Initial commit

2024-03-15 12:43:10 +01:00
commit 670b00eeab
424 changed files with 216891 additions and 0 deletions
--- a/api.php
+++ b/api.php
@@ -0,0 +1,110 @@
+<?php
+define('secure_34563$52', true);
+
+//------------------------------------------
+// Get DATA from API
+//------------------------------------------   
+$request = explode('/', trim($_SERVER['PATH_INFO'],'/'));
+//$input = json_decode(file_get_contents('php://input'),true);
+$post_data_curl = fopen('php://input', 'r');
+$input = stream_get_contents($post_data_curl);
+
+//------------------------------------------
+// Include functions
+//------------------------------------------   
+require_once './assets/functions.php';
+include './settings/settings.php';
+include './settings/config.php';
+
+//------------------------------------------
+// Retrieve API version and Collection
+// api.php/(v)ersion/{get/post}/collection/
+//------------------------------------------   
+$version = (isset($request[0])) ? strtolower($request[0]) : '';
+$collection = (isset($request[1])) ? strtolower($request[1]) : '';
+$get_content = (isset($request[2])) ? strtolower($request[2]) : '';
+
+//------------------------------------------ 
+// Initial authorization request - get TOKEN
+//------------------------------------------ 
+if ($collection == 'authorization'){
+    $api_authorization = './api/'.$version.'/'.$collection.'.php'; //Get related file
+    
+    if (file_exists($api_authorization)){   
+        include_once $api_authorization; //Include the code
+    }
+    else 
+    {
+        echo null;
+    }
+
+}
+else {
+
+//------------------------------------------
+// Check Security token
+//------------------------------------------   
+$bearer_token = get_bearer_token();
+$is_jwt_valid = is_jwt_valid($bearer_token);
+
+//------------------------------------------
+//IF security token is valid
+//------------------------------------------  
+if($is_jwt_valid && str_contains($version, 'v')) {
+    
+    //------------------------------------------
+    // Get Userrights
+    //------------------------------------------    
+    $userkey = getUserKey($bearer_token); //Get key from Token
+    $api_user_file = './api/'.$version.'/get/user_credentials.php'; //Get related file
+  
+    if (file_exists($api_user_file)){   
+        include_once $api_user_file; //Include the code
+    }
+    else 
+    {
+        echo null;
+    }
+   
+    //------------------------------------------
+    // Build up version and check if file is available
+    //------------------------------------------   
+    $api_file = './api/'.$version.'/get/'.$collection.'.php';
+    $api_file_post = './api/'.$version.'/post/'.$collection.'.php';
+
+    //GET CLEAN LANGUAGE CODE
+    $language_code = ($user_data['language']) ? $user_data['language'] : 'US';
+    $api_file_language = './settings/translations/translations_'.strtoupper($language_code).'.php';
+
+    //INCLUDE LANGUAGE FILE
+    if (file_exists($api_file_language)){   
+        include_once $api_file_language; //Include the code
+    }
+    else {
+        include_once './settings/translations/translations_US.php';
+    }
+  
+    //CHECK IF USER IS ALLOWED TO CALL SPECIFIC API
+    if (isAllowed($collection,$profile,$permission,'R') === 1 && empty($input) && file_exists($api_file)){
+        
+        include_once $api_file;
+    }
+    elseif (isAllowed($collection,$profile,$permission,'U') === 1 && !empty($input) && file_exists($api_file_post)){
+
+        include_once $api_file_post;
+    }
+    else
+    {
+        echo null;
+    }
+
+//------------------------------------------
+// JWT not VALID
+//------------------------------------------   
+}
+else 
+{
+    http_response_code(403); //Forbidden
+}
+}
+?>