1 | <?php |
||
2 | |||
3 | error_reporting(E_ERROR | E_PARSE); |
||
4 | |||
5 | require_once "..".DIRECTORY_SEPARATOR."config.php"; |
||
6 | |||
7 | set_include_path(dirname(__FILE__).PATH_SEPARATOR. |
||
8 | dirname(dirname(__FILE__)).PATH_SEPARATOR. |
||
9 | dirname(dirname(__FILE__)).DIRECTORY_SEPARATOR."include".PATH_SEPARATOR. |
||
10 | get_include_path()); |
||
11 | |||
12 | chdir(".."); |
||
13 | |||
14 | define('TTRSS_SESSION_NAME', 'ttrss_api_sid'); |
||
15 | define('NO_SESSION_AUTOSTART', true); |
||
16 | |||
17 | require_once "autoload.php"; |
||
18 | require_once "db.php"; |
||
19 | require_once "db-prefs.php"; |
||
20 | require_once "functions.php"; |
||
21 | require_once "sessions.php"; |
||
22 | |||
23 | ini_set('session.use_cookies', 0); |
||
24 | ini_set("session.gc_maxlifetime", 86400); |
||
25 | |||
26 | if (defined('ENABLE_GZIP_OUTPUT') && ENABLE_GZIP_OUTPUT && |
||
27 | function_exists("ob_gzhandler")) { |
||
28 | |||
29 | ob_start("ob_gzhandler"); |
||
30 | } else { |
||
31 | ob_start(); |
||
32 | } |
||
33 | |||
34 | $input = file_get_contents("php://input"); |
||
35 | |||
36 | if (defined('_API_DEBUG_HTTP_ENABLED') && _API_DEBUG_HTTP_ENABLED) { |
||
37 | // Override $_REQUEST with JSON-encoded data if available |
||
38 | // fallback on HTTP parameters |
||
39 | if ($input) { |
||
40 | $input = json_decode($input, true); |
||
41 | if ($input) { |
||
42 | $_REQUEST = $input; |
||
43 | } |
||
44 | } |
||
45 | } else { |
||
46 | // Accept JSON only |
||
47 | $input = json_decode($input, true); |
||
48 | $_REQUEST = $input; |
||
49 | } |
||
50 | |||
51 | if ($_REQUEST["sid"]) { |
||
52 | session_id($_REQUEST["sid"]); |
||
53 | @session_start(); |
||
0 ignored issues
–
show
|
|||
54 | } else if (defined('_API_DEBUG_HTTP_ENABLED')) { |
||
55 | @session_start(); |
||
56 | } |
||
57 | |||
58 | startup_gettext(); |
||
59 | |||
60 | if (!init_plugins()) { |
||
61 | return; |
||
62 | } |
||
63 | |||
64 | if ($_SESSION["uid"]) { |
||
65 | if (!validate_session()) { |
||
66 | header("Content-Type: text/json"); |
||
67 | |||
68 | print json_encode(array("seq" => -1, |
||
69 | "status" => 1, |
||
70 | "content" => array("error" => "NOT_LOGGED_IN"))); |
||
71 | |||
72 | return; |
||
73 | } |
||
74 | |||
75 | load_user_plugins($_SESSION["uid"]); |
||
76 | } |
||
77 | |||
78 | $method = strtolower($_REQUEST["op"]); |
||
79 | |||
80 | $handler = new API($_REQUEST); |
||
81 | |||
82 | if ($handler->before($method)) { |
||
83 | if ($method && method_exists($handler, $method)) { |
||
84 | $handler->$method(); |
||
85 | } else if (method_exists($handler, 'index')) { |
||
86 | $handler->index($method); |
||
87 | } |
||
88 | $handler->after(); |
||
89 | } |
||
90 | |||
91 | header("Api-Content-Length: ".ob_get_length()); |
||
92 | |||
93 | ob_end_flush(); |
||
94 |
If you suppress an error, we recommend checking for the error condition explicitly: