| <?php |
| /* |
| * Copyright 2019, Google Inc. |
| * All rights reserved. |
| * |
| * Redistribution and use in source and binary forms, with or without |
| * modification, are permitted provided that the following conditions are |
| * met: |
| * |
| * * Redistributions of source code must retain the above copyright |
| * notice, this list of conditions and the following disclaimer. |
| * * Redistributions in binary form must reproduce the above |
| * copyright notice, this list of conditions and the following disclaimer |
| * in the documentation and/or other materials provided with the |
| * distribution. |
| * * Neither the name of Google Inc. nor the names of its |
| * contributors may be used to endorse or promote products derived from |
| * this software without specific prior written permission. |
| * |
| * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS |
| * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT |
| * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR |
| * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT |
| * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, |
| * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT |
| * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, |
| * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY |
| * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT |
| * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE |
| * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
| */ |
| |
| |
| $route = $_GET['route']; |
| $method = $_SERVER['REQUEST_METHOD']; |
| |
| //Ensure all requests are made over https |
| if(empty($_SERVER['HTTPS']) || $_SERVER['HTTPS'] !== "on") { |
| header('HTTP/1.0 403 Forbidden'); |
| echo 'All requests must be made over https'; |
| die(); |
| } |
| |
| //Implements basic auth for all routes |
| //Be sure to change the username and password |
| if($_SERVER['PHP_AUTH_USER'] != 'username' |
| || $_SERVER['PHP_AUTH_PW'] != 'password') { |
| header('WWW-Authenticate: Basic'); |
| header('HTTP/1.0 401 Unauthorized'); |
| die('Unauthorized'); |
| } |
| |
| require 'apiv3methods.php'; |
| |
| //loads the posted data of the request |
| $request = file_get_contents('php://input'); |
| |
| if($method === 'GET') { |
| //GET /v3/HealthCheck |
| if($route === 'HealthCheck') { |
| try { |
| header('Content-type:application/json'); |
| echo healthCheck(); |
| } |
| catch(Exception $e) { |
| //TO-DO: add specific error handling |
| echo $e->getMessage(); |
| } |
| } |
| else { |
| //an unkown GET request |
| header('HTTP/1.0 404 Not Found'); |
| echo '404<br>'; |
| echo 'Method: ' . $method; |
| } |
| } |
| else if($method === 'POST') { |
| switch($route) { |
| // POST /v3/CheckAvailability |
| case 'CheckAvailability': |
| try { |
| header('Content-type:application/json'); |
| echo checkAvailability($request); |
| } |
| catch(Exception $e) { |
| //TO-DO: add specific error handling |
| echo $e->getMessage(); |
| die(); |
| } |
| break; |
| //POST /v3/CreateBooking |
| case 'CreateBooking': |
| try { |
| header('Content-type:application/json'); |
| echo createBooking($request); |
| } |
| catch(Exception $e) { |
| //TO-DO: add specific error handling |
| echo $e->getMessage(); |
| die(); |
| } |
| break; |
| // POST /v3/UpdateBooking |
| case 'UpdateBooking': |
| try { |
| header('Content-type:application/json'); |
| echo updateBooking($request); |
| } |
| catch(Exception $e) { |
| //TO-DO: add specific error handling |
| echo $e->getMessage(); |
| die(); |
| } |
| break; |
| //POST /v3/GetBookingStatus |
| case 'GetBookingStatus': |
| try { |
| header('Content-type:application/json'); |
| echo getBookingStatus($request); |
| } |
| catch(Exception $e) { |
| //TO-DO: add specific error handling |
| echo $e->getMessage(); |
| die(); |
| } |
| break; |
| //POST /v3/ListBookings |
| case 'ListBookings': |
| try { |
| header('Content-type:application/json'); |
| echo listBookings($request); |
| } |
| catch(Exception $e) { |
| //TO-DO: add specific error handling |
| echo $e->getMessage(); |
| die(); |
| } |
| break; |
| //POST /v3/CheckOrderFulfillability |
| case 'CheckOrderFulfillability': |
| try { |
| header('Content-type:application/json'); |
| echo checkOrderFulfillability($request); |
| } |
| catch(Exception $e) { |
| //TO-DO: add specific error handling |
| echo $e->getMessage(); |
| die(); |
| } |
| break; |
| //POST /v3/CreateOrder |
| case 'CreateOrder': |
| try { |
| header('Content-type:application/json'); |
| echo createOrder($request); |
| } |
| catch(Exception $e) { |
| //TO-DO: add specific error handling |
| echo $e->getMessage(); |
| die(); |
| } |
| break; |
| //POST /v3/ListOrders |
| case 'ListOrders': |
| try { |
| header('Content-type:application/json'); |
| echo listOrders($request); |
| } |
| catch(Exception $e) { |
| //TO-DO: add specific error handling |
| echo $e->getMessage(); |
| die(); |
| } |
| break; |
| //An unkown post request |
| default: |
| header('HTTP/1.0 404 Not Found'); |
| echo '404<br>'; |
| echo 'Method: ' . $method; |
| } |
| } |
| //A request with a non post or get method |
| else { |
| header('HTTP/1.0 404 Not Found'); |
| echo '404<br>'; |
| echo 'Method: ' . $method; |
| } |
| |