api/index.php

   1 <?php
   2         error_reporting(E_ERROR | E_PARSE);
   3
   4         require_once "../config.php";
   5
   6         set_include_path(dirname(__FILE__) . PATH_SEPARATOR .
   7                 dirname(dirname(__FILE__)) . PATH_SEPARATOR .
   8                 dirname(dirname(__FILE__)) . "/include" . PATH_SEPARATOR .
   9                 get_include_path());
  10
  11         chdir("..");
  12
  13         define('TTRSS_SESSION_NAME', 'ttrss_api_sid');
  14         define('NO_SESSION_AUTOSTART', true);
  15
  16         require_once "autoload.php";
  17         require_once "db.php";
  18         require_once "db-prefs.php";
  19         require_once "functions.php";
  20         require_once "sessions.php";
  21
  22         ini_set("session.gc_maxlifetime", 86400);
  23
  24         define('AUTH_DISABLE_OTP', true);
  25
  26         if (defined('ENABLE_GZIP_OUTPUT') && ENABLE_GZIP_OUTPUT &&
  27                         function_exists("ob_gzhandler")) {
  28
  29                 ob_start("ob_gzhandler");
  30         } else {
  31                 ob_start();
  32         }
  33
  34         $input = file_get_contents("php://input");
  35
  36         if (defined('_API_DEBUG_HTTP_ENABLED') && _API_DEBUG_HTTP_ENABLED) {
  37                 // Override $_REQUEST with JSON-encoded data if available
  38                 // fallback on HTTP parameters
  39                 if ($input) {
  40                         $input = json_decode($input, true);
  41                         if ($input) $_REQUEST = $input;
  42                 }
  43         } else {
  44                 // Accept JSON only
  45                 $input = json_decode($input, true);
  46                 $_REQUEST = $input;
  47         }
  48
  49         if ($_REQUEST["sid"]) {
  50                 session_id($_REQUEST["sid"]);
  51                 @session_start();
  52         } else if (defined('_API_DEBUG_HTTP_ENABLED')) {
  53                 @session_start();
  54         }
  55
  56         startup_gettext();
  57
  58         if (!init_plugins()) return;
  59
  60         if ($_SESSION["uid"]) {
  61                 if (!validate_session()) {
  62                         header("Content-Type: text/json");
  63
  64                         print json_encode(array("seq" => -1,
  65                                 "status" => 1,
  66                                 "content" => array("error" => "NOT_LOGGED_IN")));
  67
  68                         return;
  69                 }
  70
  71                 load_user_plugins( $_SESSION["uid"]);
  72         }
  73
  74         $method = strtolower($_REQUEST["op"]);
  75
  76         $handler = new API($_REQUEST);
  77
  78         if ($handler->before($method)) {
  79                 if ($method && method_exists($handler, $method)) {
  80                         $handler->$method();
  81                 } else if (method_exists($handler, 'index')) {
  82                         $handler->index($method);
  83                 }
  84                 $handler->after();
  85         }
  86
  87         header("Api-Content-Length: " . ob_get_length());
  88
  89         ob_end_flush();
  90