private function isBanned($ip) { $row = rdb('core', 'banned')->inCache(false)->where(['ip', '=', (int) str_replace('.', '', $ip)])->first(true); if ($row) { Api::forbidden(); } }
public function dispatch($uri) { if (fnmatch('*/*/*', $uri) && !fnmatch('*/*/*/*', $uri)) { list($token, $controller, $action) = explode('/', $uri); if (strstr($action, '?')) { list($action, $query) = explode('?', $action, 2); $query = urldecode($query); parse_str($query, $query); foreach ($query as $k => $v) { $_REQUEST[$k] = $v; } } $controller = Inflector::lower($controller); $action = Inflector::lower($action); $dir = Config::get('webservices.dir', APPLICATION_PATH . DS . 'webservices'); if (is_dir($dir)) { $acl = $dir . DS . 'acl.php'; if (is_file($acl)) { $acl = (include $acl); $userrights = isAke($acl, $token, []); $controllerRights = isAke($userrights, $controller, []); if (in_array($action, $controllerRights)) { $file = $dir . DS . $controller . '.php'; if (is_file($file)) { require_once $file; $class = 'Thin\\' . Inflector::camelize($controller . '_webservice'); $instance = lib('caller')->make($class); $methods = get_class_methods($instance); if (in_array('init', $methods)) { $instance->init(); } if (in_array('boot', $methods)) { $instance->boot(); } if (in_array($action, $methods)) { return $instance->{$action}(); } } } } } } Api::forbidden(); }
private static function api($uri) { $method = Request::method(); $uri = substr(str_replace('/api/', '/', $uri), 1); $tab = explode('/', $uri); if (count($tab) < 3) { Api::forbidden(); } $module = current($tab); $controller = $tab[1]; $action = $tab[2]; $tab = array_slice($tab, 3); $count = count($tab); if (0 < $count && $count % 2 == 0) { for ($i = 0; $i < $count; $i += 2) { $_REQUEST[$tab[$i]] = $tab[$i + 1]; } } $file = Config::get('app.module.dir') . DS . 'api' . DS . $module . DS . $controller . '.php'; if (!File::exists($file)) { Api::NotFound(); } require_once $file; $class = 'Thin\\' . ucfirst($controller) . 'Api'; $i = new $class(); $methods = get_class_methods($i); $call = strtolower($method) . ucfirst($action); if (!in_array($call, $methods)) { Api::NotFound(); } if (in_array('init', $methods)) { $i->init($call); } $i->{$call}(); if (in_array('after', $methods)) { $i->after(); } }