function handle(&$params) { $app =& Dataface_Application::getInstance(); if (!@$_POST['-valuelist']) { echo JSON::error("No valuelist specified."); exit; } $valuelist = $_POST['-valuelist']; $query =& $app->getQuery(); $table =& Dataface_Table::loadTable($query['-table']); if (!@$_POST['-value']) { echo JSON::error("No value was provided to be appended to the valuelist."); exit; } $value = $_POST['-value']; if (@$_POST['-key']) { $key = $_POST['-key']; } else { $key = null; } $vt =& Dataface_ValuelistTool::getInstance(); $res = $vt->addValueToValuelist($table, $valuelist, $value, $key, true); if (PEAR::isError($res)) { echo JSON::error($res->getMessage()); exit; } echo JSON::json(array('success' => 1, 'value' => array('key' => $res['key'], 'value' => $res['value']))); exit; }
public static function throwRateError($retryAfter = null, $error = 'Rate limit exceeded') { header('HTTP/1.1 429 Too Many Requests'); if ($retryAfter) { header("Retry-After: {$retryAfter}"); $error .= ", retry after {$retryAfter} seconds"; } \JSON::error($error); }
<?php namespace Gatekeeper; $Endpoint = $_EVENT['request']->getEndpoint(); if ($Endpoint->DeprecationDate && $Endpoint->DeprecationDate < $_EVENT['request']->getStartTime()) { header('HTTP/1.1 410 Gone'); \JSON::error('This endpoint+version has been deprecated'); }
<?php namespace Gatekeeper; use Gatekeeper\Keys\Key; use Gatekeeper\Keys\InvalidKeyException; // load key if present try { if ($Key = Key::getFromRequest()) { $_EVENT['request']->setKey($Key); } } catch (InvalidKeyException $e) { \JSON::error('provided gatekeeper key is invalid', 401); }
<?php namespace Gatekeeper; $Key = $_EVENT['request']->getKey(); if ($Key && $Key->ExpirationDate && $Key->ExpirationDate < $_EVENT['request']->getStartTime()) { \JSON::error('provided gatekeeper key is expired', 403); }
<?php $GLOBALS['Session']->requireAccountLevel('Developer'); $requestData = JSON::getRequestData(); if (!is_array($requestData['nodes'])) { JSON::error('Expecting array under nodes key'); } // TODO: something more elegant to prevent non-specified classes from being inherited? Site::$autoPull = true; $succeeded = array(); $failed = array(); foreach ($requestData['nodes'] as $updateData) { $Node = Site::resolvePath($updateData['path']); if ($Node->Collection->Site == 'Local') { $failed[] = array('path' => $updateData['path'], 'error' => 'CURRENT_IS_LOCAL', 'message' => 'Current node is local and blocks any remote updates'); continue; } if ($Node->SHA1 != $updateData['localSHA1']) { $failed[] = array('path' => $updateData['path'], 'error' => 'LOCAL_SHA1_MISMATCH', 'message' => 'Current node\'s SHA1 hash does not match that which this update was requested for'); continue; } if (empty($updateData['remoteSHA1'])) { $Node->delete(); } else { $NewNode = Emergence::resolveFileFromParent($Node->Collection, $Node->Handle, true); if (!$NewNode) { $failed[] = array('path' => $updateData['path'], 'error' => 'DOWNLOAD_FAILED', 'message' => 'The remote file failed to download'); continue; } if ($NewNode->SHA1 != $updateData['remoteSHA1']) { $NewNode->destroyRecord();
<?php namespace Gatekeeper; $Key = $_EVENT['request']->getKey(); if ($Key && $Key->Status == 'revoked') { \JSON::error('provided gatekeeper key is revoked', 403); }
<?php namespace Gatekeeper; $Endpoint = $_EVENT['request']->getEndpoint(); $Key = $_EVENT['request']->getKey(); if ($Endpoint->KeyRequired) { if (!$Key) { $realm = Gatekeeper::$authRealm; if ($Endpoint) { $realm .= '/'; } header(sprintf('WWW-Authenticate: %s/%s', Gatekeeper::$authRealm, $Endpoint->Path)); \JSON::error('gatekeeper key required for this endpoint but not provided', 401); } if (!$Key->canAccessEndpoint($Endpoint)) { \JSON::error('provided gatekeeper key does not grant access to this endpoint', 403); } }
<?php namespace Gatekeeper; use Gatekeeper\Bans\Ban; $Key = $_EVENT['request']->getKey(); if ($Key && Ban::isKeyBanned($Key)) { \JSON::error('Your API key is currently banned from using this service', 403); }
// add keywords query if (!empty($_GET['q'])) { $where = array_merge($where, ASAPSearch::getKeywordConditions($_GET['q'])); } // add ASAP clubs filter if (!empty($_GET['clubs'])) { $clubs = is_array($_GET['clubs']) ? $_GET['clubs'] : [$_GET['clubs']]; $where = array_merge($where, ASAPSearch::getClubConditions($clubs)); } // add distance calculation / order if (!empty($_GET['near'])) { if (!is_array($_GET['near']) || empty($_GET['near']['lat']) || empty($_GET['near']['lon'])) { JSON::error('near must be provided as an array with keys lat and lon'); } if (!is_numeric($_GET['near']['lat']) || !is_numeric($_GET['near']['lon'])) { JSON::error('lat and lon must be numeric'); } $selectFields[] = sprintf('ROUND(((ACOS( SIN(%1$f * PI()/180 ) * SIN(SiteLat * PI()/180 ) + COS(%1$f * PI()/180 ) * COS(SiteLat * PI()/180 ) * COS((%2$f - SiteLong) * PI()/180))*180/PI())*60*1.1515),%3$u) AS distance', $_GET['near']['lat'], $_GET['near']['lon'], 2); $order = 'distance'; } else { $order = 'SiteZip, SiteName'; } // add grades filter if (!empty($_GET['grades'])) { $validGrades = ['Pre_k', 'K_5', '6_8', '9_12', 'Other']; $grades = is_array($_GET['grades']) ? $_GET['grades'] : [$_GET['grades']]; foreach ($validGrades as $validGrade) { if (in_array($validGrade, $grades)) { $where[] = "SiteGrade_{$validGrade} = 1"; } }
<?php namespace Gatekeeper; use Gatekeeper\Bans\Ban; if (Ban::isIPAddressBanned($_SERVER['REMOTE_ADDR'])) { header('HTTP/1.1 403 Forbidden'); \JSON::error('Your IP address is currently banned from using this service'); }