Projekte/web-base
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

code cleanup

Browse Source
This commit is contained in:
Roman
2021-04-02 21:58:06 +02:00
parent 4a52ab2fd7
commit eea0aeacc6
67 changed files with 472 additions and 425 deletions
Download Patch File Download Diff File Expand all files Collapse all files

83
core/Api/Request.class.php
View File

@@ -41,33 +41,34 @@ class Request {
protected function forbidMethod($method) {
if (($key = array_search($method, $this->allowedMethods)) !== false) {
unset($this->allowedMethods[$key]);
unset($this->allowedMethods[$key]);
}
}
public function parseParams($values) {
public function parseParams($values): bool {
foreach($this->params as $name => $param) {
foreach ($this->params as $name => $param) {
$value = $values[$name] ?? NULL;
$isEmpty = (is_string($value) && strlen($value) === 0) || (is_array($value) && empty($value));
if(!$param->optional && (is_null($value) || $isEmpty)) {
if (!$param->optional && (is_null($value) || $isEmpty)) {
return $this->createError("Missing parameter: $name");
}
if(!is_null($value) && !$isEmpty) {
if(!$param->parseParam($value)) {
if (!is_null($value) && !$isEmpty) {
if (!$param->parseParam($value)) {
$value = print_r($value, true);
return $this->createError("Invalid Type for parameter: $name '$value' (Required: " . $param->getTypeName() . ")");
}
}
}
return true;
}
public function parseVariableParams($values) {
foreach($values as $name => $value) {
if(isset($this->params[$name])) continue;
foreach ($values as $name => $value) {
if (isset($this->params[$name])) continue;
$type = Parameter\Parameter::parseType($value);
$param = new Parameter\Parameter($name, $type, true);
$param->parseParam($value);
@@ -75,19 +76,19 @@ class Request {
}
}
public function execute($values = array()) {
public function execute($values = array()): bool {
$this->params = $this->aDefaultParams;
$this->success = false;
$this->result = array();
$this->lastError = '';
if($this->user->isLoggedIn()) {
if ($this->user->isLoggedIn()) {
$this->result['logoutIn'] = $this->user->getSession()->getExpiresSeconds();
}
if($this->externalCall) {
if ($this->externalCall) {
$values = $_REQUEST;
if($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_SERVER["CONTENT_TYPE"]) && in_array("application/json", explode(";", $_SERVER["CONTENT_TYPE"]))) {
if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_SERVER["CONTENT_TYPE"]) && in_array("application/json", explode(";", $_SERVER["CONTENT_TYPE"]))) {
$jsonData = json_decode(file_get_contents('php://input'), true);
if ($jsonData) {
$values = array_merge($values, $jsonData);
@@ -99,34 +100,34 @@ class Request {
}
}
if($this->isDisabled) {
if ($this->isDisabled) {
$this->lastError = "This function is currently disabled.";
return false;
}
if($this->externalCall && !$this->isPublic) {
if ($this->externalCall && !$this->isPublic) {
$this->lastError = 'This function is private.';
header('HTTP 1.1 403 Forbidden');
return false;
}
if(!in_array($_SERVER['REQUEST_METHOD'], $this->allowedMethods)) {
if (!in_array($_SERVER['REQUEST_METHOD'], $this->allowedMethods)) {
$this->lastError = 'This method is not allowed';
header('HTTP 1.1 405 Method Not Allowed');
return false;
}
if($this->externalCall) {
if ($this->externalCall) {
$apiKeyAuthorized = false;
// Logged in or api key authorized?
if ($this->loginRequired) {
if(isset($values['api_key']) && $this->apiKeyAllowed) {
if (isset($values['api_key']) && $this->apiKeyAllowed) {
$apiKey = $values['api_key'];
$apiKeyAuthorized = $this->user->authorize($apiKey);
}
if(!$this->user->isLoggedIn() && !$apiKeyAuthorized) {
if (!$this->user->isLoggedIn() && !$apiKeyAuthorized) {
$this->lastError = 'You are not logged in.';
header('HTTP 1.1 401 Unauthorized');
return false;
@@ -134,7 +135,7 @@ class Request {
}
// CSRF Token
if($this->csrfTokenRequired && $this->user->isLoggedIn()) {
if ($this->csrfTokenRequired && $this->user->isLoggedIn()) {
// csrf token required + external call
// if it's not a call with API_KEY, check for csrf_token
if (!isset($values["csrf_token"]) || strcmp($values["csrf_token"], $this->user->getSession()->getCsrfToken()) !== 0) {
@@ -155,13 +156,15 @@ class Request {
}
}
if(!$this->parseParams($values))
if (!$this->parseParams($values)) {
return false;
}
if($this->variableParamCount)
if ($this->variableParamCount) {
$this->parseVariableParams($values);
}
if(!$this->user->getSQL()->isConnected()) {
if (!$this->user->getSQL()->isConnected()) {
$this->lastError = $this->user->getSQL()->getLastError();
return false;
}
@@ -171,23 +174,39 @@ class Request {
return true;
}
protected function createError($err) {
protected function createError($err): bool {
$this->success = false;
$this->lastError = $err;
return false;
}
protected function getParam($name) {
return isset($this->params[$name]) ? $this->params[$name]->value : NULL;
return $this->params[$name] ?? NULL;
}
public function isPublic() { return $this->isPublic; }
public function getLastError() { return $this->lastError; }
public function getResult() { return $this->result; }
public function success() { return $this->success; }
public function loginRequired() { return $this->loginRequired; }
public function isExternalCall() { return $this->externalCall; }
public function clearError() { $this->success = true; $this->lastError = ""; }
public function isPublic(): bool {
return $this->isPublic;
}
public function getLastError(): string {
return $this->lastError;
}
public function getResult(): array {
return $this->result;
}
public function success(): bool {
return $this->success;
}
public function loginRequired(): bool {
return $this->loginRequired;
}
public function isExternalCall(): bool {
return $this->externalCall;
}
private function getMethod() {
$class = str_replace("\\", "/", get_class($this));
@@ -195,7 +214,7 @@ class Request {
return $class;
}
public function getJsonResult() {
public function getJsonResult(): string {
$this->result['success'] = $this->success;
$this->result['msg'] = $this->lastError;
return json_encode($this->result);