/**
View one or more records.
@public
**/
public static function get()
{
$object_name = self::getObjectName();
$object_id = F3::get('PARAMS["id"]');
if (!self::hasAccess($object_name, 'view', $object_id)) {
self::reportStatus(self::Status_Failure, self::TEXT_NoAccess);
return;
}
if (!empty($object_id)) {
$object = self::getObject($object_name, $object_id);
if ($object->dry()) {
f3::http404();
} else {
echo json_encode($object->fields);
}
} else {
// It's a listing.
$object = self::getObject($object_name);
$fields = '*';
$where = null;
$group_by = isset($_GET['group_by']) ? $_GET['group_by'] : null;
$order_by = isset($_GET['order_by']) ? $_GET['order_by'] : null;
$limit = isset($_GET['limit']) ? $_GET['limit'] : null;
$offset = isset($_GET['offset']) ? $_GET['offset'] : null;
$find = array();
foreach (array_keys($object->fields) as $key) {
if (isset($_GET[$key]) && !empty($_GET[$key])) {
$value = $_GET[$key];
if (preg_match('/^([<>!]+)/', $value, $match)) {
$find[] = $key . $value;
} elseif ($value[0] == '%' || substr($value, -1) == '%') {
$find[] = $key . " LIKE '" . $value . "'";
} else {
$find[] = sprintf("%s='%s'", $key, $value);
}
}
}
if (count($find) > 0) {
$where = join(' AND ', $find);
}
$show_rows = array();
$all_rows = $object->select($fields, $where, $group_by, $order_by, $limit, $offset);
// Support row-level access filtering.
foreach ($all_rows as $a) {
if (self::hasAccess($object_name, 'view', $a['id'])) {
$show_rows[] = $a;
}
}
echo json_encode($show_rows);
}
}
