/** View one or more records. @public **/ public static function get() { $object_name = self::getObjectName(); $object_id = F3::get('PARAMS["id"]'); if (!self::hasAccess($object_name, 'view', $object_id)) { self::reportStatus(self::Status_Failure, self::TEXT_NoAccess); return; } if (!empty($object_id)) { $object = self::getObject($object_name, $object_id); if ($object->dry()) { f3::http404(); } else { echo json_encode($object->fields); } } else { // It's a listing. $object = self::getObject($object_name); $fields = '*'; $where = null; $group_by = isset($_GET['group_by']) ? $_GET['group_by'] : null; $order_by = isset($_GET['order_by']) ? $_GET['order_by'] : null; $limit = isset($_GET['limit']) ? $_GET['limit'] : null; $offset = isset($_GET['offset']) ? $_GET['offset'] : null; $find = array(); foreach (array_keys($object->fields) as $key) { if (isset($_GET[$key]) && !empty($_GET[$key])) { $value = $_GET[$key]; if (preg_match('/^([<>!]+)/', $value, $match)) { $find[] = $key . $value; } elseif ($value[0] == '%' || substr($value, -1) == '%') { $find[] = $key . " LIKE '" . $value . "'"; } else { $find[] = sprintf("%s='%s'", $key, $value); } } } if (count($find) > 0) { $where = join(' AND ', $find); } $show_rows = array(); $all_rows = $object->select($fields, $where, $group_by, $order_by, $limit, $offset); // Support row-level access filtering. foreach ($all_rows as $a) { if (self::hasAccess($object_name, 'view', $a['id'])) { $show_rows[] = $a; } } echo json_encode($show_rows); } }