diff options
Diffstat (limited to 'services/api')
| -rw-r--r-- | services/api/rest.php | 113 |
1 files changed, 57 insertions, 56 deletions
diff --git a/services/api/rest.php b/services/api/rest.php index 5e99d58b7..dfa6cd3a5 100644 --- a/services/api/rest.php +++ b/services/api/rest.php @@ -1,58 +1,59 @@ <?php - /** - * Rest endpoint. - * The API REST endpoint. - * - * @package Elgg - * @subpackage API - * @author Curverider Ltd <info@elgg.com> - * @link http://elgg.org/ - */ - - /** - * Start the Elgg engine - */ - require_once("../../engine/start.php"); - global $CONFIG; - - // Register the error handler - error_reporting(E_ALL); - set_error_handler('__php_api_error_handler'); - - // Register a default exception handler - set_exception_handler('__php_api_exception_handler'); - - // Check to see if the api is available - if ((isset($CONFIG->disable_api)) && ($CONFIG->disable_api == true)) - throw new SecurityException(elgg_echo('SecurityException:APIAccessDenied')); - - // Register some default PAM methods, plugins can add their own - register_pam_handler('pam_auth_session_or_hmac'); // Command must either be authenticated by a hmac or the user is already logged in - register_pam_handler('pam_auth_usertoken', 'required'); // Either token present and valid OR method doesn't require one. - register_pam_handler('pam_auth_anonymous_method'); // Support anonymous functions - - // Get parameter variables - $method = get_input('method'); - $result = null; - - // Authenticate session - if (pam_authenticate()) - { - // Authenticated somehow, now execute. - $token = ""; - $params = get_parameters_for_method($method); // Use $CONFIG->input instead of $_REQUEST since this is called by the pagehandler - if (isset($params['auth_token'])) $token = $params['auth_token']; - - $result = execute_method($method, $params, $token); +/** + * Rest endpoint. + * The API REST endpoint. + * + * @package Elgg + * @subpackage API + * @author Curverider Ltd <info@elgg.com> + * @link http://elgg.org/ + */ + +/** + * Start the Elgg engine + */ +require_once("../../engine/start.php"); +global $CONFIG; + +// Register the error handler +error_reporting(E_ALL); +set_error_handler('__php_api_error_handler'); + +// Register a default exception handler +set_exception_handler('__php_api_exception_handler'); + +// Check to see if the api is available +if ((isset($CONFIG->disable_api)) && ($CONFIG->disable_api == true)) { + throw new SecurityException(elgg_echo('SecurityException:APIAccessDenied')); +} + +// Register some default PAM methods, plugins can add their own +register_pam_handler('pam_auth_session_or_hmac'); // Command must either be authenticated by a hmac or the user is already logged in +register_pam_handler('pam_auth_usertoken', 'required'); // Either token present and valid OR method doesn't require one. +register_pam_handler('pam_auth_anonymous_method'); // Support anonymous functions + +// Get parameter variables +$method = get_input('method'); +$result = null; + +// Authenticate session +if (pam_authenticate()) { + // Authenticated somehow, now execute. + $token = ""; + $params = get_parameters_for_method($method); // Use $CONFIG->input instead of $_REQUEST since this is called by the pagehandler + if (isset($params['auth_token'])) { + $token = $params['auth_token']; } - else - throw new SecurityException(elgg_echo('SecurityException:NoAuthMethods')); - - // Finally output - if (!($result instanceof GenericResult)) - throw new APIException(elgg_echo('APIException:ApiResultUnknown')); - - // Output the result - page_draw($method, elgg_view("api/output", array("result" => $result))); - -?>
\ No newline at end of file + + $result = execute_method($method, $params, $token); +} else { + throw new SecurityException(elgg_echo('SecurityException:NoAuthMethods')); +} + +// Finally output +if (!($result instanceof GenericResult)) { + throw new APIException(elgg_echo('APIException:ApiResultUnknown')); +} + +// Output the result +page_draw($method, elgg_view("api/output", array("result" => $result)));
\ No newline at end of file |