CRM-16478 Initial changes to remove custom error template path

[civicrm-core.git] / CRM / Utils / REST.php

diff --git a/CRM/Utils/REST.php b/CRM/Utils/REST.php
index 6bac6be8fdb73dacb03497399d9eda6e25204eef..4bac9b7db502bf026e45019df4d33707e34e9bde 100644 (file)
--- a/CRM/Utils/REST.php
+++ b/CRM/Utils/REST.php
@@ -165,8 +165,13 @@ class CRM_Utils_REST {
     // check if this is a single element result (contact_get etc)
     // or multi element
     if ($hier) {
-      foreach ($result['values'] as $n => $v) {
-        $xml .= "<Result>\n" . CRM_Utils_Array::xml($v) . "</Result>\n";
+      foreach ($result['values'] as $k => $v) {
+        if (is_array($v)) {
+          $xml .= "<Result>\n" . CRM_Utils_Array::xml($v) . "</Result>\n";
+        }
+        elseif (!is_object($v)) {
+          $xml .= "<Result>\n<id>{$k}</id><value>{$v}</value></Result>\n";
+        }
       }
     }
     else {
@@ -304,7 +309,7 @@ class CRM_Utils_REST {
       }
     }
     else {
-      // or the new format (entity+action)
+      // or the api format (entity+action)
       $args = array();
       $args[0] = 'civicrm';
       $args[1] = CRM_Utils_array::value('entity', $requestParams);
@@ -324,10 +329,7 @@ class CRM_Utils_REST {
     }
 
     // At this point we know we are not calling ping which does not require authentication.
-    //  Therefore, at this point we need to make sure we're working with a trusted user.
-    //  Valid users are those who provide a valid server key and API key
-
-    $valid_user = FALSE;
+    // Therefore we now need a valid server key and API key
 
     // Check and see if a valid secret API key is provided.
     $api_key = CRM_Utils_Request::retrieve('api_key', 'String', $store, FALSE, NULL, 'REQUEST');
@@ -384,7 +386,9 @@ class CRM_Utils_REST {
       return $result;
     }
 
-    if ($_SERVER['REQUEST_METHOD'] == 'GET' && strtolower(substr($args[2], 0, 3)) != 'get') {
+    if ($_SERVER['REQUEST_METHOD'] == 'GET' &&
+       strtolower(substr($args[2], 0, 3)) != 'get' &&
+       strtolower($args[2] != 'check')) {
       // get only valid for non destructive methods
       require_once 'api/v3/utils.php';
       return civicrm_api3_create_error("SECURITY: All requests that modify the database must be http POST, not GET.",
@@ -512,7 +516,7 @@ class CRM_Utils_REST {
 
     }
     else {
-      $content = "<!-- .tpl file embeded: $tpl -->\n";
+      $content = "<!-- .tpl file embedded: $tpl -->\n";
       CRM_Utils_System::appendTPLFile($tpl, $content);
       echo $content . $smarty->fetch($tpl);
       CRM_Utils_System::civiExit();
@@ -528,7 +532,7 @@ class CRM_Utils_REST {
     $requestParams = CRM_Utils_Request::exportValues();
 
     require_once 'api/v3/utils.php';
-    // Why is $config undefined -- $config = CRM_Core_Config::singleton();
+    $config = CRM_Core_Config::singleton();
     if (!$config->debug && (!array_key_exists('HTTP_X_REQUESTED_WITH', $_SERVER) ||
         $_SERVER['HTTP_X_REQUESTED_WITH'] != "XMLHttpRequest"
       )