/**
* method: recv
*
* todo: write documentation
*/
public static function recv()
{
$base64 = Amslib_GET::get("encrypted");
if (!$base64) {
self::reply(false, "missing 'encrypted' parameter");
}
$encrypted = base64_decode($base64);
$decrypted = AesCtr::decrypt($encrypted, self::getPassword());
try {
$json = json_decode($decrypted, true);
} catch (Exception $e) {
// do nothing
Amslib_Debug::log("Exception whilst json_decoding content");
}
if (!isset($json) || !$json || !isset($json["check"])) {
self::reply(false, "invalid data");
}
if ($json["check"] != self::getCheck()) {
self::reply(false, "check compare failed");
}
unset($json["check"]);
// TODO: the sender might have posted an actual file, so we need to maybe check this and
// provide the file data from the $_FILES array
return $json;
}
/**
* method: outputJSON
*
* todo: write documentation
*
* note: I hate this function name, I think we should change it to something more elegant
*/
public static function outputJSON($array, $block = true)
{
header("Cache-Control: no-cache");
header("Content-Type: application/json");
// NOTE: perhaps it would be nice to limit this CORS header in the future
if (isset($_SERVER["HTTP_ORIGIN"])) {
$origin = $_SERVER["HTTP_ORIGIN"];
header("Access-Control-Allow-Origin: {$origin}");
header("Access-Control-Allow-Credentials: true");
}
$json = json_encode($array);
// if there is a callback specified, wrap up the json into a jsonp format
$jsonp = Amslib_GET::get("callback");
if ($jsonp) {
$json = "{$jsonp}({$json})";
}
Amslib_Benchmark::log();
if ($block === true) {
die($json);
}
if ($block === false) {
print $json;
}
return $json;
}
