/**
* @param string[] $server
* @param string $path
* @param Perflog|bool $perfLog
*/
public function Process($server, $path, $perfLog = false)
{
if ($perfLog) {
$log = "Session Started\r\n";
$log .= "ID: " . session_id() . "\r\n";
$log .= "IP Address: " . $_SERVER['REMOTE_ADDR'] . "\r\n";
$perfLog->Log($log);
}
$headers = getallheaders();
$method = isset($server['REQUEST_METHOD']) ? $server['REQUEST_METHOD'] : false;
if ($this->LoggedIn()) {
if (!empty($path)) {
$item = array_shift($path);
switch ($item) {
case 'books':
if (empty($path)) {
switch ($method) {
case "GET":
case "POST":
$handler = $method . "_Books";
if (method_exists($this, $handler)) {
$this->{$handler}();
} else {
APIResponse(RESPONSE_404, "Could not find books handler {$handler}.");
}
break;
default:
APIResponse(RESPONSE_400, "Bad book request method.");
break;
}
} else {
$bookID = array_shift($path);
if (!array_key_exists($bookID, $this->Books)) {
$this->RefreshBooks();
}
if (array_key_exists($bookID, $this->Books)) {
$this->Books[$bookID]->Process($server, $path, $headers);
} else {
APIResponse(RESPONSE_404, "Book {$bookID} not found.");
}
}
break;
case 'bars':
if (empty($path)) {
switch ($method) {
case "GET":
case "POST":
$handler = $method . "_Bars";
if (method_exists($this, $handler)) {
$this->{$handler}();
} else {
APIResponse(RESPONSE_404, "Could not find bars handler {$handler}.");
}
break;
default:
APIResponse(RESPONSE_400, "Bad bar request method.");
break;
}
} else {
$barID = array_shift($path);
if (!array_key_exists($barID, $this->Bars)) {
$this->RefreshBars();
}
if (array_key_exists($barID, $this->Bars)) {
$this->Bars[$barID]->Process($server, $path, $headers);
} else {
APIResponse(RESPONSE_404, "Bar {$barID} not found.");
}
}
break;
case 'ingredients':
if (empty($path)) {
switch ($method) {
case "GET":
case "POST":
$handler = $method . "_Ingredients";
if (method_exists($this, $handler)) {
$this->{$handler}();
} else {
APIResponse(RESPONSE_404, "Could not find ingredients handler {$handler}.");
}
break;
default:
APIResponse(RESPONSE_400, "Bad ingredient request method.");
break;
}
} else {
$ingredientID = array_shift($path);
if (!array_key_exists($ingredientID, $this->Ingredients)) {
$this->RefreshIngredients();
}
if (array_key_exists($ingredientID, $this->Ingredients)) {
$this->Ingredients[$ingredientID]->Process($server, $path, $headers);
} else {
APIResponse(RESPONSE_404, "Ingredient {$ingredientID} not found.");
}
}
break;
case 'logout':
$this->auth = false;
header("Clear-Authorization: true");
APIResponse(RESPONSE_200);
//TODO: Destroy the session as well.
break;
default:
break;
}
} else {
switch ($method) {
case "GET":
case "PUT":
$handler = $method;
if (method_exists($this, $handler)) {
$this->{$handler}();
} else {
APIResponse(RESPONSE_404, "Could not find session handler {$handler}.");
}
break;
}
}
} else {
if (!empty($path)) {
$item = array_shift($path);
switch ($item) {
case 'login':
$username = getParam('username');
$password = getParam('password');
if ($username && $password) {
$username = $this->DB->Quote($username);
$password = $this->DB->Quote($password);
$login = $this->DB->GetRow("SELECT * FROM tblUsers WHERE username={$username} AND password={$password};");
if ($login && (int) $login['id']) {
$this->auth = sha1(uniqid('randomsalt', true));
$this->ID = (int) $login['id'];
$this->Username = $login['username'];
$this->DisplayName = $login['displayName'];
header("Set-Authorization: {$this->auth}");
APIResponse(RESPONSE_200, "Your name is {$this->DisplayName}");
} else {
APIResponse(RESPONSE_401, 'Invalid Credentials');
}
} else {
APIResponse(RESPONSE_401, 'No user or password given. ' . file_get_contents('php://input'));
}
break;
default:
APIResponse(RESPONSE_401, 'You are not logged in.');
break;
}
} else {
switch ($method) {
default:
APIResponse(RESPONSE_401, 'You are not logged in.');
break;
}
}
}
APIResponse(RESPONSE_400);
}
