function Handle($request) { $transaction_id = $this->GenerateTransactionID(); try { if (!$request["keyId"]) { throw new Exception(sprintf("'%s' parameter is required", "keyId")); } if (!$request["action"]) { throw new Exception(sprintf("'%s' parameter is required", "action")); } // Find API user $key_id = $request["keyId"]; if (CONFIG::$API_KEY_ID && CONFIG::$API_KEY_ID == $key_id) { if (!CONFIG::$API_ENABLED) { throw new Exception("API is turned off. You can enable it in Settings -> API settings"); } $key = CONFIG::$API_KEY; $allowed_ips = CONFIG::$API_ALLOWED_IPS; $this->ServiceImpl->SetAdminAccessMode(); $this->user_id = -1; } else { $Client = Client::LoadByApiKeyID($key_id); if (!$Client->GetSettingValue(ClientSettings::API_ENABLED)) { throw new Exception("API is turned off. You can enable it in Settings -> API settings"); } $key = $Client->GetSettingValue(ClientSettings::API_KEY); $allowed_ips = $Client->GetSettingValue(ClientSettings::API_ALLOWED_IPS); $this->ServiceImpl->SetUserAccessMode($Client->ID); $this->user_id = $Client->ID; } $this->key_id = $key_id; $this->key = $key; // Check IP access if ($allowed_ips && !$this->CheckIPAccess(explode(",", $allowed_ips))) { throw new Exception(sprintf(_("Access to the API is not allowed from your IP '%s'"), $_SERVER['REMOTE_ADDR'])); } // Validate request signature //$this->ValidateSignature($request); // Call method $method_name = ucfirst($request["action"]); if (!method_exists($this->ServiceImpl, $method_name)) { throw new Exception(sprintf("Unknown action %s", $request["action"])); } $result = $this->ServiceImpl->{$method_name}($request); $result->transactionId = $transaction_id; // Write response $Doc = new DOMDocument('1.0', 'UTF-8'); $Doc->loadXML("<" . strtolower($method_name[0]) . substr($method_name, 1) . "Response/>"); $this->ObjectToXML($result, $Doc->documentElement, $Doc); $response = $Doc->saveXML(); } catch (Exception $e) { header("HTTP/1.1 500 Internal Server Error"); $result = new stdClass(); $result->message = $e->getMessage(); $result->transactionId = $transaction_id; $Doc = new DOMDocument('1.0', 'UTF-8'); $Doc->loadXML("<error/>"); $this->ObjectToXML($result, $Doc->documentElement, $Doc); $response = $Doc->saveXML(); $error_trace = $e->getTraceAsString(); } $this->Log($transaction_id, $request['action'], $_SERVER["REMOTE_ADDR"], $request, $response, $error_trace, $this->user_id); header("Content-type: text/xml"); header("Content-length: " . strlen($response)); print $response; die; }