}
}
} else {
# We are public so everything is allowed
$G_CURRENT_DOMAIN = '';
header('Access-Control-Allow-Origin: *');
header('Access-Control-Allow-Headers: Origin, Access-Token, Referring-Host, Content-Type, Content-Length');
}
# Getting our token privilege data
if (isset($G_TOKEN_DATA['privileges']) && (int) $G_TOKEN_DATA['privileges'] > 0) {
$query = "\tSELECT\n\t\t\t\t\t*\n\t\t\t\tFROM\n\t\t\t\t\t" . NQ_APP_TOKENS_TABLE . "\n\t\t\t\tWHERE\n\t\t\t\t\t`id`=" . (int) $G_TOKEN_DATA['privileges'] . "\n\t\t\t\tLIMIT 1";
$G_TOKEN_PRIVILAGE_DATA = mysqli_single_result_query($G_CONTROLLER_DBLINK, $query);
$G_APP_ENVIRONMENT = $G_TOKEN_PRIVILAGE_DATA['environment'];
}
# Checking if we are allowed
if (!ip_in_list($_SERVER['REMOTE_ADDR'], $G_APP_DATA['subnet_' . $G_APP_ENVIRONMENT], ',')) {
exit_fail(NQ_ERROR_ENVIRONMENT_UNAVAILABLE, 'Environment (' . $G_APP_ENVIRONMENT . ') unavailable for ip ' . $_SERVER['REMOTE_ADDR'] . '.', false);
}
# What apps (by id) do you want to allow to have global access
if (count($G_APP_IDS) > 1 && in_array($G_APP_IDS[0], explode(',', NQ_GLOBAL_APP_IDS))) {
# Saving our global app
$G_GLOBAL_APP_DATA = $G_APP_DATA;
# Getting our sub-app data
$query = "\tSELECT\n\t\t\t\t\t*\n\t\t\t\tFROM\n\t\t\t\t\t" . NQ_APPS_TABLE . "\n\t\t\t\tWHERE\n\t\t\t\t\t`id`=" . (int) $G_APP_IDS[1] . " AND\n\t\t\t\t\t`active`=b'1'\n\t\t\t\tLIMIT 1";
$G_APP_DATA = mysqli_single_result_query($G_CONTROLLER_DBLINK, $query);
}
# Exiting if our app doesn't exist
if (!isset($G_APP_DATA['id'])) {
exit_fail(NQ_ERROR_SERVICE_UNAVAILABLE, 'Service unavailable.', false);
}
# Getting our token session data
# If we aren't a "public" page - ie resource
$_PUBLIC_ENDPOINT = defined('PUBLIC_ENDPOINT') && PUBLIC_ENDPOINT;
$_PUBLIC_ENDPOINT = $_PUBLIC_ENDPOINT || $public_tables_allowed > 0 && count($G_ENCODED_TABLE_NAMES) == $public_tables_allowed;
$_PUBLIC_ENDPOINT = $_PUBLIC_ENDPOINT || count($G_ENCODED_TABLE_NAMES) == 0;
if (count($G_APP_IDS) > 1 || !$_PUBLIC_ENDPOINT) {
# If we are using a static token
if (isset($_SERVER['HTTP_STATIC_TOKEN'])) {
# Getting our users access token
$query = "\tSELECT\n\t\t\t\t\t\t\t*\n\t\t\t\t\t\tFROM\n\t\t\t\t\t\t\t" . NQ_APP_STATIC_TOKENS_TABLE . "\n\t\t\t\t\t\tFORCE\n\t\t\t\t\t\t\tINDEX(`app_key`)\n\t\t\t\t\t\tWHERE\n\t\t\t\t\t\t\t`app_id`\t=" . (int) $G_GLOBAL_APP_DATA['id'] . " AND\n\t\t\t\t\t\t\t`api_key`\t='" . mysqli_escape_string($G_CONTROLLER_DBLINK, $_SERVER['HTTP_STATIC_TOKEN']) . "'\n\t\t\t\t\t\tLIMIT 1";
$G_TOKEN_DATA = mysqli_single_result_query($G_CONTROLLER_DBLINK, $query);
# No token
if (!isset($G_TOKEN_DATA['ips'])) {
exit_fail(NQ_ERROR_INVALID_TOKEN, 'AInvalid Authentication Token');
}
# Service Unavailable - Bad token
if (!ip_in_list($_SERVER['REMOTE_ADDR'], $G_TOKEN_DATA['ips'], ',')) {
exit_fail(NQ_ERROR_SERVICE_UNAVAILABLE, 'Service unavailable from ip ' . $_SERVER['REMOTE_ADDR'] . '.', false);
}
# Saving the static tokens enviornment
$G_APP_ENVIRONMENT = $G_TOKEN_DATA['environment'];
} else {
# Setting our header
header('Access-Control-Allow-Origin: *');
header('Access-Control-Allow-Headers: Origin, Access-Token, Referring-Host, Content-Type, Content-Length');
# Service Unavailable
if (!domain_in_list($_SERVER['HTTP_REFERRING_HOST'], $G_GLOBAL_APP_DATA['domain'], ',')) {
exit_fail(NQ_ERROR_SERVICE_UNAVAILABLE, 'Service unavailable.', false);
}
# Getting our users access token
$query = "\tSELECT\n\t\t\t\t\t\t\t*\n\t\t\t\t\t\tFROM\n\t\t\t\t\t\t\t" . NQ_ACCESS_TOKEN_TABLE . "\n\t\t\t\t\t\tFORCE\n\t\t\t\t\t\t\tINDEX(`hash_id`)\n\t\t\t\t\t\tWHERE\n\t\t\t\t\t\t\t`hash_id`='" . mysqli_escape_string($G_CONTROLLER_DBLINK, isset($_SERVER['HTTP_ACCESS_TOKEN']) ? $_SERVER['HTTP_ACCESS_TOKEN'] : '0') . "'\n\t\t\t\t\t\tLIMIT 1";
$G_TOKEN_DATA = mysqli_single_result_query($G_CONTROLLER_DBLINK, $query);
