-
-
Notifications
You must be signed in to change notification settings - Fork 0
/
mobile_data.php
89 lines (78 loc) · 3.81 KB
/
mobile_data.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
<?php
/* Copyright (C) 2021-2022 John Livingston
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*
* Library javascript to enable Browser notifications
*/
if (!defined('NOREQUIREMENU')) define('NOREQUIREMENU', 1);
if (!defined('NOREQUIREHTML')) define('NOREQUIREHTML', 1);
if (!defined('NOREQUIREAJAX')) define('NOREQUIREAJAX', '1');
if (!defined('NOCSRFCHECK')) define('NOCSRFCHECK', 1);
// Load Dolibarr environment
$res=0;
// Try main.inc.php into web root known defined into CONTEXT_DOCUMENT_ROOT (not always defined)
if (! $res && ! empty($_SERVER["CONTEXT_DOCUMENT_ROOT"])) $res=@include $_SERVER["CONTEXT_DOCUMENT_ROOT"]."/main.inc.php";
// Try main.inc.php into web root detected using web root calculated from SCRIPT_FILENAME
$tmp=empty($_SERVER['SCRIPT_FILENAME'])?'':$_SERVER['SCRIPT_FILENAME'];$tmp2=realpath(__FILE__); $i=strlen($tmp)-1; $j=strlen($tmp2)-1;
while($i > 0 && $j > 0 && isset($tmp[$i]) && isset($tmp2[$j]) && $tmp[$i]==$tmp2[$j]) { $i--; $j--; }
if (! $res && $i > 0 && file_exists(substr($tmp, 0, ($i+1))."/main.inc.php")) $res=@include substr($tmp, 0, ($i+1))."/main.inc.php";
if (! $res && $i > 0 && file_exists(substr($tmp, 0, ($i+1))."/../main.inc.php")) $res=@include substr($tmp, 0, ($i+1))."/../main.inc.php";
// Try main.inc.php using relative path
if (! $res && file_exists("../../main.inc.php")) $res=@include "../../main.inc.php";
if (! $res && file_exists("../../../main.inc.php")) $res=@include "../../../main.inc.php";
if (! $res) die("Include of main fails");
header('Cache-Control: no-cache');
$key = GETPOST('key', 'alpha');
$action = GETPOST('action', 'alpha');
dol_syslog('Calling action "'.$action.'" on key "'.$key.'".', LOG_DEBUG);
if (preg_match('/^[a-z]+$/', $key) && preg_match('/^\w+$/', $action)) {
$lib_file = './lib/data/mobile_action_'.$key.'.class.php';
if (file_exists($lib_file)) {
include_once($lib_file);
$className = 'DataMobileAction'.ucfirst($key);
$actionMethod = 'action_'.$action;
if(class_exists($className)) {
$obj = new $className($db);
if(method_exists($obj, $actionMethod)) {
if (!$obj->testRights($user, $action)) {
http_response_code(403);
accessforbidden();
exit(0);
}
dol_syslog("Calling method $actionMethod on class $className", LOG_DEBUG);
$json = $obj->$actionMethod();
if (!is_array($json)) {
dol_syslog('The action '.$key.'->'.$action.' returns an empty object. Returning a 500 error.', LOG_ERR);
http_response_code(500);
exit(0);
}
dol_syslog('The action '.$key.'->'.$action.' returned a value.', LOG_DEBUG);
header('Content-Type: application/json');
print json_encode($json);
exit(0);
}
dol_syslog('pickup_mobile_data: method '.$actionMethod.' do not exist on class '.$className, LOG_ERR);
} else {
dol_syslog('pickup_mobile_data: Class '.$className.' not found', LOG_ERR);
}
} else {
dol_syslog('pickup_mobile_data: file '.$lib_file.' does not exist', LOG_ERR);
}
} else {
dol_syslog('pickup_mobile_data: invalid key or action', LOG_ERR);
}
dol_syslog('pickup_mobile_data: Unknown entry point ('.$key.'->'.$action.')', LOG_ERR);
http_response_code(400);
exit(0);