Пример #1
0
 private function isBanned($ip)
 {
     $row = rdb('core', 'banned')->inCache(false)->where(['ip', '=', (int) str_replace('.', '', $ip)])->first(true);
     if ($row) {
         Api::forbidden();
     }
 }
Пример #2
0
 public function dispatch($uri)
 {
     if (fnmatch('*/*/*', $uri) && !fnmatch('*/*/*/*', $uri)) {
         list($token, $controller, $action) = explode('/', $uri);
         if (strstr($action, '?')) {
             list($action, $query) = explode('?', $action, 2);
             $query = urldecode($query);
             parse_str($query, $query);
             foreach ($query as $k => $v) {
                 $_REQUEST[$k] = $v;
             }
         }
         $controller = Inflector::lower($controller);
         $action = Inflector::lower($action);
         $dir = Config::get('webservices.dir', APPLICATION_PATH . DS . 'webservices');
         if (is_dir($dir)) {
             $acl = $dir . DS . 'acl.php';
             if (is_file($acl)) {
                 $acl = (include $acl);
                 $userrights = isAke($acl, $token, []);
                 $controllerRights = isAke($userrights, $controller, []);
                 if (in_array($action, $controllerRights)) {
                     $file = $dir . DS . $controller . '.php';
                     if (is_file($file)) {
                         require_once $file;
                         $class = 'Thin\\' . Inflector::camelize($controller . '_webservice');
                         $instance = lib('caller')->make($class);
                         $methods = get_class_methods($instance);
                         if (in_array('init', $methods)) {
                             $instance->init();
                         }
                         if (in_array('boot', $methods)) {
                             $instance->boot();
                         }
                         if (in_array($action, $methods)) {
                             return $instance->{$action}();
                         }
                     }
                 }
             }
         }
     }
     Api::forbidden();
 }
Пример #3
0
 private static function api($uri)
 {
     $method = Request::method();
     $uri = substr(str_replace('/api/', '/', $uri), 1);
     $tab = explode('/', $uri);
     if (count($tab) < 3) {
         Api::forbidden();
     }
     $module = current($tab);
     $controller = $tab[1];
     $action = $tab[2];
     $tab = array_slice($tab, 3);
     $count = count($tab);
     if (0 < $count && $count % 2 == 0) {
         for ($i = 0; $i < $count; $i += 2) {
             $_REQUEST[$tab[$i]] = $tab[$i + 1];
         }
     }
     $file = Config::get('app.module.dir') . DS . 'api' . DS . $module . DS . $controller . '.php';
     if (!File::exists($file)) {
         Api::NotFound();
     }
     require_once $file;
     $class = 'Thin\\' . ucfirst($controller) . 'Api';
     $i = new $class();
     $methods = get_class_methods($i);
     $call = strtolower($method) . ucfirst($action);
     if (!in_array($call, $methods)) {
         Api::NotFound();
     }
     if (in_array('init', $methods)) {
         $i->init($call);
     }
     $i->{$call}();
     if (in_array('after', $methods)) {
         $i->after();
     }
 }