Changeset View
Changeset View
Standalone View
Standalone View
lib/file_api.php
Show First 20 Lines • Show All 54 Lines • ▼ Show 20 Lines | class file_api extends file_api_core | ||||
/** | /** | ||||
* Process the request and dispatch it to the requested service | * Process the request and dispatch it to the requested service | ||||
*/ | */ | ||||
public function run() | public function run() | ||||
{ | { | ||||
$this->request = strtolower($_GET['method']); | $this->request = strtolower($_GET['method']); | ||||
// Check the session, authenticate the user | // Check the session, authenticate the user | ||||
if (!$this->session_validate($this->request == 'authenticate', $_REQUEST['token'])) { | if (!$this->session_validate($this->request == 'authenticate', $_REQUEST['token'] ?? null)) { | ||||
$this->session->destroy(session_id()); | $this->session->destroy(session_id()); | ||||
$this->session->regenerate_id(false); | $this->session->regenerate_id(false); | ||||
if ($username = $this->authenticate()) { | if ($username = $this->authenticate()) { | ||||
// Init locale after the session started | // Init locale after the session started | ||||
$this->locale_init(); | $this->locale_init(); | ||||
$this->env['language'] = $this->language; | $this->env['language'] = $this->language; | ||||
$_SESSION['user'] = $username; | $_SESSION['user'] = $username; | ||||
$_SESSION['env'] = $this->env; | $_SESSION['env'] = $this->env; | ||||
// remember client API version | // remember client API version | ||||
if (is_numeric($_GET['version'])) { | if (is_numeric($_GET['version'] ?? null)) { | ||||
$_SESSION['version'] = $_GET['version']; | $_SESSION['version'] = $_GET['version']; | ||||
} | } | ||||
if ($this->request == 'authenticate') { | if ($this->request == 'authenticate') { | ||||
$this->output_success(array( | $this->output_success(array( | ||||
'token' => session_id(), | 'token' => session_id(), | ||||
'capabilities' => $this->capabilities(), | 'capabilities' => $this->capabilities(), | ||||
)); | )); | ||||
Show All 34 Lines | protected function session_validate($new_session = false, $token = null) | ||||
$this->session->start(); | $this->session->start(); | ||||
if (empty($_SESSION['user'])) { | if (empty($_SESSION['user'])) { | ||||
return false; | return false; | ||||
} | } | ||||
// Single-document session? | // Single-document session? | ||||
if (!($this instanceof file_api_wopi) | if (!($this instanceof file_api_wopi) | ||||
&& ($doc_id = $_SESSION['document_session']) | && ($doc_id = ($_SESSION['document_session'] ?? null)) | ||||
&& (strpos($this->request, 'document') !== 0 || $doc_id != $_GET['id']) | && (strpos($this->request, 'document') !== 0 || $doc_id != $_GET['id']) | ||||
) { | ) { | ||||
throw new Exception("Access denied", file_api_core::ERROR_UNAUTHORIZED); | throw new Exception("Access denied", file_api_core::ERROR_UNAUTHORIZED); | ||||
} | } | ||||
if ($_SESSION['env']) { | if ($_SESSION['env']) { | ||||
$this->env = $_SESSION['env']; | $this->env = $_SESSION['env']; | ||||
} | } | ||||
▲ Show 20 Lines • Show All 175 Lines • ▼ Show 20 Lines | protected function request_handler($request) | ||||
'folder_rename' => 'folder_move', | 'folder_rename' => 'folder_move', | ||||
); | ); | ||||
// Redirect all document_* actions into 'document' action | // Redirect all document_* actions into 'document' action | ||||
if (preg_match('/^(sessions|invitations|document_[a-z]+)$/', $request)) { | if (preg_match('/^(sessions|invitations|document_[a-z]+)$/', $request)) { | ||||
$request = 'document'; | $request = 'document'; | ||||
} | } | ||||
$request = $aliases[$request] ?: $request; | $request = $aliases[$request] ?? $request; | ||||
require_once __DIR__ . "/api/common.php"; | require_once __DIR__ . "/api/common.php"; | ||||
include_once __DIR__ . "/api/$request.php"; | include_once __DIR__ . "/api/$request.php"; | ||||
$class_name = "file_api_$request"; | $class_name = "file_api_$request"; | ||||
if (class_exists($class_name, false)) { | if (class_exists($class_name, false)) { | ||||
$handler = new $class_name($this); | $handler = new $class_name($this); | ||||
return $handler->handle(); | return $handler->handle(); | ||||
▲ Show 20 Lines • Show All 214 Lines • Show Last 20 Lines |