From 4ab9b2cea8153189af988b598bb22dfa119d0958 Mon Sep 17 00:00:00 2001 From: "Adam D. Ruppe" Date: Fri, 9 Dec 2011 00:19:04 -0500 Subject: [PATCH] i forgot there are no friend classes in php.... --- web.d.php | 38 +++++++++++++++++++++++++++++--------- 1 file changed, 29 insertions(+), 9 deletions(-) diff --git a/web.d.php b/web.d.php index 45e4a45..69cc749 100644 --- a/web.d.php +++ b/web.d.php @@ -1,6 +1,8 @@ sessionId = hash("sha256", $_SERVER["REMOTE_ADDR"] . "\r\n" . @@ -143,7 +145,7 @@ class WebDotDMethodCall { private $apiProvider; private $url; private $urlArgs = array(); - private $method; + public $method; /* public because php doesn't have friends... */ private $requestedDataFormat; private $functionName; @@ -320,10 +322,10 @@ class WebDotDApiProvider { } /// this can be used to add additional data to a request being prepared by mutating args - protected function addCustomRequestData($apiRequest, &$args) { } + public function addCustomRequestData($apiRequest, &$args) { } /// use this to manipulate the http request a little before it is sent (custom headers, etc.) - protected function addCustomCurlCode($ch, $apiRequest, $url, $postData) { } + public function addCustomCurlCode($ch, $apiRequest, $url, $postData) { } /// Returns a lazy method call object. The arguments and name are dynamic, so /// you can do $api->anyFunction($any, $args)->getSync(); @@ -352,16 +354,34 @@ class WebDotDApiProvider { /// Provides access to a *local* D ApiProvider, authenticating via a session. /// This just works on most web.d code. -class LocalWebDotApiDProvider extends WebDotDApiProvider { +class LocalWebDotDApiProvider extends WebDotDApiProvider { /// Takes a WebDotDSession + /// The endpoint can be a relative path here if you like as long + /// as it doesn't start with http. It will inherit the protocol and + /// domain of the current request. + /// FIXME: it should be a fully relative link. public function __construct($endPoint, $session) { + if(strpos($endPoint, "http") !== 0) { + $current = "http"; + if(isset($_SERVER["HTTPS"]) && $_SERVER["HTTPS"]) + $current .= "s"; + $current .= "://"; + $current .= $_SERVER["HTTP_HOST"]; + + if(strpos($endPoint, "/") === 0) + $current .= $endPoint; + else + die("Relative linking isn't really implemented well."); + $endPoint = $current; + } + parent::__construct($endPoint); $this->session = $session; } protected $session; - protected function addCustomRequestData($apiRequest, &$args) { + public function addCustomRequestData($apiRequest, &$args) { // we have to add the CSRF token or web.d will likely reject our command if($apiRequest->method != "POST") return; // no need for csrf token @@ -378,7 +398,7 @@ class LocalWebDotApiDProvider extends WebDotDApiProvider { $args[$decoded["key"]] = $decoded["token"]; } - protected function addCustomCurlCode($ch, $apiRequest, $url, $postData) { + public function addCustomCurlCode($ch, $apiRequest, $url, $postData) { // we want to ask D to also use the same session we're looking at // The full session ID tells it what to use, and the file hash proves // to D that we already have access to it. @@ -414,7 +434,7 @@ class RemoteWebDotDApiProvider extends WebDotDApiProvider { private $apiKey; private $apiSecret; - protected function addCustomCurlCode($ch, $apiRequest, $url, $postData) { + public function addCustomCurlCode($ch, $apiRequest, $url, $postData) { $oauth = new ARSDOAuth; $oauthHeader = $oauth->getRequestHeader( $this->apiKey, $this->apiSecret,