These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more
1 | <?php |
||
2 | |||
3 | namespace Cloudflare; |
||
4 | |||
5 | use Exception; |
||
6 | |||
7 | /** |
||
8 | * CloudFlare API wrapper |
||
9 | * |
||
10 | * A work in progress library for the Cloudflare API. The documentation for the API can be found at https://www.cloudflare.com/docs/. |
||
11 | * |
||
12 | * @author James Bell <[email protected]> |
||
13 | * |
||
14 | * @version 1 |
||
15 | */ |
||
16 | class Api |
||
17 | { |
||
18 | /** |
||
19 | * Default permissions level |
||
20 | * |
||
21 | * @var array |
||
22 | */ |
||
23 | protected $permission_level = ['read' => null, 'edit' => null]; |
||
24 | |||
25 | /** |
||
26 | * Holds the provided email address for API authentication |
||
27 | * |
||
28 | * @var string |
||
29 | */ |
||
30 | public $email; |
||
31 | |||
32 | /** |
||
33 | * Holds the provided auth_key for API authentication |
||
34 | * |
||
35 | * @var string |
||
36 | */ |
||
37 | public $auth_key; |
||
38 | |||
39 | /** |
||
40 | * Holds the curl options |
||
41 | * |
||
42 | * @var array |
||
43 | */ |
||
44 | public $curl_options; |
||
45 | |||
46 | /** |
||
47 | * Holds the users permission levels |
||
48 | * |
||
49 | * @var null|array |
||
50 | */ |
||
51 | private $permissions = null; |
||
52 | |||
53 | /** |
||
54 | * Make a new instance of the API client |
||
55 | * This can be done via providing the email address and api key as seperate parameters |
||
56 | * or by passing in an already instantiated object from which the details will be extracted |
||
57 | */ |
||
58 | public function __construct() |
||
59 | { |
||
60 | $num_args = func_num_args(); |
||
61 | if ($num_args === 1) { |
||
62 | $parameters = func_get_args(); |
||
63 | $client = $parameters[0]; |
||
64 | $this->email = $client->email; |
||
65 | $this->auth_key = $client->auth_key; |
||
66 | $this->curl_options = $client->curl_options; |
||
67 | $this->permissions = $client->permissions; |
||
68 | } elseif ($num_args === 2) { |
||
69 | $parameters = func_get_args(); |
||
70 | $this->email = $parameters[0]; |
||
71 | $this->auth_key = $parameters[1]; |
||
72 | } |
||
73 | } |
||
74 | |||
75 | /** |
||
76 | * Setter to allow the setting of the email address |
||
77 | * |
||
78 | * @param string $email The email address associated with the Cloudflare account |
||
79 | */ |
||
80 | public function setEmail($email) |
||
81 | { |
||
82 | $this->email = $email; |
||
83 | } |
||
84 | |||
85 | /** |
||
86 | * Setter to allow the setting of the Authentication Key |
||
87 | * |
||
88 | * @param string $token Authentication key, this can be retrieve from the 'My Account' section of the Cloudflare account |
||
89 | */ |
||
90 | public function setAuthKey($token) |
||
91 | { |
||
92 | $this->auth_key = $token; |
||
93 | } |
||
94 | |||
95 | /** |
||
96 | * Setter to allow the adding / changing of the Curl options that will be used within the HTTP requests |
||
97 | * |
||
98 | * @param long $key The CURLOPT_XXX option to set e.g. CURLOPT_TIMEOUT |
||
99 | * @param mixed $value The value to be set on option e.g. 10 |
||
100 | */ |
||
101 | public function setCurlOption($key, $value) |
||
102 | { |
||
103 | $this->curl_options[$key] = $value; |
||
104 | } |
||
105 | |||
106 | /** |
||
107 | * API call method for sending requests using GET |
||
108 | * |
||
109 | * @param string $path Path of the endpoint |
||
110 | * @param array|null $data Data to be sent along with the request |
||
111 | */ |
||
112 | public function get($path, array $data = null) |
||
113 | { |
||
114 | return $this->request($path, $data, 'get', 'read'); |
||
115 | } |
||
116 | |||
117 | /** |
||
118 | * API call method for sending requests using POST |
||
119 | * |
||
120 | * @param string $path Path of the endpoint |
||
121 | * @param array|null $data Data to be sent along with the request |
||
122 | */ |
||
123 | public function post($path, array $data = null) |
||
124 | { |
||
125 | return $this->request($path, $data, 'post', 'edit'); |
||
126 | } |
||
127 | |||
128 | /** |
||
129 | * API call method for sending requests using PUT |
||
130 | * |
||
131 | * @param string $path Path of the endpoint |
||
132 | * @param array|null $data Data to be sent along with the request |
||
133 | */ |
||
134 | public function put($path, array $data = null) |
||
135 | { |
||
136 | return $this->request($path, $data, 'put', 'edit'); |
||
137 | } |
||
138 | |||
139 | /** |
||
140 | * API call method for sending requests using DELETE |
||
141 | * |
||
142 | * @param string $path Path of the endpoint |
||
143 | * @param array|null $data Data to be sent along with the request |
||
144 | */ |
||
145 | public function delete($path, array $data = null) |
||
146 | { |
||
147 | return $this->request($path, $data, 'delete', 'edit'); |
||
148 | } |
||
149 | |||
150 | /** |
||
151 | * API call method for sending requests using PATCH |
||
152 | * |
||
153 | * @param string $path Path of the endpoint |
||
154 | * @param array|null $data Data to be sent along with the request |
||
155 | */ |
||
156 | public function patch($path, array $data = null) |
||
157 | { |
||
158 | return $this->request($path, $data, 'patch', 'edit'); |
||
159 | } |
||
160 | |||
161 | /** |
||
162 | * Retrieves the users' permisison levels |
||
163 | */ |
||
164 | public function permissions() |
||
165 | { |
||
166 | if (!$this->permissions) { |
||
167 | $api = new User($this->email, $this->auth_key); |
||
168 | $user = $api->user(); |
||
169 | if (!$user->result->organizations[0]) { |
||
170 | $this->permissions = ['read' => true, 'write' => true]; |
||
171 | } else { |
||
172 | $this->permissions = $user->result->organizations[0]->permissions; |
||
173 | } |
||
174 | } |
||
175 | |||
176 | return $this->permissions; |
||
177 | } |
||
178 | |||
179 | /** |
||
180 | * @codeCoverageIgnore |
||
181 | * |
||
182 | * API call method for sending requests using GET, POST, PUT, DELETE OR PATCH |
||
183 | * |
||
184 | * @param string $path Path of the endpoint |
||
185 | * @param array|null $data Data to be sent along with the request |
||
186 | * @param string|null $method Type of method that should be used ('GET', 'POST', 'PUT', 'DELETE', 'PATCH') |
||
187 | * @param string|null $permission_level Permission level required to preform the action |
||
188 | */ |
||
189 | protected function request($path, array $data = null, $method = null, $permission_level = null) |
||
190 | { |
||
191 | if (!isset($this->email) || !isset($this->auth_key)) { |
||
192 | throw new Exception('Authentication information must be provided'); |
||
193 | } |
||
194 | $data = (is_null($data) ? [] : $data); |
||
195 | $method = (is_null($method) ? 'get' : $method); |
||
196 | $permission_level = (is_null($permission_level) ? 'read' : $permission_level); |
||
197 | |||
198 | if (!is_null($this->permission_level[$permission_level])) { |
||
199 | if (!$this->permissions) { |
||
200 | $this->permissions(); |
||
201 | } |
||
202 | if (!isset($this->permissions) || !in_array($this->permission_level[$permission_level], $this->permissions)) { |
||
203 | throw new Exception('You do not have permission to perform this request'); |
||
204 | |||
205 | return false; |
||
0 ignored issues
–
show
|
|||
206 | } |
||
207 | } |
||
208 | |||
209 | //Removes null entries |
||
210 | $data = array_filter($data, function ($val) { |
||
211 | return !is_null($val); |
||
212 | }); |
||
213 | |||
214 | $url = 'https://api.cloudflare.com/client/v4/'.$path; |
||
215 | |||
216 | $default_curl_options = [ |
||
217 | CURLOPT_VERBOSE => false, |
||
218 | CURLOPT_FORBID_REUSE => true, |
||
219 | CURLOPT_RETURNTRANSFER => 1, |
||
220 | CURLOPT_HEADER => false, |
||
221 | CURLOPT_TIMEOUT => 30, |
||
222 | CURLOPT_SSL_VERIFYPEER => false, |
||
223 | CURLOPT_FOLLOWLOCATION => true, |
||
224 | ]; |
||
225 | |||
226 | $curl_options = $default_curl_options; |
||
227 | if (isset($this->curl_options) && is_array($this->curl_options)) { |
||
228 | $curl_options = array_replace($default_curl_options, $this->curl_options); |
||
229 | } |
||
230 | |||
231 | $headers = ["X-Auth-Email: {$this->email}", "X-Auth-Key: {$this->auth_key}"]; |
||
232 | |||
233 | $ch = curl_init(); |
||
234 | curl_setopt_array($ch, $curl_options); |
||
235 | |||
236 | $headers[] = 'Content-type: application/json'; |
||
237 | $json_data = json_encode($data); |
||
238 | |||
239 | if ($method === 'post') { |
||
240 | curl_setopt($ch, CURLOPT_POST, true); |
||
241 | curl_setopt($ch, CURLOPT_POSTFIELDS, $json_data); |
||
242 | } elseif ($method === 'put') { |
||
243 | curl_setopt($ch, CURLOPT_POSTFIELDS, $json_data); |
||
244 | curl_setopt($ch, CURLOPT_CUSTOMREQUEST, 'PUT'); |
||
245 | } elseif ($method === 'delete') { |
||
246 | curl_setopt($ch, CURLOPT_POSTFIELDS, $json_data); |
||
247 | curl_setopt($ch, CURLOPT_CUSTOMREQUEST, 'DELETE'); |
||
248 | } elseif ($method === 'patch') { |
||
249 | curl_setopt($ch, CURLOPT_POSTFIELDS, $json_data); |
||
250 | curl_setopt($ch, CURLOPT_CUSTOMREQUEST, 'PATCH'); |
||
251 | } else { |
||
252 | $url .= '?'.http_build_query($data); |
||
253 | } |
||
254 | |||
255 | curl_setopt($ch, CURLOPT_HTTPHEADER, $headers); |
||
256 | curl_setopt($ch, CURLOPT_URL, $url); |
||
257 | |||
258 | $http_result = curl_exec($ch); |
||
259 | $error = curl_error($ch); |
||
260 | $information = curl_getinfo($ch); |
||
261 | $http_code = curl_getinfo($ch, CURLINFO_HTTP_CODE); |
||
262 | $response = json_decode($http_result); |
||
263 | |||
264 | curl_close($ch); |
||
265 | if ($response->success !== true) { |
||
266 | $response->error = $error; |
||
267 | $response->http_code = $http_code; |
||
268 | $response->method = $method; |
||
269 | $response->information = $information; |
||
270 | } |
||
271 | |||
272 | return $response; |
||
273 | } |
||
274 | } |
||
275 |
This check looks for unreachable code. It uses sophisticated control flow analysis techniques to find statements which will never be executed.
Unreachable code is most often the result of
return
,die
orexit
statements that have been added for debug purposes.In the above example, the last
return false
will never be executed, because a return statement has already been met in every possible execution path.