state->data['api-profile'],$config['api-logging']))){
        
file_put_contents(__ROOT__.'filesystem'.DIRECTORY_SEPARATOR.'logs'.DIRECTORY_SEPARATOR.'api.tmp',$state->data['request-time']."\t".$state->data['api-profile']."\t".$inputData['www-command']."\n",FILE_APPEND);
    }

    
// Logger notifications
    
if(isset($logger)){
        
$logger->setCustomLogData(array('category'=>'API['.$apiHandler.']','api-profile'=>$state->data['api-profile'],'database-query-count'=>(($databaseConnection)?$databaseConnection->queryCounter:0))+$api->apiLoggerData);
        
$logger->writeLog();
    }

?>