104 lines
3.5 KiB
PHP
104 lines
3.5 KiB
PHP
<?php
|
|
/**
|
|
* For the full copyright and license information, please view the
|
|
* docs/licenses/LICENSE.txt file that was distributed with this source code.
|
|
*/
|
|
|
|
use PrestaShop\PrestaShop\Adapter\ContainerBuilder;
|
|
|
|
ob_start();
|
|
|
|
if (!defined('_PS_API_IN_USE_')) {
|
|
define('_PS_API_IN_USE_', true);
|
|
}
|
|
|
|
require_once dirname(__FILE__) . '/../config/config.inc.php';
|
|
|
|
// Cart is needed for some requests
|
|
Context::getContext()->cart = new Cart();
|
|
Context::getContext()->container = ContainerBuilder::getContainer('webservice', _PS_MODE_DEV_);
|
|
Context::getContext()->currency = Context::getContext()->currency ?? Currency::getDefaultCurrency();
|
|
|
|
//set http auth headers for apache+php-cgi work around
|
|
if (isset($_SERVER['HTTP_AUTHORIZATION']) && preg_match('/Basic\s+(.*)$/i', $_SERVER['HTTP_AUTHORIZATION'], $matches)) {
|
|
list($name, $password) = explode(':', base64_decode($matches[1]));
|
|
$_SERVER['PHP_AUTH_USER'] = strip_tags($name);
|
|
}
|
|
|
|
//set http auth headers for apache+php-cgi work around if variable gets renamed by apache
|
|
if (isset($_SERVER['REDIRECT_HTTP_AUTHORIZATION']) && preg_match('/Basic\s+(.*)$/i', $_SERVER['REDIRECT_HTTP_AUTHORIZATION'], $matches)) {
|
|
list($name, $password) = explode(':', base64_decode($matches[1]));
|
|
$_SERVER['PHP_AUTH_USER'] = strip_tags($name);
|
|
}
|
|
|
|
// Use for image management (using the POST method of the browser to simulate the PUT method)
|
|
$method = $_REQUEST['ps_method'] ?? $_SERVER['REQUEST_METHOD'];
|
|
|
|
if (isset($_SERVER['PHP_AUTH_USER'])) {
|
|
$key = $_SERVER['PHP_AUTH_USER'];
|
|
} elseif (isset($_GET['ws_key'])) {
|
|
$key = $_GET['ws_key'];
|
|
} else {
|
|
// Check if it is a preflight request before sending the 401 response
|
|
if ($_SERVER['REQUEST_METHOD'] == 'OPTIONS') {
|
|
header('Access-Control-Allow-Headers: Authorization, Content-Type');
|
|
die('200 OK');
|
|
}
|
|
|
|
header($_SERVER['SERVER_PROTOCOL'] . ' 401 Unauthorized');
|
|
header('WWW-Authenticate: Basic realm="Welcome to PrestaShop Webservice, please enter the authentication key as the login. No password required."');
|
|
die('401 Unauthorized');
|
|
}
|
|
|
|
$input_xml = null;
|
|
|
|
// if a XML is in POST, PUT or PATCH
|
|
if (in_array($_SERVER['REQUEST_METHOD'], ['POST', 'PUT', 'PATCH'])) {
|
|
$put_resource = fopen('php://input', 'rb');
|
|
while ($put_data = fread($put_resource, 1024)) {
|
|
$input_xml .= $put_data;
|
|
}
|
|
fclose($put_resource);
|
|
}
|
|
if (isset($input_xml) && strncmp($input_xml, 'xml=', 4) == 0) {
|
|
$input_xml = substr($input_xml, 4);
|
|
}
|
|
|
|
$params = $_GET;
|
|
unset($params['url']);
|
|
|
|
$class_name = WebserviceKey::getClassFromKey($key);
|
|
$bad_class_name = false;
|
|
if (!class_exists($class_name)) {
|
|
$bad_class_name = $class_name;
|
|
$class_name = 'WebserviceRequest';
|
|
}
|
|
// fetch the request
|
|
WebserviceRequest::$ws_current_classname = $class_name;
|
|
$request = call_user_func([$class_name, 'getInstance']);
|
|
|
|
$result = $request->fetch($key, $method, ($_GET['url'] ?? ''), $params, $bad_class_name, $input_xml);
|
|
// display result
|
|
if (ob_get_length() != 0) {
|
|
header('Content-Type: application/javascript');
|
|
} // Useful for debug...
|
|
|
|
// Manage cache
|
|
if (isset($_SERVER['HTTP_LOCAL_CONTENT_SHA1']) && $_SERVER['HTTP_LOCAL_CONTENT_SHA1'] == $result['content_sha1']) {
|
|
$result['headers'][] = $_SERVER['SERVER_PROTOCOL'] . ' 304 Not Modified';
|
|
}
|
|
|
|
if (is_array($result['headers'])) {
|
|
foreach ($result['headers'] as $param_value) {
|
|
header($param_value);
|
|
}
|
|
}
|
|
|
|
if (isset($result['type'])) {
|
|
if (!isset($_SERVER['HTTP_LOCAL_CONTENT_SHA1']) || $_SERVER['HTTP_LOCAL_CONTENT_SHA1'] != $result['content_sha1']) {
|
|
echo $result['content'];
|
|
}
|
|
}
|
|
|
|
ob_end_flush();
|