/**
* Number of seconds we should let a REST process idle
- * @static
*/
static $rest_timeout = 0;
/**
* Simple ping function to test for liveness.
*
- * @param string $var The string to be echoed
+ * @param string $var
+ * The string to be echoed.
*
- * @return string $var
+ * @return string
*/
public static function ping($var = NULL) {
$session = CRM_Core_Session::singleton();
return self::simple(array('message' => "PONG: $key"));
}
- // Generates values needed for error messages
/**
+ * Generates values needed for error messages.
* @param string $message
*
* @return array
return $values;
}
- // Generates values needed for non-error responses.
/**
+ * Generates values needed for non-error responses.
* @param array $params
*
* @return array
return $json;
}
-
if (isset($result['count'])) {
$count = ' count="' . $result['count'] . '" ';
}
- else $count = "";
+ else {
+ $count = "";
+ }
$xml = "<?xml version=\"1.0\"?>
<ResultSet xmlns:xsi=\"http://www.w3.org/2001/XMLSchema-instance\" $count>
";
* @return string
*/
public static function jsonFormated($json) {
- $tabcount = 0;
- $result = '';
- $inquote = FALSE;
- $inarray = FALSE;
+ $tabcount = 0;
+ $result = '';
+ $inquote = FALSE;
+ $inarray = FALSE;
$ignorenext = FALSE;
$tab = "\t";
if ($inquote || $inarray) {
$result .= $char;
}
- else $result .= $char . $newline . str_repeat($tab, $tabcount);
+ else {
+ $result .= $char . $newline . str_repeat($tab, $tabcount);
+ }
break;
case '"':
$q = $r;
}
$entity = CRM_Utils_array::value('entity', $requestParams);
- if ( empty($entity) && !empty($q)) {
+ if (empty($entity) && !empty($q)) {
$args = explode('/', $q);
// If the function isn't in the civicrm namespace, reject the request.
if ($args[0] != 'civicrm') {
if ($args[1] == 'ping') {
return self::ping();
}
- } else {
+ }
+ else {
// or the new format (entity+action)
$args = array();
$args[0] = 'civicrm';
$args[2] = CRM_Utils_array::value('action', $requestParams);
}
-
// Everyone should be required to provide the server key, so the whole
// interface can be disabled in more change to the configuration file.
// first check for civicrm site key
return self::error("FATAL: 'key' is incorrect. More info at: " . $docLink);
}
-
// At this point we know we are not calling ping which does not require authentication.
// Therefore, at this point we need to make sure we're working with a trusted user.
// Valid users are those who provide a valid server key and API key
return $result;
}
- if ($_SERVER['REQUEST_METHOD'] == 'GET' && strtolower(substr( $args[2],0,3)) != 'get') {
+ if ($_SERVER['REQUEST_METHOD'] == 'GET' && strtolower(substr($args[2], 0, 3)) != 'get') {
// get only valid for non destructive methods
require_once 'api/v3/utils.php';
return civicrm_api3_create_error("SECURITY: All requests that modify the database must be http POST, not GET.",
'action' => 1,
);
- if (array_key_exists('json', $requestParams) && $requestParams['json'][0] == "{") {
+ if (array_key_exists('json', $requestParams) && $requestParams['json'][0] == "{") {
$params = json_decode($requestParams['json'], TRUE);
- if($params === NULL) {
+ if ($params === NULL) {
CRM_Utils_JSON::output(array('is_error' => 1, 'error_message', 'Unable to decode supplied JSON.'));
}
}
}
}
if (array_key_exists('return', $requestParams) && is_array($requestParams['return'])) {
- foreach ($requestParams['return'] as $key => $v) $params['return.' . $key] = 1;
+ foreach ($requestParams['return'] as $key => $v) {
+ $params['return.' . $key] = 1;
+ }
}
return $params;
}
CRM_Utils_System::civiExit();
}
- public static function APIDoc() {
-
- CRM_Utils_System::setTitle("API Parameters");
- $template = CRM_Core_Smarty::singleton();
- return CRM_Utils_System::theme(
- $template->fetch('CRM/Core/APIDoc.tpl')
- );
- }
-
- public static function ajaxDoc() {
- return CRM_Utils_System::redirect(CRM_Utils_System::url('civicrm/api/explorer'));
- }
-
- /** used to load a template "inline", eg. for ajax, without having to build a menu for each template */
- static function loadTemplate () {
- $request = CRM_Utils_Request::retrieve( 'q', 'String');
- if (false !== strpos($request, '..')) {
+ /**
+ * used to load a template "inline", eg. for ajax, without having to build a menu for each template
+ */
+ public static function loadTemplate() {
+ $request = CRM_Utils_Request::retrieve('q', 'String');
+ if (FALSE !== strpos($request, '..')) {
die ("SECURITY FATAL: the url can't contain '..'. Please report the issue on the forum at civicrm.org");
}
- $request = split ('/',$request);
+ $request = explode('/', $request);
$entity = _civicrm_api_get_camel_name($request[2]);
- $tplfile=_civicrm_api_get_camel_name($request[3]);
+ $tplfile = _civicrm_api_get_camel_name($request[3]);
- $tpl = 'CRM/'.$entity.'/Page/Inline/'.$tplfile.'.tpl';
- $smarty= CRM_Core_Smarty::singleton( );
- CRM_Utils_System::setTitle( "$entity::$tplfile inline $tpl" );
- if( !$smarty->template_exists($tpl) ){
+ $tpl = 'CRM/' . $entity . '/Page/Inline/' . $tplfile . '.tpl';
+ $smarty = CRM_Core_Smarty::singleton();
+ CRM_Utils_System::setTitle("$entity::$tplfile inline $tpl");
+ if (!$smarty->template_exists($tpl)) {
header("Status: 404 Not Found");
die ("Can't find the requested template file templates/$tpl");
}
- if (array_key_exists('id',$_GET)) {// special treatmenent, because it's often used
- $smarty->assign ('id',(int)$_GET['id']);// an id is always positive
+ if (array_key_exists('id', $_GET)) {// special treatmenent, because it's often used
+ $smarty->assign('id', (int) $_GET['id']);// an id is always positive
}
- $pos = strpos (implode (array_keys ($_GET)),'<') ;
+ $pos = strpos(implode(array_keys($_GET)), '<');
- if ($pos !== false) {
+ if ($pos !== FALSE) {
die ("SECURITY FATAL: one of the param names contains <");
}
- $param = array_map( 'htmlentities' , $_GET);
+ $param = array_map('htmlentities', $_GET);
unset($param['q']);
$smarty->assign_by_ref("request", $param);
- if ( ! array_key_exists ( 'HTTP_X_REQUESTED_WITH', $_SERVER ) ||
- $_SERVER['HTTP_X_REQUESTED_WITH'] != "XMLHttpRequest" ) {
+ if (!array_key_exists('HTTP_X_REQUESTED_WITH', $_SERVER) ||
+ $_SERVER['HTTP_X_REQUESTED_WITH'] != "XMLHttpRequest"
+ ) {
- $smarty->assign( 'tplFile', $tpl );
- $config = CRM_Core_Config::singleton();
- $content = $smarty->fetch( 'CRM/common/'. strtolower($config->userFramework) .'.tpl' );
+ $smarty->assign('tplFile', $tpl);
+ $config = CRM_Core_Config::singleton();
+ $content = $smarty->fetch('CRM/common/' . strtolower($config->userFramework) . '.tpl');
- if (!defined('CIVICRM_UF_HEAD') && $region = CRM_Core_Region::instance('html-header', FALSE)) {
- CRM_Utils_System::addHTMLHead($region->render(''));
- }
- CRM_Utils_System::appendTPLFile( $tpl, $content );
+ if (!defined('CIVICRM_UF_HEAD') && $region = CRM_Core_Region::instance('html-header', FALSE)) {
+ CRM_Utils_System::addHTMLHead($region->render(''));
+ }
+ CRM_Utils_System::appendTPLFile($tpl, $content);
- return CRM_Utils_System::theme($content);
+ return CRM_Utils_System::theme($content);
- } else {
- $content = "<!-- .tpl file embeded: $tpl -->\n";
- CRM_Utils_System::appendTPLFile( $tpl, $content );
- echo $content . $smarty->fetch ($tpl);
- CRM_Utils_System::civiExit( );
+ }
+ else {
+ $content = "<!-- .tpl file embeded: $tpl -->\n";
+ CRM_Utils_System::appendTPLFile($tpl, $content);
+ echo $content . $smarty->fetch($tpl);
+ CRM_Utils_System::civiExit();
}
}
- /** This is a wrapper so you can call an api via json (it returns json too)
+ /**
+ * This is a wrapper so you can call an api via json (it returns json too)
* http://example.org/civicrm/api/json?entity=Contact&action=Get"&json={"contact_type":"Individual","email.get.email":{}} to take all the emails from individuals
* works for POST & GET (POST recommended)
- **/
+ */
public static function ajaxJson() {
$requestParams = CRM_Utils_Request::exportValues();
// Why is $config undefined -- $config = CRM_Core_Config::singleton();
if (!$config->debug && (!array_key_exists('HTTP_X_REQUESTED_WITH', $_SERVER) ||
$_SERVER['HTTP_X_REQUESTED_WITH'] != "XMLHttpRequest"
- )) {
+ )
+ ) {
$error = civicrm_api3_create_error("SECURITY ALERT: Ajax requests can only be issued by javascript clients, eg. CRM.api3().",
array(
'IP' => $_SERVER['REMOTE_ADDR'],
$entity = CRM_Utils_String::munge(CRM_Utils_Array::value('entity', $requestParams));
$action = CRM_Utils_String::munge(CRM_Utils_Array::value('action', $requestParams));
if (!is_array($params)) {
- CRM_Utils_JSON::output(array('is_error' => 1, 'error_message', 'invalid json format: ?{"param_with_double_quote":"value"}'));
+ CRM_Utils_JSON::output(array(
+ 'is_error' => 1,
+ 'error_message' => 'invalid json format: ?{"param_with_double_quote":"value"}',
+ ));
}
$params['check_permissions'] = TRUE;
CRM_Utils_System::civiExit();
}
+ /**
+ * Run ajax request.
+ *
+ * @return array
+ */
public static function ajax() {
$requestParams = CRM_Utils_Request::exportValues();
}
/**
- * @return array|NULL NULL if execution should proceed; array if the response is already known
+ * @return array|NULL
+ * NULL if execution should proceed; array if the response is already known
*/
public function loadCMSBootstrap() {
$requestParams = CRM_Utils_Request::exportValues();
$uid = NULL;
if (!$uid) {
- $store = NULL;
- $api_key = CRM_Utils_Request::retrieve('api_key', 'String', $store, FALSE, NULL, 'REQUEST');
+ $store = NULL;
+ $api_key = CRM_Utils_Request::retrieve('api_key', 'String', $store, FALSE, NULL, 'REQUEST');
if (empty($api_key)) {
return self::error("FATAL: mandatory param 'api_key' (user key) missing");
}
return self::error('ERROR: No CMS user associated with given api-key');
}
}
-}
+}
projects / civicrm-core.git / blobdiff