/** * Send a raw API call to an elgg api endpoint. * * @param array $keys The api keys. * @param string $url URL of the endpoint. * @param array $call Associated array of "variable" => "value" * @param string $method GET or POST * @param string $post_data The post data * @param string $content_type The content type * * @return string */ function send_api_call(array $keys, $url, array $call, $method = 'GET', $post_data = '', $content_type = 'application/octet-stream') { global $CONFIG; $headers = array(); $encoded_params = array(); $method = strtoupper($method); switch (strtoupper($method)) { case 'GET': case 'POST': break; default: $msg = elgg_echo('NotImplementedException:CallMethodNotImplemented', array($method)); throw new NotImplementedException($msg); } // Time $time = time(); // Nonce $nonce = uniqid(''); // URL encode all the parameters foreach ($call as $k => $v) { $encoded_params[] = urlencode($k) . '=' . urlencode($v); } $params = implode('&', $encoded_params); // Put together the query string $url = $url . "?" . $params; // Construct headers $posthash = ""; if ($method == 'POST') { $posthash = calculate_posthash($post_data, 'md5'); } if (isset($keys['public']) && isset($keys['private'])) { $headers['X-Elgg-apikey'] = $keys['public']; $headers['X-Elgg-time'] = $time; $headers['X-Elgg-nonce'] = $nonce; $headers['X-Elgg-hmac-algo'] = 'sha1'; $headers['X-Elgg-hmac'] = calculate_hmac('sha1', $time, $nonce, $keys['public'], $keys['private'], $params, $posthash); } if ($method == 'POST') { $headers['X-Elgg-posthash'] = $posthash; $headers['X-Elgg-posthash-algo'] = 'md5'; $headers['Content-type'] = $content_type; $headers['Content-Length'] = strlen($post_data); } // Opt array $http_opts = array('method' => $method, 'header' => serialise_api_headers($headers)); if ($method == 'POST') { $http_opts['content'] = $post_data; } $opts = array('http' => $http_opts); // Send context $context = stream_context_create($opts); // Send the query and get the result and decode. elgg_log("APICALL: {$url}"); $results = file_get_contents($url, false, $context); return $results; }
/** * Send a raw API call to an elgg api endpoint. * * @param array $keys The api keys. * @param string $url URL of the endpoint. * @param array $call Associated array of "variable" => "value" * @param string $method GET or POST * @param string $post_data The post data * @param string $content_type The content type * @return stdClass The unserialised response object */ function send_api_call(array $keys, $url, array $call, $method = 'GET', $post_data = '', $content_type = 'application/octet-stream') { global $APICLIENT_LAST_CALL, $APICLIENT_LAST_CALL_RAW, $APICLIENT_LAST_ERROR, $CONFIG; $headers = array(); $encoded_params = array(); $method = strtoupper($method); switch (strtoupper($method)) { case 'GET': case 'POST': break; default: throw new NotImplementedException(sprintf(elgg_echo('NotImplementedException:CallMethodNotImplemented'), $method)); } // Time $time = microtime(true); // URL encode all the parameters, ensuring auth_token (if present) is at the end! foreach ($call as $k => $v) { if ($k != 'auth_token') { $encoded_params[] = urlencode($k) . '=' . urlencode($v); } } if ($call['auth_token']) { $encoded_params[] = urlencode('auth_token') . '=' . urlencode($call['auth_token']); } $params = implode('&', $encoded_params); // Put together the query string $url = $url . "?" . $params; // Construct headers $posthash = ""; if ($method == 'POST') { $posthash = calculate_posthash($post_data, 'md5'); } if (isset($keys['public']) && isset($keys['private'])) { $headers['X-Elgg-apikey'] = $keys['public']; $headers['X-Elgg-time'] = $time; $headers['X-Elgg-hmac-algo'] = 'sha1'; $headers['X-Elgg-hmac'] = calculate_hmac('sha1', $time, $keys['public'], $keys['private'], $params, $posthash); } if ($method == 'POST') { $headers['X-Elgg-posthash'] = $posthash; $headers['X-Elgg-posthash-algo'] = 'md5'; $headers['Content-type'] = $content_type; $headers['Content-Length'] = strlen($post_data); } // Opt array $http_opts = array('method' => $method, 'header' => serialise_api_headers($headers)); if ($method == 'POST') { $http_opts['content'] = $post_data; } $opts = array('http' => $http_opts); // Send context $context = stream_context_create($opts); // Send the query and get the result and decode. if (isset($CONFIG->debug) && $CONFIG->debug) { error_log("APICALL: {$url}"); } $APICLIENT_LAST_CALL_RAW = file_get_contents($url, false, $context); $APICLIENT_LAST_CALL = unserialize($APICLIENT_LAST_CALL_RAW); if ($APICLIENT_LAST_CALL && $APICLIENT_LAST_CALL->status != 0) { $APICLIENT_LAST_ERROR = $APICLIENT_LAST_CALL; } return $APICLIENT_LAST_CALL; }