131 lines
3.5 KiB
PHP
131 lines
3.5 KiB
PHP
<?php
|
|
require 'config/application.php';
|
|
|
|
if (!isset($_COOKIE['_session']) || !file_exists('/tmp/apcontrol-sessions')) {
|
|
if (substr($_SERVER['REQUEST_URI'],0,5) === '/api/') {
|
|
http_response_code(403); die('<h3>403, API Forbidden</h3>');
|
|
}
|
|
header('Location: login.php'); die;
|
|
}
|
|
|
|
$session = trim($_COOKIE['_session']);
|
|
$sessions = explode("\n", trim(file_get_contents('/tmp/apcontrol-sessions')));
|
|
if (!in_array($session, $sessions)) {
|
|
if (substr($_SERVER['REQUEST_URI'],0,5) === '/api/') {
|
|
http_response_code(403); die('<h3>403, API Forbidden</h3>');
|
|
}
|
|
header('Location: login.php'); die;
|
|
}
|
|
unset($sessions);
|
|
|
|
if (!file_exists($GLOBALS['appconf']['data_dir']))
|
|
mkdir($GLOBALS['appconf']['data_dir']);
|
|
|
|
|
|
// global variables
|
|
$GLOBALS['_cache'] = [];
|
|
$GLOBALS['supported_ap_software'] = [
|
|
'mastodon',
|
|
];
|
|
|
|
// functions
|
|
function apiresult($data, $code=200) {
|
|
if (isset($GLOBALS['IS_PHP']) && $GLOBALS['IS_PHP']) {
|
|
$GLOBALS['api_data'] = $data;
|
|
return false;
|
|
}
|
|
if ($code !== 200) http_response_code($code);
|
|
header('Content-Type: application/json');
|
|
if (gettype($data) !== 'string')
|
|
echo json_encode($data);
|
|
else echo $data;
|
|
die;
|
|
}
|
|
|
|
function instance_config($software, $instance=null) {
|
|
if (!in_array($software, $GLOBALS['supported_ap_software']))
|
|
return null;
|
|
|
|
if ($instance === null)
|
|
$instance = trim($_GET['instance']);
|
|
|
|
if (isset($GLOBALS['_cache'][$software.$instance]))
|
|
return $GLOBALS['_cache'][$software.$instance];
|
|
|
|
$GLOBALS['IS_PHP'] = true;
|
|
unset($GLOBALS['api_data']);
|
|
require 'api/v1/config/get/mod.php';
|
|
unset($GLOBALS['IS_PHP']);
|
|
|
|
if (!isset($GLOBALS['api_data']))
|
|
return null;
|
|
|
|
|
|
$found = false;
|
|
foreach ($GLOBALS['api_data']['hosts'][$software] as $ins_cfg) {
|
|
if ($ins_cfg['instance'] === $instance) {
|
|
$found = $ins_cfg;
|
|
}
|
|
}
|
|
if ($found === false)
|
|
return null;
|
|
|
|
$config = [];
|
|
$config_raw = explode("\n", trim($found['config']));
|
|
foreach ($config_raw as $ln) {
|
|
$k = substr($ln, 0, strpos($ln,'='));
|
|
$v = substr($ln, strpos($ln,'=')+1);
|
|
$config[$k] = $v;
|
|
}
|
|
|
|
$GLOBALS['_cache'][$software.$instance] = $config;
|
|
return $config;
|
|
}
|
|
|
|
function instance_config_require($software, $instance=null) {
|
|
$config = instance_config($software, $instance);
|
|
if ($config === null)
|
|
apiresult(['error' => 'instance parameter is incorrect. Does not exist'], 400);
|
|
return $config;
|
|
}
|
|
|
|
function instance_http_get($url) { return instance_http_request($url, 'GET'); }
|
|
function instance_http_post($url, $data=null) { return instance_http_request($url, 'POST', $data); }
|
|
function instance_http_request($url, $method, $data=null) {
|
|
$huri = substr(trim($_SERVER['REQUEST_URI']), 7);
|
|
$ps = explode('/', trim($huri, '/'));
|
|
if ($ps[0] !== 'http' || !in_array($ps[1], $GLOBALS['supported_ap_software']))
|
|
apiresult(['error' => 'this method can only be called from api/v1/http/<software> URIs'], 500);
|
|
|
|
$software = $ps[1];
|
|
$config = instance_config($software);
|
|
$url = $config['instance_url'].$url;
|
|
|
|
$ch = curl_init();
|
|
curl_setopt($ch, CURLOPT_URL, $url);
|
|
if ($method === 'POST') {
|
|
curl_setopt($ch, CURLOPT_CUSTOMREQUEST, 'POST');
|
|
if ($data !== null)
|
|
curl_setopt($ch, CURLOPT_POSTFIELDS, $data);
|
|
}
|
|
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);
|
|
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
|
|
|
|
if (isset($config['api_authkey'])) {
|
|
curl_setopt($ch, CURLOPT_HTTPHEADER, [
|
|
'Authorization: Bearer '.$config['api_authkey'],
|
|
]);
|
|
}
|
|
|
|
$output = curl_exec($ch);
|
|
curl_close($ch);
|
|
return $output;
|
|
}
|
|
|
|
function valid_mastodon_account_id($id) {
|
|
return preg_match('/^\d+$/', strval($id));
|
|
}
|
|
|
|
// classes
|
|
require 'classes/PgDatabase.php';
|