function child_render($param)
{
// Main API trunk
$user_api = ["variant_set" => function ($name, $var) {
// enrolls user in given variant
if (!http_user_auth("admin", "admin")) {
return redirect("/");
}
$cv = new Variant($name);
if (!ctype_alnum($var)) {
hack_sign("Setting variant to non-numeric value " . $var);
}
$cv->set($var);
return redirect($cv->get_url());
}];
if (isset($_GET["func"])) {
return api_demux_call($user_api);
}
return ["res" => "0", "err" => "No function to call."];
}
function api_demux_call($export_func, $externally_accessible = false)
{
$params = $_GET;
if ($externally_accessible == false && isset($_SERVER["HTTP_REFERER"])) {
if (parse_url($_SERVER["HTTP_REFERER"], PHP_URL_HOST) != $_SERVER["SERVER_NAME"]) {
hack_sign("Cross-site forgery");
}
}
if (!isset($params["func"])) {
return array("error" => "Invalid call: no function specified");
}
if (!array_key_exists($params["func"], $export_func)) {
return array("error" => "Invalid call: no such function defined", "notfound" => $params["func"]);
}
// build up argument list using the function's parameter list via reflection
$args = array();
$reflect = new ReflectionFunction($export_func[$params["func"]]);
foreach ($reflect->getParameters() as $ps) {
if (!isset($params[$ps->name])) {
header("HTTP/1.1 501 Not Implemented");
return array("error" => "Invalid call: parameter " . $ps->name . " undefined");
}
$args[] = $params[$ps->name];
}
// function is already checked for being exported; call it with given parameter list
return call_user_func_array($export_func[$params["func"]], $args);
}