PHP api_desktop_check_call_limit Exemples

Langage de programmation: PHP

Méthode/Fonction: api_desktop_check_call_limit

Exemples au hotexamples.com: 2

PHP api_desktop_check_call_limit - 2 exemples trouvés. Ce sont les exemples réels les mieux notés de api_desktop_check_call_limit extraits de projets open source. Vous pouvez noter les exemples pour nous aider à en améliorer la qualité.

Associées

HTMLReadonlyField

ui_print_success_message

WedonateFund

EntityCombustEvent

Company

get_assignable_roles

UsuarioGrupoPeer

Container

DFTemplater

jQTreeNode

Related in langs

EvalSession (C#)

TDCBaseData (C#)

nsPoint (C++)

grib_context_free (C++)

Analytics (Go)

Redirect (Go)

Verb (Java)

Money (Java)

catch_warnings (Python)

BatteryState (Python)

Exemple #1

0

Afficher le fichier

Fichier : implementation.php Projet : luxurymask/platform

private function check_throttle($method_underscore, $request) { $app_info = application_get_info($this->app_id); if ($app_info['desktop']) { if ($throttle && ($ec = api_desktop_check_call_limit($this->app_id, $this->session_key)) !== API_EC_SUCCESS) { return $ec; } } else { if ($app_info['ip_list'] && !iplist_contains_ip($app_info['ip_list'], $_SERVER['REMOTE_ADDR'])) { return API_EC_BAD_IP; } // FBOPEN: NOTE - you may wish to throttle only certain methods here. if (($ec = api_server_check_call_limit($this->app_id)) !== API_EC_SUCCESS) { return $ec; } } return API_EC_SUCCESS; }

Exemple #2

0

Afficher le fichier

Fichier : auth.php Projet : luxurymask/platform

/** * Validate an API request from a vendor - check that it has a valid api_key, the correct * signature, and that it has an active session. Retrieve the application_id * and user_id associated with the request. * * @param $request The array of arguments (name=>values) passed to us (e.g. $_REQUEST). * To successfully validate, $message it must contain 'api_key', 'session_key', 'method', and 'sig'. * @param $app_id gets filled in with the appropriate application id on success. * @param $uid gets filled in with the user id associated with the session on success. * @param $config optional array of flags to disable various checks * @return API_EC_SUCCESS on success, or another API_EC_* if the request failed validation. */ function api_validate_api_request($request, &$app_id, &$uid, $throttle = true, $use_session_secret = false) { $api_key = isset($request['api_key']) ? $request['api_key'] : null; if (!$api_key || !($app_info = application_get_info_from_key($api_key))) { return API_EC_PARAM_API_KEY; } $app_id = $app_info['application_id']; // If application is disabled, their api_key is no longer valid, // though we may store it for future request tracking. if ($app_info['approved'] == -1) { return API_EC_PARAM_API_KEY; } // Similarly, if the app is deleted, the api_key is no good. If // we've done everything else right, deleted apps shouldn't be // returned by the application_get_info_* functions, but better safe // than sorry. if ($app_info['deleted']) { return API_EC_PARAM_API_KEY; } $session_key = isset($request['session_key']) ? $request['session_key'] : null; if ($app_info['desktop']) { if ($throttle && ($ec = api_desktop_check_call_limit($app_id, $session_key)) !== API_EC_SUCCESS) { return $ec; } } else { if ($app_info['ip_list'] && !iplist_contains_ip($app_info['ip_list'], $_SERVER['REMOTE_ADDR'])) { return API_EC_BAD_IP; } if ($throttle && ($ec = api_server_check_call_limit($app_id)) !== API_EC_SUCCESS) { return $ec; } } //If $use_session_secret is true, then session_key must be provided if ($use_session_secret && !$session_key) { return API_EC_PARAM_SESSION_KEY; } $secret = $app_info['secret']; // will sig check after checking the session, since some apps have a session secret $method = isset($request['method']) ? $request['method'] : null; if (!$method) { return API_EC_METHOD; } $method_requires_session = api_method_requires_session($method); // Some methods don't require a session key but still work with session key. // Even if the method doesn't require a session key and the session key is passed in, the session key // should be respected, it's up to the individual method to figure out the tangled mess for itself... if ($method_requires_session || $session_key) { // If the method requires a session and one isn't provided, FAIL fast... if ($method_requires_session && !$session_key) { return API_EC_PARAM_SESSION_KEY; } if ($app_info['desktop'] || $use_session_secret) { $session_info = api_session_get_info($session_key, $app_id); $secret = $session_info['session_secret']; } // If the developer provides a session key even if it's not required, fail if it's not valid... if ($session_key && false == ($uid = api_session_extract_uid($session_key, $app_id))) { return API_EC_PARAM_SESSION_KEY; } if ($session_key && ($ec = api_session_check_valid($session_key, $app_id)) !== API_EC_SUCCESS) { return $ec; } /* The request has now been validated! */ $GLOBALS['user'] = $uid; // a bunch of utility functions expect a global $user to be set } $sig = isset($request['sig']) ? $request['sig'] : null; if (!api_request_is_properly_signed($request, $secret, $sig)) { return API_EC_PARAM_SIGNATURE; } return API_EC_SUCCESS; }