public static function checkAuthorization($request_data, $controller, $action) { /* changed the following line of code to read username and password from post */ //if( isset( $_SERVER['PHP_AUTH_USER'] ) && isset( $_SERVER['PHP_AUTH_PW'] ) ) $authArray = array("authorized" => 0); if (isset($request_data["api_key"]) && isset($request_data["api_username"]) && isset($request_data["api_password"])) { $utils = new Utils(); $restfulApiCredentials = $utils->GetAuthorizationDetails($request_data["api_key"]); $applicationCredentials = $restfulApiCredentials["responseArray"]; /*$restful_api_credentials = unserialize( RESTFUL_API_SERVICE_CREDENTIALS ); $applicationCredentials = $restful_api_credentials[$request_data["api_key"]];*/ if (count($applicationCredentials) > 0 && $applicationCredentials["username"] == base64_decode($request_data["api_username"]) && $applicationCredentials["password"] == md5(base64_decode($request_data["api_password"]))) { //Authorised if ($applicationCredentials["isPrivate"]) { //If private key, don't check for api call rates RestUtils::DataLogging(2, $request_data["api_key"], $controller, $action); $authArray = array("authorized" => 1); } else { //If public key, verify api call $apiCallsMadeInThisHour = RestUtils::GetApiCallRates($request_data["api_key"], "hour"); $apiCallsMadeToday = RestUtils::GetApiCallRates($request_data["api_key"], "day"); //First check if day's call limit is reached or not if ($apiCallsMadeToday <= $applicationCredentials["maxCallsPerDay"]) { //Check whether hour's call limit is reached if ($apiCallsMadeInThisHour <= $applicationCredentials["maxCallsPerHour"]) { RestUtils::DataLogging(2, $request_data["api_key"], $controller, $action); $authArray = array("authorized" => 1); } else { $authArray = array("authorized" => 1, "hourRateLimitReached" => 1); } } else { $authArray = array("authorized" => 1, "dayRateLimitReached" => 1); } } } else { RestUtils::DataLogging(1, $request_data["api_key"], $controller, $action); } } else { RestUtils::DataLogging(1, $request_data["api_key"], $controller, $action); } return $authArray; }