-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathindex.php
More file actions
104 lines (86 loc) · 3.51 KB
/
index.php
File metadata and controls
104 lines (86 loc) · 3.51 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
<?php
ini_set('session.gc_maxlifetime', 60 * 60 * 24 * 30);
session_set_cookie_params(60 * 60 * 24 * 30);
session_start();
error_reporting(E_ALL);
ini_set('display_errors', 0);
require 'utils.php';
require 'vendor/autoload.php'; // Include the Composer autoload file
use Dotenv\Dotenv;
// Load the .env file
$dotenv = Dotenv::createImmutable(__DIR__);
$dotenv->load();
$allowedOrigins = explode(',', $_ENV['ACCESS_CONTROL_ALLOW_ORIGIN']);
$origin = isset($_SERVER['HTTP_ORIGIN']) ? $_SERVER['HTTP_ORIGIN'] : '';
// Check if the origin is in the allowed origins
if (in_array($origin, $allowedOrigins)) {
header("Access-Control-Allow-Origin: $origin");
}
header("Access-Control-Allow-Methods: GET, POST, OPTIONS, DELETE");
header("Access-Control-Allow-Headers: Content-Type, Authorization, X-Jms-Api-Key, X-Jms-Interface-Hash");
header("Access-Control-Allow-Credentials: true");
header('Content-Type: application/json');
// Respond with a 200 OK status for preflight requests
if ($_SERVER['REQUEST_METHOD'] == 'OPTIONS') {
http_response_code(200);
exit();
}
$requestUri = $_SERVER['REQUEST_URI'];
$requestPath = parse_url($requestUri);
$requestPath = trim($requestPath['path'], '/');
$splitRequestUri = explode('/', $requestPath);
$controllerName = ucfirst($splitRequestUri[0]) . 'Controller';
$srcPath = __DIR__ . '/src/controllers/' . $controllerName . '.php';
// Check if the requested script exists
if (file_exists($srcPath)) {
try {
require_once 'src/controllers/BaseController.php';
require_once 'src/controllers/RestfulController.php';
require_once $srcPath;
$controller = new $controllerName();
$actionName = null;
$params = [];
if ($_SERVER['REQUEST_METHOD'] === 'GET') {
$actionName = count($splitRequestUri) < 2 ? 'index' : 'get';
} elseif ($_SERVER['REQUEST_METHOD'] === 'POST') {
$actionName = count($splitRequestUri) === 2 ? 'update' : 'create';
} elseif ($_SERVER['REQUEST_METHOD'] === 'PUT' && count($splitRequestUri) === 2) {
$actionName = 'update';
} elseif ($_SERVER['REQUEST_METHOD'] === 'DELETE') {
$actionName = 'delete';
}
for ($i = 1; $i < count($splitRequestUri); $i++) {
$words = explode('-', $splitRequestUri[$i]);
$camelCase = strtolower(array_shift($words));
foreach ($words as $word) {
$camelCase .= ucfirst($word);
}
if ($i === 1 && method_exists($controller, $camelCase . 'Action')) {
$actionName = $camelCase;
} elseif (count($splitRequestUri) === 2) {
$params = [$splitRequestUri[1]];
} elseif ($i > 1) {
$params = array_slice($splitRequestUri, 2);
}
}
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
$json = file_get_contents('php://input');
$data = json_decode($json);
if (json_last_error() !== JSON_ERROR_NONE) {
throwError(400, 'Invalid JSON');
}
$params[] = $data;
}
$reflection = new ReflectionMethod($controllerName, $actionName . 'Action');
if (count($params) != $reflection->getNumberOfParameters()) {
throwError(400, 'Invalid API call');
}
$controller->{$actionName . 'Action'}(...$params);
} catch (\Exception $e) {
http_response_code($e->getCode());
throwError(500, $e->getMessage());
exit;
}
} else {
throwError(404, "404 Not Found");
}