function handle(&$params)
{
$app =& Dataface_Application::getInstance();
if (!@$_POST['-valuelist']) {
echo JSON::error("No valuelist specified.");
exit;
}
$valuelist = $_POST['-valuelist'];
$query =& $app->getQuery();
$table =& Dataface_Table::loadTable($query['-table']);
if (!@$_POST['-value']) {
echo JSON::error("No value was provided to be appended to the valuelist.");
exit;
}
$value = $_POST['-value'];
if (@$_POST['-key']) {
$key = $_POST['-key'];
} else {
$key = null;
}
$vt =& Dataface_ValuelistTool::getInstance();
$res = $vt->addValueToValuelist($table, $valuelist, $value, $key, true);
if (PEAR::isError($res)) {
echo JSON::error($res->getMessage());
exit;
}
echo JSON::json(array('success' => 1, 'value' => array('key' => $res['key'], 'value' => $res['value'])));
exit;
}
public static function throwRateError($retryAfter = null, $error = 'Rate limit exceeded')
{
header('HTTP/1.1 429 Too Many Requests');
if ($retryAfter) {
header("Retry-After: {$retryAfter}");
$error .= ", retry after {$retryAfter} seconds";
}
\JSON::error($error);
}
<?php
namespace Gatekeeper;
$Endpoint = $_EVENT['request']->getEndpoint();
if ($Endpoint->DeprecationDate && $Endpoint->DeprecationDate < $_EVENT['request']->getStartTime()) {
header('HTTP/1.1 410 Gone');
\JSON::error('This endpoint+version has been deprecated');
}
<?php
namespace Gatekeeper;
use Gatekeeper\Keys\Key;
use Gatekeeper\Keys\InvalidKeyException;
// load key if present
try {
if ($Key = Key::getFromRequest()) {
$_EVENT['request']->setKey($Key);
}
} catch (InvalidKeyException $e) {
\JSON::error('provided gatekeeper key is invalid', 401);
}
<?php
namespace Gatekeeper;
$Key = $_EVENT['request']->getKey();
if ($Key && $Key->ExpirationDate && $Key->ExpirationDate < $_EVENT['request']->getStartTime()) {
\JSON::error('provided gatekeeper key is expired', 403);
}
<?php
$GLOBALS['Session']->requireAccountLevel('Developer');
$requestData = JSON::getRequestData();
if (!is_array($requestData['nodes'])) {
JSON::error('Expecting array under nodes key');
}
// TODO: something more elegant to prevent non-specified classes from being inherited?
Site::$autoPull = true;
$succeeded = array();
$failed = array();
foreach ($requestData['nodes'] as $updateData) {
$Node = Site::resolvePath($updateData['path']);
if ($Node->Collection->Site == 'Local') {
$failed[] = array('path' => $updateData['path'], 'error' => 'CURRENT_IS_LOCAL', 'message' => 'Current node is local and blocks any remote updates');
continue;
}
if ($Node->SHA1 != $updateData['localSHA1']) {
$failed[] = array('path' => $updateData['path'], 'error' => 'LOCAL_SHA1_MISMATCH', 'message' => 'Current node\'s SHA1 hash does not match that which this update was requested for');
continue;
}
if (empty($updateData['remoteSHA1'])) {
$Node->delete();
} else {
$NewNode = Emergence::resolveFileFromParent($Node->Collection, $Node->Handle, true);
if (!$NewNode) {
$failed[] = array('path' => $updateData['path'], 'error' => 'DOWNLOAD_FAILED', 'message' => 'The remote file failed to download');
continue;
}
if ($NewNode->SHA1 != $updateData['remoteSHA1']) {
$NewNode->destroyRecord();
<?php
namespace Gatekeeper;
$Key = $_EVENT['request']->getKey();
if ($Key && $Key->Status == 'revoked') {
\JSON::error('provided gatekeeper key is revoked', 403);
}
<?php
namespace Gatekeeper;
$Endpoint = $_EVENT['request']->getEndpoint();
$Key = $_EVENT['request']->getKey();
if ($Endpoint->KeyRequired) {
if (!$Key) {
$realm = Gatekeeper::$authRealm;
if ($Endpoint) {
$realm .= '/';
}
header(sprintf('WWW-Authenticate: %s/%s', Gatekeeper::$authRealm, $Endpoint->Path));
\JSON::error('gatekeeper key required for this endpoint but not provided', 401);
}
if (!$Key->canAccessEndpoint($Endpoint)) {
\JSON::error('provided gatekeeper key does not grant access to this endpoint', 403);
}
}
<?php
namespace Gatekeeper;
use Gatekeeper\Bans\Ban;
$Key = $_EVENT['request']->getKey();
if ($Key && Ban::isKeyBanned($Key)) {
\JSON::error('Your API key is currently banned from using this service', 403);
}
// add keywords query
if (!empty($_GET['q'])) {
$where = array_merge($where, ASAPSearch::getKeywordConditions($_GET['q']));
}
// add ASAP clubs filter
if (!empty($_GET['clubs'])) {
$clubs = is_array($_GET['clubs']) ? $_GET['clubs'] : [$_GET['clubs']];
$where = array_merge($where, ASAPSearch::getClubConditions($clubs));
}
// add distance calculation / order
if (!empty($_GET['near'])) {
if (!is_array($_GET['near']) || empty($_GET['near']['lat']) || empty($_GET['near']['lon'])) {
JSON::error('near must be provided as an array with keys lat and lon');
}
if (!is_numeric($_GET['near']['lat']) || !is_numeric($_GET['near']['lon'])) {
JSON::error('lat and lon must be numeric');
}
$selectFields[] = sprintf('ROUND(((ACOS( SIN(%1$f * PI()/180 ) * SIN(SiteLat * PI()/180 ) + COS(%1$f * PI()/180 ) * COS(SiteLat * PI()/180 ) * COS((%2$f - SiteLong) * PI()/180))*180/PI())*60*1.1515),%3$u) AS distance', $_GET['near']['lat'], $_GET['near']['lon'], 2);
$order = 'distance';
} else {
$order = 'SiteZip, SiteName';
}
// add grades filter
if (!empty($_GET['grades'])) {
$validGrades = ['Pre_k', 'K_5', '6_8', '9_12', 'Other'];
$grades = is_array($_GET['grades']) ? $_GET['grades'] : [$_GET['grades']];
foreach ($validGrades as $validGrade) {
if (in_array($validGrade, $grades)) {
$where[] = "SiteGrade_{$validGrade} = 1";
}
}
<?php
namespace Gatekeeper;
use Gatekeeper\Bans\Ban;
if (Ban::isIPAddressBanned($_SERVER['REMOTE_ADDR'])) {
header('HTTP/1.1 403 Forbidden');
\JSON::error('Your IP address is currently banned from using this service');
}
