<?php
error_reporting(E_ALL);
require_once '../Controller/Functions.php';
require_once '../Model/model_require_once.php';
require_once '../Constants.php';
set_time_limit ( 300 );
$wss_path = dirname(__FILE__) . "/../../" . DB_NAME . '_custom/web_service_security.php';
if (file_exists ( $wss_path ))
require_once $wss_path;
//TODO: add security for script access to MySQLDB_Code_Generator
else {
echo "ERROR: web service security not found at " . $wss_path;
}
/* @var $wss WebServiceSecurity */
$wss = new WebServiceSecurity ( );
$parameters = array ();
if (count ( $_GET ) > 0) {
$parameters = $_GET;
} else if (count ( $_POST ) > 0) {
$parameters = $_POST;
} else {
//print help
?>
<h1>Web Service Description Page</h1>
The following classes and their methods are available for calling
through this web service.
<br>
<h3>General Parameters:</h3>
<em>Pass in the following parameters and any necessary parameters for
the given method using either GET or POST (but not both).</em>
<br>
<strong>model:</strong>
The class to call
<br>
<strong>primary_key_value:</strong>
The value of the primary key for the object you wish to call on.
<br>
<strong>method:</strong>
The method to call.
<br>
<strong>encoding:</strong>
The encoding of the result. Options: json or xml.
<br>
<br>
<h3>Security:</h3>
<?php
echo $wss->getComments ();
?>
<h3>Submit by Form:</h3>
<form method="get">
<table>
<tr>
<td>Model</td>
<td><select id="model" name="model">
<?php
$classes = get_declared_classes ();
foreach ( $classes as $class ) {
if (get_parent_class ( $class ) == "DBElement") {
?>
<option value="<?php
echo $class;
?>"><?php
echo $class;
?></option>
<?php
}
}
?>
</select></td>
</tr>
<tr>
<td>Primary Key Value</td>
<td><input id="primary_key_value" name="primary_key_value" type="text" /></td>
</tr>
<tr>
<td>Method</td>
<td><input id="method" name="method" type="text" /></td>
</tr>
<tr>
<td>Encoding</td>
<td><select name="encoding" id="encoding">
<option value="json">json</option>
<option value="xml">xml</option>
</select></td>
</tr>
<tr>
<td>Username</td>
<td><input id="username" name="username" type="text" /></td>
</tr>
<tr>
<td>Password</td>
<td><input id="password" name="password" type="password" /></td>
</tr>
<tr>
<td></td>
<td><input type="submit" value="Submit Method" /></td>
</tr>
</table>
</form>
<h2>Classes</h2>
<?php
$classes = get_declared_classes ();
foreach ( $classes as $class ) {
if (get_parent_class ( $class ) == "DBElement") {
?>
<h3><?php
echo $class;
?></h3>
<strong>Static Method:</strong>
insertNew
<?php
echo $class?>
(
<?php
echo getClassProperties($class);
?>
);
<br>
<?php
$class_instance = new $class ( );
$methods = get_class_methods ( $class );
foreach ( $methods as $method ) {
if (EndsWith ( "_parameters", $method ) || EndsWith("_construct", $method) || StartsWith("print", $method) || StartsWith("instantiate_javascript_object", $method) || EndsWith("_properties", $method)) {
continue;
}
?>
<strong>Method:</strong>
<?php
echo $method;
$method_parameters = "get_" . $method . "_parameters";
if (in_array ( $method_parameters, $methods )) {
echo " (" . $class_instance->$method_parameters () . ")";
} else {
echo "()";
}
?>
<br>
<?php
}
}
}
return;
}
//check if they've passed in the basic parameters
if (isset ( $parameters ["model"] ) && isset ( $parameters ["method"] ) && isset ( $parameters ['encoding'] )) {
//if they have, check security
if (! $wss->checkGeneralSecurity ( $parameters )) {
die ( "Security check failed on General Security Check. " . $wss->getComments () );
}
}
//get model class
if (isset ( $parameters ['model'] )) {
$model = $parameters ['model'];
} else {
echo "Please provide model parameter, submit with no parameters for 'help'.<br>";
}
//get method
if (isset ( $parameters ['method'] )) {
$method = $parameters ['method'];
} else {
echo "Please provide method parameter, submit with no parameters for 'help'.<br>";
}
//check if the method starts with insertNew, then we don't need a primary key
if(StartsWith("insertNew", $parameters ['method'])){
$class_instance = new $model ( );
$properties_list = explode(", ", getClassProperties($model));
foreach($properties_list as $prop){
if(isset ( $parameters [$prop] ) && $parameters [$prop] != 'undefined'){
$class_instance->$prop = $parameters [$prop];
}
}
try{
echo json_encode($class_instance->insertMe());
return true;
}
catch(Exception $e){
echo json_encode($e);
return false;
}
}
//get primary key
else if (isset ( $parameters ['primary_key_value'] )) {
$primary_key_value = $parameters ['primary_key_value'];
} else {
echo "Please provide primary_key_value parameter, submit with no parameters for 'help'.<br>";
}
//get encoding
if (isset ( $parameters ['encoding'] )) {
$class_vars = get_class_vars ( $model );
$primary_key_field = $class_vars ['primary_key_field'];
$constructor = "constructFrom_$primary_key_field";
$class_instance = new $model ( );
//construct the class
try{
$target = $class_instance->$constructor ( $primary_key_value );
}
catch(Exception $e){
die(json_encode($e));
}
if (! $wss->checkModelSecurity ( $target )) {
die ( "Security check failed on Model Security Check. " . $wss->getComments () );
}
//get method parameters
$method_parameters = "get_" . $method . "_parameters";
if (method_exists ( $model, $method_parameters )) {
$method_parameters = $class_instance->$method_parameters ();
$method_parameters = explode ( ",", $method_parameters );
$num_args = count ( $method_parameters );
$args = array ();
foreach ( $method_parameters as $arg ) {
$arg = trim ( $arg );
if (isset ( $parameters [$arg] ))
array_push ( $args, $parameters [$arg] );
else {
die ("Parameter $arg must be provided to call $method <br>");
}
}
//get result and pass args
$result = call_user_func_array ( array ($target, $method ), $args );
} else {
//get result no args
$result = $target->$method ();
}
//encode result
if ($parameters ['encoding'] == "xml") {
header ( "Content-Type: text/xml" );
echo wsSerialize ( $result );
} else if ($parameters ['encoding'] == "json") {
header ( "Content-Type: application/json" );
echo json_encode ( $result );
}
} else {
echo "Please provide encoding parameter, submit with no parameters for 'help'. <br>";
}
/**
* Serializes an object
*
* @param mixed $object
* @return string xml
*/
function wsSerialize($object) {
// An array of serializer options
$serializer_options = array (XML_SERIALIZER_OPTION_INDENT => ' ', XML_SERIALIZER_OPTION_TYPEHINTS => TRUE, XML_SERIALIZER_OPTION_DEFAULT_TAG => 'array_item' );
// create object
$serializer = new XML_Serializer ( $serializer_options );
$status = $serializer->serialize ( $object );
if (PEAR::isError ( $status )) {
throw new Exception ( $status->getMessage () );
}
return $serializer->getSerializedData ();
}
?>