From aabce5e25db29fb13a02cca86d62d2f6c896ba1f Mon Sep 17 00:00:00 2001 From: Ivan Tcholakov Date: Sun, 9 Aug 2015 03:36:05 +0300 Subject: [PATCH 001/215] A minor visual correction. --- application/views/rest_server.php | 1 + application/views/welcome_message.php | 1 + 2 files changed, 2 insertions(+) diff --git a/application/views/rest_server.php b/application/views/rest_server.php index b5e378db..2faded75 100644 --- a/application/views/rest_server.php +++ b/application/views/rest_server.php @@ -18,6 +18,7 @@ margin: 40px; font: 16px/20px normal Helvetica, Arial, sans-serif; color: #4F5155; + word-wrap: break-word; } a { diff --git a/application/views/welcome_message.php b/application/views/welcome_message.php index 1870d556..8c879443 100644 --- a/application/views/welcome_message.php +++ b/application/views/welcome_message.php @@ -16,6 +16,7 @@ margin: 40px; font: 16px/20px normal Helvetica, Arial, sans-serif; color: #4F5155; + word-wrap: break-word; } a { From ed523603d61833affb293ab664bffed13aaacbac Mon Sep 17 00:00:00 2001 From: softwarespot Date: Thu, 13 Aug 2015 19:07:01 +0300 Subject: [PATCH 002/215] Updated documentation --- documentation/source-class-REST_Controller.html | 4 ++-- documentation/source-class-Welcome.html | 10 +++++----- 2 files changed, 7 insertions(+), 7 deletions(-) diff --git a/documentation/source-class-REST_Controller.html b/documentation/source-class-REST_Controller.html index 5d6c6497..84d4170f 100644 --- a/documentation/source-class-REST_Controller.html +++ b/documentation/source-class-REST_Controller.html @@ -1072,7 +1072,7 @@

Classes

978: } 979: } 980: - 981: return $row; + 981: return TRUE; 982: } 983: 984: // No key has been sent @@ -2209,7 +2209,7 @@

Classes

- + diff --git a/documentation/source-class-Welcome.html b/documentation/source-class-Welcome.html index 53bf7995..6a681eb1 100644 --- a/documentation/source-class-Welcome.html +++ b/documentation/source-class-Welcome.html @@ -101,10 +101,10 @@

Classes

 7: * Index Page for this controller. 8: * 9: * Maps to the following URL -10: * http://example.com/index.php/welcome -11: * - or - -12: * http://example.com/index.php/welcome/index -13: * - or - +10: * http://example.com/index.php/welcome +11: * - or - +12: * http://example.com/index.php/welcome/index +13: * - or - 14: * Since this controller is set as the default controller in 15: * config/routes.php, it's displayed at http://example.com/ 16: * @@ -126,7 +126,7 @@

Classes

- + From a6e46c8bf23f8303fb1c9d8672fb94a725e4c7e4 Mon Sep 17 00:00:00 2001 From: kenjis Date: Sat, 29 Aug 2015 18:10:05 +0900 Subject: [PATCH 003/215] Fix _generate_key() method. See #535 --- application/controllers/api/Key.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/application/controllers/api/Key.php b/application/controllers/api/Key.php index 1823c814..0fa67172 100644 --- a/application/controllers/api/Key.php +++ b/application/controllers/api/Key.php @@ -213,7 +213,7 @@ private function _generate_key() do { // Generate a random salt - $salt = $this->security->get_random_bytes(64); + $salt = base_convert(bin2hex($this->security->get_random_bytes(64)), 16, 36); // If an error occurred, then fall back to the previous method if ($salt === FALSE) From f26a018802a44d01b806d7a8ba048edbf233829d Mon Sep 17 00:00:00 2001 From: kenjis Date: Tue, 1 Sep 2015 21:14:14 +0900 Subject: [PATCH 004/215] Refactor REST_Controller::_parse_options() --- application/libraries/REST_Controller.php | 25 +---------------------- 1 file changed, 1 insertion(+), 24 deletions(-) diff --git a/application/libraries/REST_Controller.php b/application/libraries/REST_Controller.php index 2c50884f..33288a29 100644 --- a/application/libraries/REST_Controller.php +++ b/application/libraries/REST_Controller.php @@ -1435,30 +1435,7 @@ protected function _parse_delete() */ protected function _parse_query() { - // Declare a variable that will hold the REQUEST_URI - $request_uri = NULL; - - // If using the commandline version - if (is_cli()) - { - $args = $this->input->server('argv'); - unset($args[0]); - - // Combine the arguments using '/' as the delimiter - $request_uri = '/' . implode('/', $args) . '/'; - - // Set the following server variables (perhaps not required anymore?) - $_SERVER['REQUEST_URI'] = $request_uri; - $_SERVER['PATH_INFO'] = $request_uri; - $_SERVER['QUERY_STRING'] = $request_uri; - } - else - { - $request_uri = $this->input->server('REQUEST_URI'); - } - - // Parse the query parameters from the query string - parse_str(parse_url(http://github.com/$request_uri,%20PHP_URL_QUERY), $this->_query_args); + $this->_query_args = $this->input->get(); } // INPUT FUNCTION -------------------------------------------------------------- From 23e8142d669a4211cebe45e0125f40d514b697bf Mon Sep 17 00:00:00 2001 From: Chris Kacerguis Date: Fri, 11 Sep 2015 17:54:53 -0500 Subject: [PATCH 005/215] changed back to time() it should not have been a PHP function, but a SQL function. fixes #548 --- application/libraries/REST_Controller.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/application/libraries/REST_Controller.php b/application/libraries/REST_Controller.php index 2c50884f..403aa833 100644 --- a/application/libraries/REST_Controller.php +++ b/application/libraries/REST_Controller.php @@ -1037,7 +1037,7 @@ protected function _log_request($authorized = FALSE) 'params' => $this->_args ? ($this->config->item('rest_logs_json_params') === TRUE ? json_encode($this->_args) : serialize($this->_args)) : NULL, 'api_key' => isset($this->rest->key) ? $this->rest->key : '', 'ip_address' => $this->input->ip_address(), - 'time' => now(), // Used to be: function_exists('now') ? now() : time() + 'time' => time(), 'authorized' => $authorized ]); From f329f1e7e4309c4f52fb03c78c7bf9137016183b Mon Sep 17 00:00:00 2001 From: softwarespot Date: Sat, 12 Sep 2015 08:25:49 +0300 Subject: [PATCH 006/215] Added new changelog entires --- CHANGELOG.md | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index a482d6ee..dfdadc58 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,6 +1,19 @@ Changelog: =========== +### 2.7.2 + +* Added $this->query() in which query parameters can now be obtained regardless of whether a GET request is sent or not +* Added doc comments added to functions +* Added HTTP status constants e.g. REST_Controller::HTTP_OK +* Added new CSV formatting function +* Fixed numerous bug fixes +* Updated API calls limit can be based on API key, routed url or method name +* Updated documentation +* Updated examples (thanks @ivantcholakov and @lagaisse) +* Updated many functions by re-writing (thanks @softwarespot) +* Updated performance increase + ### 2.7.0 * Added Blacklist IP option From d10a30903e43dd6ca237092d4d70b8ba16fc7376 Mon Sep 17 00:00:00 2001 From: softwarespot Date: Sat, 12 Sep 2015 08:28:20 +0300 Subject: [PATCH 007/215] Renamed _CI variable Now matches the same style as CodeIgniter --- application/libraries/Format.php | 22 +++++++++++----------- 1 file changed, 11 insertions(+), 11 deletions(-) diff --git a/application/libraries/Format.php b/application/libraries/Format.php index 6615e2cf..0d3bf773 100644 --- a/application/libraries/Format.php +++ b/application/libraries/Format.php @@ -56,7 +56,7 @@ class Format { * * @var object */ - private $_ci; + private $_CI; /** * Data to parse @@ -83,10 +83,10 @@ class Format { public function __construct($data = NULL, $from_type = NULL) { // Get the CodeIgniter reference - $this->_ci = &get_instance(); + $this->_CI = &get_instance(); // Load the inflector helper - $this->_ci->load->helper('inflector'); + $this->_CI->load->helper('inflector'); // If the provided data is already formatted we should probably convert it to an array if ($from_type !== NULL) @@ -283,20 +283,20 @@ public function to_html($data = NULL) } // Load the table library - $this->_ci->load->library('table'); + $this->_CI->load->library('table'); - $this->_ci->table->set_heading($headings); + $this->_CI->table->set_heading($headings); foreach ($data as $row) { - // Suppressing the "array to string conversion" notice. - // Keep the "evil" @ here. - $row = @ array_map('strval', $row); + // Suppressing the "array to string conversion" notice + // Keep the "evil" @ here + $row = @array_map('strval', $row); - $this->_ci->table->add_row($row); + $this->_CI->table->add_row($row); } - return $this->_ci->table->generate(); + return $this->_CI->table->generate(); } /** @@ -405,7 +405,7 @@ public function to_json($data = NULL) } // Get the callback parameter (if set) - $callback = $this->_ci->input->get('callback'); + $callback = $this->_CI->input->get('callback'); if (empty($callback) === TRUE) { From a89db04f326e78314e361411741aead0d04515a1 Mon Sep 17 00:00:00 2001 From: softwarespot Date: Sat, 12 Sep 2015 08:34:07 +0300 Subject: [PATCH 008/215] Throw exceptions than exit --- application/libraries/REST_Controller.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/application/libraries/REST_Controller.php b/application/libraries/REST_Controller.php index 403aa833..221df752 100644 --- a/application/libraries/REST_Controller.php +++ b/application/libraries/REST_Controller.php @@ -381,13 +381,13 @@ public function __construct($config = 'rest') if (is_php('5.4') === FALSE) { // CodeIgniter 3 is recommended for v5.4 or above - exit('Using PHP v' . PHP_VERSION . ', though PHP v5.4 or greater is required'); + throw new Exception('Using PHP v' . PHP_VERSION . ', though PHP v5.4 or greater is required'); } // Check to see if this is CI 3.x if (explode('.', CI_VERSION, 2)[0] < 3) { - exit('REST Server requires CodeIgniter 3.x'); + throw new Exception('REST Server requires CodeIgniter 3.x'); } // Set the default value of global xss filtering. Same approach as CodeIgniter 3 From 5e2ae86ac6bc5a0daa1bb37fc88e643c419d420f Mon Sep 17 00:00:00 2001 From: softwarespot Date: Sat, 12 Sep 2015 08:36:22 +0300 Subject: [PATCH 009/215] Unified comments --- application/libraries/REST_Controller.php | 28 +++++++++++------------ 1 file changed, 14 insertions(+), 14 deletions(-) diff --git a/application/libraries/REST_Controller.php b/application/libraries/REST_Controller.php index 403aa833..1df0ede7 100644 --- a/application/libraries/REST_Controller.php +++ b/application/libraries/REST_Controller.php @@ -150,8 +150,8 @@ abstract class REST_Controller extends CI_Controller { const HTTP_NETWORK_AUTHENTICATION_REQUIRED = 511; /** - * This defines the rest format. - * Must be overridden it in a controller so that it is set. + * This defines the rest format + * Must be overridden it in a controller so that it is set * * @var string|NULL */ @@ -269,7 +269,7 @@ abstract class REST_Controller extends CI_Controller { protected $_args = []; /** - * If the request is allowed based on the API key provided. + * If the request is allowed based on the API key provided * * @var bool */ @@ -323,7 +323,7 @@ abstract class REST_Controller extends CI_Controller { * Enable XSS flag * Determines whether the XSS filter is always active when * GET, OPTIONS, HEAD, POST, PUT, DELETE and PATCH data is encountered. - * Set automatically based on config setting. + * Set automatically based on config setting * * @var bool */ @@ -560,11 +560,11 @@ public function __destruct() /** * Requests are not made to methods directly, the request will be for * an "object". This simply maps the object and method to the correct - * Controller method. + * Controller method * * @access public * @param string $object_called - * @param array $arguments The arguments passed to the controller method. + * @param array $arguments The arguments passed to the controller method */ public function _remap($object_called, $arguments) { @@ -588,7 +588,7 @@ public function _remap($object_called, $arguments) // Use keys for this method? $use_key = !(isset($this->methods[$controller_method]['key']) && $this->methods[$controller_method]['key'] === FALSE); - // They provided a key, but it wasn't valid, so get them out of here. + // They provided a key, but it wasn't valid, so get them out of here if ($this->config->item('rest_enable_keys') && $use_key && $this->_allow === FALSE) { if ($this->config->item('rest_enable_logging') && $log_method) @@ -602,7 +602,7 @@ public function _remap($object_called, $arguments) ], self::HTTP_FORBIDDEN); } - // Check to see if this key has access to the requested controller. + // Check to see if this key has access to the requested controller if ($this->config->item('rest_enable_keys') && $use_key && empty($this->rest->key) === FALSE && $this->_check_access() === FALSE) { if ($this->config->item('rest_enable_logging') && $log_method) @@ -713,7 +713,7 @@ public function response($data = NULL, $http_code = NULL, $continue = FALSE) $this->output->set_content_type($this->_supported_formats[$this->response->format], strtolower($this->config->item('charset'))); $output = $this->format->factory($data)->{'to_' . $this->response->format}(); - // An array must be parsed as a string, so as not to cause an array to string error. + // An array must be parsed as a string, so as not to cause an array to string error // Json is the most appropriate form for such a datatype if ($this->response->format === 'array') { @@ -763,7 +763,7 @@ public function response($data = NULL, $http_code = NULL, $continue = FALSE) * Takes mixed data and optionally a status code, then creates the response * within the buffers of the Output class. The response is sent to the client * lately by the framework, after the current controller's method termination. - * All the hooks after the controller's method termination are executable. + * All the hooks after the controller's method termination are executable * * @access public * @param array|NULL $data Data to output to the user @@ -904,7 +904,7 @@ protected function _detect_method() if (empty($method)) { - // Get the request method as a lowercase string. + // Get the request method as a lowercase string $method = $this->input->method(); } @@ -948,7 +948,7 @@ protected function _detect_api_key() /* * If "is private key" is enabled, compare the ip address with the list - * of valid ip addresses stored in the database. + * of valid ip addresses stored in the database */ if (empty($row->is_private_key) === FALSE) { @@ -973,7 +973,7 @@ protected function _detect_api_key() } else { - // There should be at least one IP address for this private key. + // There should be at least one IP address for this private key return FALSE; } } @@ -1617,7 +1617,7 @@ public function query($key = NULL, $xss_clean = NULL) /** * Sanitizes data so that Cross Site Scripting Hacks can be - * prevented. + * prevented * * @access protected * @param string $value Input data From 6c3c26e46f66a84384a1aa0b1f151f007c428de8 Mon Sep 17 00:00:00 2001 From: softwarespot Date: Sat, 12 Sep 2015 08:37:52 +0300 Subject: [PATCH 010/215] Changed case of color --- application/views/welcome_message.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/application/views/welcome_message.php b/application/views/welcome_message.php index 8c879443..69acde90 100644 --- a/application/views/welcome_message.php +++ b/application/views/welcome_message.php @@ -12,7 +12,7 @@ ::-moz-selection { background-color: #E13300; color: white; } body { - background-color: #fff; + background-color: #FFF; margin: 40px; font: 16px/20px normal Helvetica, Arial, sans-serif; color: #4F5155; From 24a506ab1674ab783d5fb0d2984d0c636f16969c Mon Sep 17 00:00:00 2001 From: softwarespot Date: Sat, 12 Sep 2015 08:38:59 +0300 Subject: [PATCH 011/215] Re-wrote ajax to request to be modular --- application/views/rest_server.php | 74 ++++++++++++++++++++++++------- 1 file changed, 57 insertions(+), 17 deletions(-) diff --git a/application/views/rest_server.php b/application/views/rest_server.php index 2faded75..264d1a3b 100644 --- a/application/views/rest_server.php +++ b/application/views/rest_server.php @@ -118,31 +118,71 @@ From 6f070f8de6b398e08db90ae1176490e36d5089a4 Mon Sep 17 00:00:00 2001 From: softwarespot Date: Mon, 14 Sep 2015 11:44:22 +0300 Subject: [PATCH 012/215] Fixes #555 --- application/libraries/REST_Controller.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/application/libraries/REST_Controller.php b/application/libraries/REST_Controller.php index 82f49cec..431587b9 100644 --- a/application/libraries/REST_Controller.php +++ b/application/libraries/REST_Controller.php @@ -1514,10 +1514,10 @@ public function head($key = NULL, $xss_clean = NULL) { if ($key === NULL) { - return $this->head_args; + return $this->_head_args; } - return isset($this->head_args[$key]) ? $this->_xss_clean($this->head_args[$key], $xss_clean) : NULL; + return isset($this->_head_args[$key]) ? $this->_xss_clean($this->_head_args[$key], $xss_clean) : NULL; } /** From 44352b6b60614ea0fe89827436ebc53f41f06b57 Mon Sep 17 00:00:00 2001 From: softwarespot Date: Mon, 14 Sep 2015 14:49:40 +0300 Subject: [PATCH 013/215] Removed .txt extension from LICENSE This is kind of standard on GitHub --- LICENSE.txt => LICENSE | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename LICENSE.txt => LICENSE (100%) diff --git a/LICENSE.txt b/LICENSE similarity index 100% rename from LICENSE.txt rename to LICENSE From e3af4bc19645674ef93eaa00ae8f24d5c2ead12d Mon Sep 17 00:00:00 2001 From: softwarespot Date: Mon, 14 Sep 2015 14:52:16 +0300 Subject: [PATCH 014/215] Swapped arguments around --- application/views/rest_server.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/application/views/rest_server.php b/application/views/rest_server.php index 264d1a3b..af4771e2 100644 --- a/application/views/rest_server.php +++ b/application/views/rest_server.php @@ -122,7 +122,7 @@ var App = App || {}; // Basic rest module using an IIFE as a way of enclosing private variables - App.rest = (function ($, window) { + App.rest = (function (window, $) { // Fields // Cache the jQuery selector @@ -175,7 +175,7 @@ function cacheDom() { bind(); } }; - })(jQuery, window); + })(window, jQuery); // DOM ready event $(function () { From 8187c2c1c1edb27e9e4c9e9e7ba56a3838615406 Mon Sep 17 00:00:00 2001 From: softwarespot Date: Mon, 14 Sep 2015 14:57:02 +0300 Subject: [PATCH 015/215] Removed pointless nested ifs --- application/libraries/REST_Controller.php | 16 +++++----------- 1 file changed, 5 insertions(+), 11 deletions(-) diff --git a/application/libraries/REST_Controller.php b/application/libraries/REST_Controller.php index 82f49cec..f1b75550 100644 --- a/application/libraries/REST_Controller.php +++ b/application/libraries/REST_Controller.php @@ -1349,13 +1349,10 @@ protected function _parse_put() { $this->request->body = $this->input->raw_input_stream; } - else + else if ($this->input->method() === 'put') { - // If no filetype is provided, then there are probably just arguments - if ($this->input->method() === 'put') - { - $this->_put_args = $this->input->input_stream(); - } + // If no filetype is provided, then there are probably just arguments + $this->_put_args = $this->input->input_stream(); } } @@ -1402,13 +1399,10 @@ protected function _parse_patch() { $this->request->body = $this->input->raw_input_stream; } - else + else if ($this->input->method() === 'patch') { // If no filetype is provided, then there are probably just arguments - if ($this->input->method() === 'patch') - { - $this->_patch_args = $this->input->input_stream(); - } + $this->_patch_args = $this->input->input_stream(); } } From d7b23bf62036ec9e298054cd53b81fb513200b20 Mon Sep 17 00:00:00 2001 From: softwarespot Date: Thu, 17 Sep 2015 19:32:13 +0300 Subject: [PATCH 016/215] Moved insert id declaration --- application/libraries/REST_Controller.php | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/application/libraries/REST_Controller.php b/application/libraries/REST_Controller.php index eacf54aa..88f37d37 100644 --- a/application/libraries/REST_Controller.php +++ b/application/libraries/REST_Controller.php @@ -212,13 +212,6 @@ abstract class REST_Controller extends CI_Controller { */ protected $_post_args = []; - /** - * The insert_id of the log entry (if we have one) - * - * @var string - */ - protected $_insert_id = ''; - /** * The arguments for the PUT request method * @@ -268,6 +261,13 @@ abstract class REST_Controller extends CI_Controller { */ protected $_args = []; + /** + * The insert_id of the log entry (if we have one) + * + * @var string + */ + protected $_insert_id = ''; + /** * If the request is allowed based on the API key provided * From bc8abe825092de56aa69b0f8dfc0ba61931c7e04 Mon Sep 17 00:00:00 2001 From: softwarespot Date: Thu, 17 Sep 2015 19:34:18 +0300 Subject: [PATCH 017/215] Fixed language comment --- application/language/english/rest_controller_lang.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/application/language/english/rest_controller_lang.php b/application/language/english/rest_controller_lang.php index 37305221..858c652f 100644 --- a/application/language/english/rest_controller_lang.php +++ b/application/language/english/rest_controller_lang.php @@ -1,8 +1,8 @@ Date: Thu, 17 Sep 2015 19:36:50 -0300 Subject: [PATCH 018/215] Session auth override --- application/libraries/REST_Controller.php | 32 +++++++++++++++++++++++ 1 file changed, 32 insertions(+) diff --git a/application/libraries/REST_Controller.php b/application/libraries/REST_Controller.php index eacf54aa..fa19579f 100644 --- a/application/libraries/REST_Controller.php +++ b/application/libraries/REST_Controller.php @@ -1188,6 +1188,14 @@ protected function _auth_override_check() return TRUE; } + // Session auth override found, check session + if ($auth_override_class_method[$this->router->class]['*'] === 'session') + { + $this->_check_php_session(); + + return TRUE; + } + // Whitelist auth override found, check client's ip against config whitelist if ($auth_override_class_method[$this->router->class]['*'] === 'whitelist') { @@ -1222,6 +1230,14 @@ protected function _auth_override_check() return TRUE; } + // Session auth override found, check session + if ($auth_override_class_method[$this->router->class][$this->router->method] === 'session') + { + $this->_check_php_session(); + + return TRUE; + } + // Whitelist auth override found, check client's ip against config whitelist if ($auth_override_class_method[$this->router->class][$this->router->method] === 'whitelist') { @@ -1263,6 +1279,14 @@ protected function _auth_override_check() return TRUE; } + // Session auth override found, check session + if ($auth_override_class_method[$this->router->class]['*'][$this->request->method] === 'session') + { + $this->_check_php_session(); + + return TRUE; + } + // Whitelist auth override found, check client's ip against config whitelist if ($auth_override_class_method_http[$this->router->class]['*'][$this->request->method] === 'whitelist') { @@ -1297,6 +1321,14 @@ protected function _auth_override_check() return TRUE; } + // Session auth override found, check session + if ($auth_override_class_method[$this->router->class][$this->router->method][$this->request->method] === 'session') + { + $this->_check_php_session(); + + return TRUE; + } + // Whitelist auth override found, check client's ip against config whitelist if ($auth_override_class_method_http[$this->router->class][$this->router->method][$this->request->method] === 'whitelist') { From bb39fb7ebf23dfe50ff286eb639037875cf7e775 Mon Sep 17 00:00:00 2001 From: Ivan Tcholakov Date: Fri, 18 Sep 2015 04:37:53 +0300 Subject: [PATCH 019/215] A minor language line correction. --- application/language/english/rest_controller_lang.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/application/language/english/rest_controller_lang.php b/application/language/english/rest_controller_lang.php index 858c652f..1c665bdc 100644 --- a/application/language/english/rest_controller_lang.php +++ b/application/language/english/rest_controller_lang.php @@ -9,7 +9,7 @@ $lang['text_rest_ip_denied'] = 'IP denied'; $lang['text_rest_ip_unauthorized'] = 'IP unauthorized'; $lang['text_rest_unauthorized'] = 'Unauthorized'; -$lang['text_rest_ajax_only'] = 'Only Ajax requests are only allowed'; +$lang['text_rest_ajax_only'] = 'Only AJAX requests are allowed'; $lang['text_rest_api_key_unauthorized'] = 'This API key does not have access to the requested controller'; $lang['text_rest_api_key_permissions'] = 'This API key does not have enough permissions'; $lang['text_rest_api_key_time_limit'] = 'This API key has reached the time limit for this method'; From 1bc2301392e944a3838465fb75324af182ccfebd Mon Sep 17 00:00:00 2001 From: Ivan Tcholakov Date: Fri, 18 Sep 2015 04:46:00 +0300 Subject: [PATCH 020/215] Adding Bulgarian language. --- application/language/bulgarian/index.html | 11 +++++++++++ .../language/bulgarian/rest_controller_lang.php | 17 +++++++++++++++++ 2 files changed, 28 insertions(+) create mode 100644 application/language/bulgarian/index.html create mode 100644 application/language/bulgarian/rest_controller_lang.php diff --git a/application/language/bulgarian/index.html b/application/language/bulgarian/index.html new file mode 100644 index 00000000..b702fbc3 --- /dev/null +++ b/application/language/bulgarian/index.html @@ -0,0 +1,11 @@ + + + + 403 Forbidden + + + +

Directory access is forbidden.

+ + + diff --git a/application/language/bulgarian/rest_controller_lang.php b/application/language/bulgarian/rest_controller_lang.php new file mode 100644 index 00000000..6145307d --- /dev/null +++ b/application/language/bulgarian/rest_controller_lang.php @@ -0,0 +1,17 @@ + Date: Fri, 18 Sep 2015 21:39:28 -0300 Subject: [PATCH 021/215] fixing session option class/method/http method --- application/libraries/REST_Controller.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/application/libraries/REST_Controller.php b/application/libraries/REST_Controller.php index fa19579f..a71b687d 100644 --- a/application/libraries/REST_Controller.php +++ b/application/libraries/REST_Controller.php @@ -1280,7 +1280,7 @@ protected function _auth_override_check() } // Session auth override found, check session - if ($auth_override_class_method[$this->router->class]['*'][$this->request->method] === 'session') + if ($auth_override_class_method_http[$this->router->class]['*'][$this->request->method] === 'session') { $this->_check_php_session(); @@ -1322,7 +1322,7 @@ protected function _auth_override_check() } // Session auth override found, check session - if ($auth_override_class_method[$this->router->class][$this->router->method][$this->request->method] === 'session') + if ($auth_override_class_method_http[$this->router->class][$this->router->method][$this->request->method] === 'session') { $this->_check_php_session(); From 24bb84cadc0087cd0540a84cdc6ff167b3282a89 Mon Sep 17 00:00:00 2001 From: Rogerio Taques Date: Mon, 28 Sep 2015 11:36:32 +0900 Subject: [PATCH 022/215] Added Brazilian Portuguese language support. --- application/language/portuguese/index.html | 11 +++++++++++ .../portuguese/rest_controller_lang.php | 17 +++++++++++++++++ 2 files changed, 28 insertions(+) create mode 100644 application/language/portuguese/index.html create mode 100644 application/language/portuguese/rest_controller_lang.php diff --git a/application/language/portuguese/index.html b/application/language/portuguese/index.html new file mode 100644 index 00000000..b702fbc3 --- /dev/null +++ b/application/language/portuguese/index.html @@ -0,0 +1,11 @@ + + + + 403 Forbidden + + + +

Directory access is forbidden.

+ + + diff --git a/application/language/portuguese/rest_controller_lang.php b/application/language/portuguese/rest_controller_lang.php new file mode 100644 index 00000000..04bbf6e3 --- /dev/null +++ b/application/language/portuguese/rest_controller_lang.php @@ -0,0 +1,17 @@ + Date: Mon, 28 Sep 2015 15:58:50 +0900 Subject: [PATCH 023/215] Changed from language/portuguese to language/portuguese-brazilian to match with CI3 translations tree. --- .../language/{portuguese => portuguese-brazilian}/index.html | 0 .../{portuguese => portuguese-brazilian}/rest_controller_lang.php | 0 2 files changed, 0 insertions(+), 0 deletions(-) rename application/language/{portuguese => portuguese-brazilian}/index.html (100%) rename application/language/{portuguese => portuguese-brazilian}/rest_controller_lang.php (100%) diff --git a/application/language/portuguese/index.html b/application/language/portuguese-brazilian/index.html similarity index 100% rename from application/language/portuguese/index.html rename to application/language/portuguese-brazilian/index.html diff --git a/application/language/portuguese/rest_controller_lang.php b/application/language/portuguese-brazilian/rest_controller_lang.php similarity index 100% rename from application/language/portuguese/rest_controller_lang.php rename to application/language/portuguese-brazilian/rest_controller_lang.php From acefb27162da695550f1ebdf5f9ea9ee809b2d10 Mon Sep 17 00:00:00 2001 From: Chathu Vishwaijith <4evercreations@gmail.com> Date: Sat, 24 Oct 2015 15:54:29 +0530 Subject: [PATCH 024/215] Add Licence badge --- README.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/README.md b/README.md index ccd236d9..59214003 100644 --- a/README.md +++ b/README.md @@ -194,3 +194,5 @@ as he is no longer using it. As of 2013/11/20 further developement and support Pull Requests are the best way to fix bugs or add features. I know loads of you use this, so please contribute if you have improvements to be made and I'll keep releasing versions over time. + +[![GitHub license](https://img.shields.io/badge/license-MIT-blue.svg?style=flat-square)](https://raw.githubusercontent.com/chriskacerguis/codeigniter-restserver/master/LICENSE) From 14ff0064253d55f705aa3b1d6311fdd9049e0b99 Mon Sep 17 00:00:00 2001 From: Ivan Tcholakov Date: Mon, 26 Oct 2015 19:39:25 +0200 Subject: [PATCH 025/215] Configurable supported formats, a PR about #573. --- application/config/rest.php | 25 +++++++++++++- application/libraries/REST_Controller.php | 40 ++++++++++++++++++++++- 2 files changed, 63 insertions(+), 2 deletions(-) diff --git a/application/config/rest.php b/application/config/rest.php index 71704cde..15af4ed7 100644 --- a/application/config/rest.php +++ b/application/config/rest.php @@ -14,7 +14,7 @@ /* |-------------------------------------------------------------------------- -| REST Format +| REST Output Format |-------------------------------------------------------------------------- | | The default format of the response @@ -31,6 +31,29 @@ */ $config['rest_default_format'] = 'json'; +/* +|-------------------------------------------------------------------------- +| REST Supported Output Formats +|-------------------------------------------------------------------------- +| +| The following setting contains a list of the supported/allowed formats. +| You may remove those formats that you don't want to use. +| If the default format $config['rest_default_format'] is missing within +| $config['rest_supported_formats'], it will be added silently during +| REST_Controller initialization. +| +*/ +$config['rest_supported_formats'] = [ + 'json', + 'array', + 'csv', + 'html', + 'jsonp', + 'php', + 'serialized', + 'xml', +]; + /* |-------------------------------------------------------------------------- | REST Status Field Name diff --git a/application/libraries/REST_Controller.php b/application/libraries/REST_Controller.php index 42e37a8c..c528d5e5 100644 --- a/application/libraries/REST_Controller.php +++ b/application/libraries/REST_Controller.php @@ -406,6 +406,30 @@ public function __construct($config = 'rest') // At present the library is bundled with REST_Controller 2.5+, but will eventually be part of CodeIgniter (no citation) $this->load->library('format'); + // Determine supported output formats from configiguration. + $supported_formats = $this->config->item('rest_supported_formats'); + + // Validate the configuration setting output formats + if (empty($supported_formats)) + { + $supported_formats = []; + } + + if (!is_array($supported_formats)) + { + $supported_formats = [$supported_formats]; + } + + // Add silently the default output format if it is missing. + $default_format = $this->_get_default_output_format(); + if (!in_array($default_format, $supported_formats)) + { + $supported_formats[] = $default_format; + } + + // Now update $this->_supported_formats + $this->_supported_formats = array_intersect_key($this->_supported_formats, array_flip($supported_formats)); + // Get the language $language = $this->config->item('rest_language'); if ($language === NULL) @@ -808,6 +832,20 @@ protected function _detect_input_format() return NULL; } + /** + * Gets the default format from the configuration. Fallbacks to 'json'. + * if the corresponding configuration option $config['rest_default_format'] + * is missing or is empty. + * + * @access protected + * @return string The default supported input format + */ + protected function _get_default_output_format() + { + $default_format = (string) $this->config->item('rest_default_format'); + return $default_format === '' ? 'json' : $default_format; + } + /** * Detect which format should be used to output the data * @@ -876,7 +914,7 @@ protected function _detect_output_format() } // Obtain the default format from the configuration - return $this->config->item('rest_default_format'); + return $this->_get_default_output_format(); } /** From 63de1c01459c555e5791fdf807b716d202ddc528 Mon Sep 17 00:00:00 2001 From: softwarespot Date: Thu, 29 Oct 2015 21:20:30 +0200 Subject: [PATCH 026/215] Refactored JavaScript code --- application/views/rest_server.php | 61 +++++++++++++++++++++---------- 1 file changed, 41 insertions(+), 20 deletions(-) diff --git a/application/views/rest_server.php b/application/views/rest_server.php index af4771e2..aab0b9d4 100644 --- a/application/views/rest_server.php +++ b/application/views/rest_server.php @@ -126,56 +126,77 @@ // Fields // Cache the jQuery selector - var $_ajax = null; + var _$ajax = null; // Methods (private) - // Called on Ajax done - function ajaxDone(data) { + /** + * Called on Ajax done + * + * @return {undefined} + */ + function _ajaxDone(data) { // The 'data' parameter is an array of objects that can be iterated over - window.alert(JSON.stringify(data, null, 2)); + window.alert(window.JSON.stringify(data, null, 2)); } - // Called on Ajax fail - function ajaxFail() { + /** + * Called on Ajax fail + * + * @return {undefined} + */ + function _ajaxFail() { window.alert('Oh no! A problem with the Ajax request!'); } - // On Ajax request - function ajaxEvent($this) { + /** + * On Ajax request + * + * @param {HTMLElement} $this Current element selected + * @return {undefined} + */ + function _ajaxEvent($this) { $.ajax({ // URL from the link that was 'clicked' on url: $this.attr('href') }) - .done(ajaxDone) - .fail(ajaxFail); + .done(_ajaxDone) + .fail(_ajaxFail); } - // Bind event(s) - function bind() { + /** + * Bind events + * + * @return {undefined} + */ + function _bindEvents() { // Namespace the 'click' event - $_ajax.on('click.app.rest.module', function (event) { + _$ajax.on('click.app.rest.module', function (event) { event.preventDefault(); // Pass this to the Ajax event function - ajaxEvent($(this)); + _ajaxEvent($(this)); }); } - // Cache the DOM node(s) - function cacheDom() { - $_ajax = $('#ajax'); + /** + * Cache the DOM node(s) + * + * @return {undefined} + */ + function _cacheDom() { + _$ajax = $('#ajax'); } // Public API return { init: function () { // Cache the DOM and bind event(s) - cacheDom(); - bind(); + _cacheDom(); + _bindEvents(); } }; - })(window, jQuery); + })(window, window.jQuery); // DOM ready event $(function () { From 722a221e638a43aba0f1a10a940ab5cbd8af0049 Mon Sep 17 00:00:00 2001 From: softwarespot Date: Thu, 29 Oct 2015 21:22:31 +0200 Subject: [PATCH 027/215] Fixed typo and styling --- application/libraries/REST_Controller.php | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/application/libraries/REST_Controller.php b/application/libraries/REST_Controller.php index c528d5e5..a487c1ae 100644 --- a/application/libraries/REST_Controller.php +++ b/application/libraries/REST_Controller.php @@ -322,7 +322,7 @@ abstract class REST_Controller extends CI_Controller { /** * Enable XSS flag * Determines whether the XSS filter is always active when - * GET, OPTIONS, HEAD, POST, PUT, DELETE and PATCH data is encountered. + * GET, OPTIONS, HEAD, POST, PUT, DELETE and PATCH data is encountered * Set automatically based on config setting * * @var bool @@ -406,7 +406,7 @@ public function __construct($config = 'rest') // At present the library is bundled with REST_Controller 2.5+, but will eventually be part of CodeIgniter (no citation) $this->load->library('format'); - // Determine supported output formats from configiguration. + // Determine supported output formats from configuration $supported_formats = $this->config->item('rest_supported_formats'); // Validate the configuration setting output formats @@ -420,7 +420,7 @@ public function __construct($config = 'rest') $supported_formats = [$supported_formats]; } - // Add silently the default output format if it is missing. + // Add silently the default output format if it is missing $default_format = $this->_get_default_output_format(); if (!in_array($default_format, $supported_formats)) { @@ -833,9 +833,9 @@ protected function _detect_input_format() } /** - * Gets the default format from the configuration. Fallbacks to 'json'. + * Gets the default format from the configuration. Fallbacks to 'json' * if the corresponding configuration option $config['rest_default_format'] - * is missing or is empty. + * is missing or is empty * * @access protected * @return string The default supported input format From 0ee30d89c082f0c6c2fb184491a4c2a1a1ee43d7 Mon Sep 17 00:00:00 2001 From: ecowed Date: Wed, 2 Dec 2015 16:02:14 +0000 Subject: [PATCH 028/215] Update rest.php Add the ability to use both authentication and API Keys --- application/config/rest.php | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/application/config/rest.php b/application/config/rest.php index 15af4ed7..f86544a0 100644 --- a/application/config/rest.php +++ b/application/config/rest.php @@ -128,6 +128,17 @@ */ $config['auth_source'] = 'ldap'; +/* +|-------------------------------------------------------------------------- +| Allow Authentication and API Keys +|-------------------------------------------------------------------------- +| +| Where you wish to have Basic, Digest or Session login, but also want to use API Keys (for limiting +| requests etc), set to TRUE; +| +*/ +$config['allow_auth_and_keys'] = TRUE; + /* |-------------------------------------------------------------------------- | REST Login Class and Function From bb3216c003650e1c435327dae69593817d1cfa4f Mon Sep 17 00:00:00 2001 From: ecowed Date: Wed, 2 Dec 2015 16:08:14 +0000 Subject: [PATCH 029/215] Update rest.php Add to if statement on line 543 to allow both authentication and API Keys using a config item --- application/libraries/REST_Controller.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/application/libraries/REST_Controller.php b/application/libraries/REST_Controller.php index c528d5e5..32c094eb 100644 --- a/application/libraries/REST_Controller.php +++ b/application/libraries/REST_Controller.php @@ -540,7 +540,7 @@ public function __construct($config = 'rest') } // When there is no specific override for the current class/method, use the default auth value set in the config - if ($this->auth_override === FALSE && !($this->config->item('rest_enable_keys') && $this->_allow === TRUE)) + if ($this->auth_override === FALSE && !($this->config->item('rest_enable_keys') && $this->_allow === TRUE) || ($this->config->item('allow_auth_and_keys') === TRUE && $this->_allow === TRUE)) { $rest_auth = strtolower($this->config->item('rest_auth')); switch ($rest_auth) From 1db7161d0202ec2165e209f250f67afbd91f71f1 Mon Sep 17 00:00:00 2001 From: Ivan Tcholakov Date: Fri, 11 Dec 2015 19:10:08 +0200 Subject: [PATCH 030/215] PHP7 compatibility: Make the extended signature of the _remap() method to match to that in the CodeIgniter's user guide. --- application/libraries/REST_Controller.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/application/libraries/REST_Controller.php b/application/libraries/REST_Controller.php index c528d5e5..4857c761 100644 --- a/application/libraries/REST_Controller.php +++ b/application/libraries/REST_Controller.php @@ -590,7 +590,7 @@ public function __destruct() * @param string $object_called * @param array $arguments The arguments passed to the controller method */ - public function _remap($object_called, $arguments) + public function _remap($object_called, $arguments = []) { // Should we answer if not over SSL? if ($this->config->item('force_https') && $this->request->ssl === FALSE) From afd41c3ad06b18ea390c740365eebbde4d37a94e Mon Sep 17 00:00:00 2001 From: amtesistemas777 Date: Wed, 16 Dec 2015 11:52:37 -0500 Subject: [PATCH 031/215] Create spanish Spanish messages --- application/language/spanish | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) create mode 100644 application/language/spanish diff --git a/application/language/spanish b/application/language/spanish new file mode 100644 index 00000000..962376c7 --- /dev/null +++ b/application/language/spanish @@ -0,0 +1,17 @@ + Date: Mon, 21 Dec 2015 15:42:10 -0700 Subject: [PATCH 032/215] Set the CORS configs in the rest.php config file --- application/config/rest.php | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) diff --git a/application/config/rest.php b/application/config/rest.php index 15af4ed7..ff5a62ec 100644 --- a/application/config/rest.php +++ b/application/config/rest.php @@ -510,3 +510,19 @@ | */ $config['rest_language'] = 'english'; + +/* +|-------------------------------------------------------------------------- +| CORS Check +|-------------------------------------------------------------------------- +| +| Set to true to enable Cross-Origin Resource Sharing (CORS). Useful if you +| are hosting your API on a different domain from the appolication that +| will access it through a browser. If true, set all the allowable domains +| within the array. +| +| e.g. $config['allowed_origins'] = ['www.example.com', 'mobile.example.com'] +| +*/ +$config['check_cors'] = false; +$config['allowed_origins'] = []; From e21dee0f61c9a97c30e707a27a68db8a09d2264c Mon Sep 17 00:00:00 2001 From: Craine Runton Date: Mon, 21 Dec 2015 15:43:14 -0700 Subject: [PATCH 033/215] Create the _check_cors function to send the appropriate CORS headers --- application/libraries/REST_Controller.php | 25 +++++++++++++++++++++++ 1 file changed, 25 insertions(+) diff --git a/application/libraries/REST_Controller.php b/application/libraries/REST_Controller.php index c528d5e5..d159f4d8 100644 --- a/application/libraries/REST_Controller.php +++ b/application/libraries/REST_Controller.php @@ -2148,4 +2148,29 @@ protected function _check_access() ->num_rows() > 0; } + /** + * Check to see if presented user_id and API key match + * + * @access protected + * @return void + */ + protected function _check_cors() + { + // Store the HTTP Origin header, + $origin = (isset($_SERVER['HTTP_ORIGIN']) ? $_SERVER['HTTP_ORIGIN'] : ''); + + // If the origin domain is in the allowed_origins list, then add the Access Control headers + if (in_array($origin, $this->config->item('allowed_origins'))) { + header('Access-Control-Allow-Origin: '.$origin); + header('Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, Access-Control-Request-Method'); + header('Access-Control-Allow-Methods: GET, POST, OPTIONS, PUT, PATCH, DELETE'); + } + + // If the request HTTP method is 'OPTIONS', kill the response and send it to the client + $method = $_SERVER['REQUEST_METHOD']; + if($method == "OPTIONS") { + die(); + } + } + } From 3bddbb5f2aa4d4fa8598a3cacba36e04962d186e Mon Sep 17 00:00:00 2001 From: Craine Runton Date: Mon, 21 Dec 2015 15:44:25 -0700 Subject: [PATCH 034/215] Call the _check_cors function during construction if the config is set to true --- application/libraries/REST_Controller.php | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/application/libraries/REST_Controller.php b/application/libraries/REST_Controller.php index d159f4d8..1a385780 100644 --- a/application/libraries/REST_Controller.php +++ b/application/libraries/REST_Controller.php @@ -319,6 +319,13 @@ abstract class REST_Controller extends CI_Controller { */ protected $_apiuser; + /** + * Whether or not to perform a CORS check and apply CORS headers to the request + * + * @var bool + */ + protected $check_cors = NULL; + /** * Enable XSS flag * Determines whether the XSS filter is always active when @@ -457,6 +464,12 @@ public function __construct($config = 'rest') // How is this request being made? GET, POST, PATCH, DELETE, INSERT, PUT, HEAD or OPTIONS $this->request->method = $this->_detect_method(); + // Check for CORS access request + $check_cors = $this->config->item('check_cors'); + if ($check_cors === true) { + $this->_check_cors(); + } + // Create an argument container if it doesn't exist e.g. _get_args if (isset($this->{'_' . $this->request->method . '_args'}) === FALSE) { From e7cfb45cddfd1da0485ea257d68af860bd7fbf37 Mon Sep 17 00:00:00 2001 From: Craine Runton Date: Mon, 21 Dec 2015 15:56:05 -0700 Subject: [PATCH 035/215] Change config item name to make its purpose clearer --- application/config/rest.php | 2 +- application/libraries/REST_Controller.php | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/application/config/rest.php b/application/config/rest.php index ff5a62ec..ab808b63 100644 --- a/application/config/rest.php +++ b/application/config/rest.php @@ -525,4 +525,4 @@ | */ $config['check_cors'] = false; -$config['allowed_origins'] = []; +$config['allowed_cors_origins'] = []; diff --git a/application/libraries/REST_Controller.php b/application/libraries/REST_Controller.php index 1a385780..2cfefaa8 100644 --- a/application/libraries/REST_Controller.php +++ b/application/libraries/REST_Controller.php @@ -2172,8 +2172,8 @@ protected function _check_cors() // Store the HTTP Origin header, $origin = (isset($_SERVER['HTTP_ORIGIN']) ? $_SERVER['HTTP_ORIGIN'] : ''); - // If the origin domain is in the allowed_origins list, then add the Access Control headers - if (in_array($origin, $this->config->item('allowed_origins'))) { + // If the origin domain is in the allowed_cors_origins list, then add the Access Control headers + if (in_array($origin, $this->config->item('allowed_cors_origins'))) { header('Access-Control-Allow-Origin: '.$origin); header('Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, Access-Control-Request-Method'); header('Access-Control-Allow-Methods: GET, POST, OPTIONS, PUT, PATCH, DELETE'); From 07cd8f9fe5de5d99fb0079c93130f31f9a9fcaa5 Mon Sep 17 00:00:00 2001 From: Craine Runton Date: Mon, 21 Dec 2015 16:14:04 -0700 Subject: [PATCH 036/215] Separate the CORS config settings into their own blocks --- application/config/rest.php | 17 ++++++++++++++--- 1 file changed, 14 insertions(+), 3 deletions(-) diff --git a/application/config/rest.php b/application/config/rest.php index ab808b63..e321d429 100644 --- a/application/config/rest.php +++ b/application/config/rest.php @@ -518,11 +518,22 @@ | | Set to true to enable Cross-Origin Resource Sharing (CORS). Useful if you | are hosting your API on a different domain from the appolication that -| will access it through a browser. If true, set all the allowable domains -| within the array. +| will access it through a browser. +| +*/ +$config['check_cors'] = false; + + +/* +|-------------------------------------------------------------------------- +| CORS Allowable Domains +|-------------------------------------------------------------------------- +| +| Used if $config['check_cors'] is set to true and +| $config['allow_any_cors_domain'] is set to false. Set all the allowable +| domains within the array. | | e.g. $config['allowed_origins'] = ['www.example.com', 'mobile.example.com'] | */ -$config['check_cors'] = false; $config['allowed_cors_origins'] = []; From 66d50d03c7b25f96743cd7c29e21e7b8c6efb9da Mon Sep 17 00:00:00 2001 From: Craine Runton Date: Mon, 21 Dec 2015 16:14:32 -0700 Subject: [PATCH 037/215] Add a config to allow CORS from any source domain --- application/config/rest.php | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/application/config/rest.php b/application/config/rest.php index e321d429..ff239f0f 100644 --- a/application/config/rest.php +++ b/application/config/rest.php @@ -523,6 +523,16 @@ */ $config['check_cors'] = false; +/* +|-------------------------------------------------------------------------- +| CORS Allow Any Domain +|-------------------------------------------------------------------------- +| +| Set to true to enable Cross-Origin Resource Sharing (CORS) from any +| source domain +| +*/ +$config['allow_any_cors_domain'] = false; /* |-------------------------------------------------------------------------- From 5eb88d9a2167ad5b80f55dd6c3d080aba40ba8b0 Mon Sep 17 00:00:00 2001 From: Craine Runton Date: Mon, 21 Dec 2015 16:15:30 -0700 Subject: [PATCH 038/215] Add a function to let the server use a wildcard in the Access-Control-Allow-Origin if the config item 'allow_any_cors_domain is set to true --- application/libraries/REST_Controller.php | 28 +++++++++++++++++------ 1 file changed, 21 insertions(+), 7 deletions(-) diff --git a/application/libraries/REST_Controller.php b/application/libraries/REST_Controller.php index 2cfefaa8..3ce058b9 100644 --- a/application/libraries/REST_Controller.php +++ b/application/libraries/REST_Controller.php @@ -2169,19 +2169,33 @@ protected function _check_access() */ protected function _check_cors() { - // Store the HTTP Origin header, - $origin = (isset($_SERVER['HTTP_ORIGIN']) ? $_SERVER['HTTP_ORIGIN'] : ''); - - // If the origin domain is in the allowed_cors_origins list, then add the Access Control headers - if (in_array($origin, $this->config->item('allowed_cors_origins'))) { - header('Access-Control-Allow-Origin: '.$origin); + // If we want to allow any domain to access the API + if ($this->config->item('allow_any_cors_domain') === true) + { + header('Access-Control-Allow-Origin: *'); header('Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, Access-Control-Request-Method'); header('Access-Control-Allow-Methods: GET, POST, OPTIONS, PUT, PATCH, DELETE'); + } + // We're going to allow only certain domains access + else + { + // Store the HTTP Origin header + $origin = (isset($_SERVER['HTTP_ORIGIN']) ? $_SERVER['HTTP_ORIGIN'] : ''); + + // If the origin domain is in the allowed_cors_origins list, then add the Access Control headers + if (in_array($origin, $this->config->item('allowed_cors_origins'))) + { + header('Access-Control-Allow-Origin: '.$origin); + header('Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, Access-Control-Request-Method'); + header('Access-Control-Allow-Methods: GET, POST, OPTIONS, PUT, PATCH, DELETE'); + } } // If the request HTTP method is 'OPTIONS', kill the response and send it to the client $method = $_SERVER['REQUEST_METHOD']; - if($method == "OPTIONS") { + + if ($method === 'OPTIONS') + { die(); } } From 595dffa5e2fdae3daf8e15b327f0bc6c40bca599 Mon Sep 17 00:00:00 2001 From: Craine Runton Date: Mon, 21 Dec 2015 21:00:16 -0700 Subject: [PATCH 039/215] Fix description and whitespace cleanup --- application/libraries/REST_Controller.php | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/application/libraries/REST_Controller.php b/application/libraries/REST_Controller.php index 3ce058b9..332eb593 100644 --- a/application/libraries/REST_Controller.php +++ b/application/libraries/REST_Controller.php @@ -2162,23 +2162,23 @@ protected function _check_access() } /** - * Check to see if presented user_id and API key match + * Checks allowed domains, and adds appropriate headers for HTTP access control (CORS) * * @access protected * @return void */ - protected function _check_cors() + protected function _check_cors() { // If we want to allow any domain to access the API if ($this->config->item('allow_any_cors_domain') === true) - { + { header('Access-Control-Allow-Origin: *'); header('Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, Access-Control-Request-Method'); header('Access-Control-Allow-Methods: GET, POST, OPTIONS, PUT, PATCH, DELETE'); - } + } // We're going to allow only certain domains access - else - { + else + { // Store the HTTP Origin header $origin = (isset($_SERVER['HTTP_ORIGIN']) ? $_SERVER['HTTP_ORIGIN'] : ''); From db979b16e3edf8aa5adbb48e569e80439f143e3b Mon Sep 17 00:00:00 2001 From: Craine Runton Date: Mon, 21 Dec 2015 21:02:02 -0700 Subject: [PATCH 040/215] Fix descriptions and whitespace cleanup --- application/config/rest.php | 13 ++++++------- 1 file changed, 6 insertions(+), 7 deletions(-) diff --git a/application/config/rest.php b/application/config/rest.php index ff239f0f..626df5b8 100644 --- a/application/config/rest.php +++ b/application/config/rest.php @@ -517,8 +517,8 @@ |-------------------------------------------------------------------------- | | Set to true to enable Cross-Origin Resource Sharing (CORS). Useful if you -| are hosting your API on a different domain from the appolication that -| will access it through a browser. +| are hosting your API on a different domain from the appolication that +| will access it through a browser. | */ $config['check_cors'] = false; @@ -529,7 +529,7 @@ |-------------------------------------------------------------------------- | | Set to true to enable Cross-Origin Resource Sharing (CORS) from any -| source domain +| source domain | */ $config['allow_any_cors_domain'] = false; @@ -539,11 +539,10 @@ | CORS Allowable Domains |-------------------------------------------------------------------------- | -| Used if $config['check_cors'] is set to true and -| $config['allow_any_cors_domain'] is set to false. Set all the allowable -| domains within the array. +| Used if $config['check_cors'] is set to true and $config['allow_any_cors_domain'] +| is set to false. Set all the allowable domains within the array. | -| e.g. $config['allowed_origins'] = ['www.example.com', 'mobile.example.com'] +| e.g. $config['allowed_origins'] = ['www.example.com', 'spa.example.com'] | */ $config['allowed_cors_origins'] = []; From a6b1f92f9cde8c323cb8425b465e634bf1412dd4 Mon Sep 17 00:00:00 2001 From: Craine Runton Date: Mon, 21 Dec 2015 22:04:02 -0700 Subject: [PATCH 041/215] Add allowable headers and methods config items, then call them to build the correct headers --- application/config/rest.php | 35 +++++++++++++++++++++++ application/libraries/REST_Controller.php | 14 +++++---- 2 files changed, 44 insertions(+), 5 deletions(-) diff --git a/application/config/rest.php b/application/config/rest.php index 626df5b8..0c2267a7 100644 --- a/application/config/rest.php +++ b/application/config/rest.php @@ -523,6 +523,40 @@ */ $config['check_cors'] = false; +/* +|-------------------------------------------------------------------------- +| CORS Allowable Headers +|-------------------------------------------------------------------------- +| +| If using CORS checks, set the allowable headers here. Add any custom headers you may +| be using in tyou application to the array +| +*/ +$config['allowed_cors_headers'] = [ + 'Origin', + 'X-Requested-With', + 'Content-Type', + 'Accept', + 'Access-Control-Request-Method' +]; + +/* +|-------------------------------------------------------------------------- +| CORS Allowable Methods +|-------------------------------------------------------------------------- +| +| If using CORS checks, you can set the methods you want to be allowed here. +| +*/ +$config['allowed_cors_methods'] = [ + 'GET', + 'POST', + 'OPTIONS', + 'PUT', + 'PATCH', + 'DELETE' +]; + /* |-------------------------------------------------------------------------- | CORS Allow Any Domain @@ -546,3 +580,4 @@ | */ $config['allowed_cors_origins'] = []; + diff --git a/application/libraries/REST_Controller.php b/application/libraries/REST_Controller.php index 332eb593..e3983d40 100644 --- a/application/libraries/REST_Controller.php +++ b/application/libraries/REST_Controller.php @@ -2169,12 +2169,16 @@ protected function _check_access() */ protected function _check_cors() { + // Convert the config items into strings + $allowed_headers = implode(' ,', $this->config->item('allowed_cors_headers')); + $allowed_methods = implode(' ,', $this->config->item('allowed_cors_methods')); + // If we want to allow any domain to access the API if ($this->config->item('allow_any_cors_domain') === true) { header('Access-Control-Allow-Origin: *'); - header('Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, Access-Control-Request-Method'); - header('Access-Control-Allow-Methods: GET, POST, OPTIONS, PUT, PATCH, DELETE'); + header('Access-Control-Allow-Headers: ' . $allowed_headers); + header('Access-Control-Allow-Methods: ' . $allowed_methods); } // We're going to allow only certain domains access else @@ -2185,9 +2189,9 @@ protected function _check_cors() // If the origin domain is in the allowed_cors_origins list, then add the Access Control headers if (in_array($origin, $this->config->item('allowed_cors_origins'))) { - header('Access-Control-Allow-Origin: '.$origin); - header('Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, Access-Control-Request-Method'); - header('Access-Control-Allow-Methods: GET, POST, OPTIONS, PUT, PATCH, DELETE'); + header('Access-Control-Allow-Origin: ' . $origin); + header('Access-Control-Allow-Headers: ' . $allowed_headers); + header('Access-Control-Allow-Methods: ' . $allowed_methods); } } From b70db372d5957d6af7cf5336c31a6aa97e9ffbca Mon Sep 17 00:00:00 2001 From: Craine Runton Date: Mon, 21 Dec 2015 22:09:12 -0700 Subject: [PATCH 042/215] Update config allowed_origins docblock to include protocol in example --- application/config/rest.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/application/config/rest.php b/application/config/rest.php index 0c2267a7..a16efde2 100644 --- a/application/config/rest.php +++ b/application/config/rest.php @@ -576,7 +576,7 @@ | Used if $config['check_cors'] is set to true and $config['allow_any_cors_domain'] | is set to false. Set all the allowable domains within the array. | -| e.g. $config['allowed_origins'] = ['www.example.com', 'spa.example.com'] +| e.g. $config['allowed_origins'] = ['http://www.example.com/', 'https://spa.example.com/'] | */ $config['allowed_cors_origins'] = []; From 2e8217998b780563521611a2c933b48faa8904dc Mon Sep 17 00:00:00 2001 From: Mathieu Nayrolles Date: Fri, 8 Jan 2016 17:12:01 -0500 Subject: [PATCH 043/215] Add french language support I added support for the french language for codeigniter-restserver. The french version is a translation of the english one. --- application/language/french/index.html | 11 +++++++++++ .../language/french/rest_controller_lang.php | 17 +++++++++++++++++ 2 files changed, 28 insertions(+) create mode 100644 application/language/french/index.html create mode 100644 application/language/french/rest_controller_lang.php diff --git a/application/language/french/index.html b/application/language/french/index.html new file mode 100644 index 00000000..b702fbc3 --- /dev/null +++ b/application/language/french/index.html @@ -0,0 +1,11 @@ + + + + 403 Forbidden + + + +

Directory access is forbidden.

+ + + diff --git a/application/language/french/rest_controller_lang.php b/application/language/french/rest_controller_lang.php new file mode 100644 index 00000000..fb5727f5 --- /dev/null +++ b/application/language/french/rest_controller_lang.php @@ -0,0 +1,17 @@ + Date: Sun, 24 Jan 2016 15:13:34 +0200 Subject: [PATCH 044/215] Config file database structure missing field. Added missing `user_id` field for `keys` database structure in rest config file. --- application/config/rest.php | 1 + 1 file changed, 1 insertion(+) diff --git a/application/config/rest.php b/application/config/rest.php index 15af4ed7..2e644c9f 100644 --- a/application/config/rest.php +++ b/application/config/rest.php @@ -291,6 +291,7 @@ | Default table schema: | CREATE TABLE `keys` ( | `id` INT(11) NOT NULL AUTO_INCREMENT, +| `user_id` INT(11) NOT NULL, | `key` VARCHAR(40) NOT NULL, | `level` INT(2) NOT NULL, | `ignore_limits` TINYINT(1) NOT NULL DEFAULT '0', From 7ef3d345fa1a25790bb908c227f5cc2a1533e087 Mon Sep 17 00:00:00 2001 From: softwarespot Date: Sun, 31 Jan 2016 00:01:29 +0200 Subject: [PATCH 045/215] Cached global functions --- application/views/rest_server.php | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/application/views/rest_server.php b/application/views/rest_server.php index aab0b9d4..a6c3ce3f 100644 --- a/application/views/rest_server.php +++ b/application/views/rest_server.php @@ -124,6 +124,8 @@ // Basic rest module using an IIFE as a way of enclosing private variables App.rest = (function (window, $) { // Fields + var _alert = window.alert; + var _JSON = window.JSON; // Cache the jQuery selector var _$ajax = null; @@ -137,7 +139,7 @@ */ function _ajaxDone(data) { // The 'data' parameter is an array of objects that can be iterated over - window.alert(window.JSON.stringify(data, null, 2)); + _alert(_JSON.stringify(data, null, 2)); } /** @@ -146,7 +148,7 @@ function _ajaxDone(data) { * @return {undefined} */ function _ajaxFail() { - window.alert('Oh no! A problem with the Ajax request!'); + _alert('Oh no! A problem with the Ajax request!'); } /** @@ -196,7 +198,7 @@ function _cacheDom() { _bindEvents(); } }; - })(window, window.jQuery); + }(window, window.jQuery)); // DOM ready event $(function () { From 1afc0ce5d0c20205a0a33c0d0165a7952b5e6b38 Mon Sep 17 00:00:00 2001 From: Chris Kacerguis Date: Sat, 30 Jan 2016 16:45:04 -0600 Subject: [PATCH 046/215] fixed bad pr with the spanish langauge setup --- application/language/spanish/index.html | 11 +++++++++++ .../{spanish => spanish/rest_controller_lang.php} | 0 2 files changed, 11 insertions(+) create mode 100644 application/language/spanish/index.html rename application/language/{spanish => spanish/rest_controller_lang.php} (100%) diff --git a/application/language/spanish/index.html b/application/language/spanish/index.html new file mode 100644 index 00000000..b702fbc3 --- /dev/null +++ b/application/language/spanish/index.html @@ -0,0 +1,11 @@ + + + + 403 Forbidden + + + +

Directory access is forbidden.

+ + + diff --git a/application/language/spanish b/application/language/spanish/rest_controller_lang.php similarity index 100% rename from application/language/spanish rename to application/language/spanish/rest_controller_lang.php From 3dc075bfee26d6a0855cf5e5472ecef22c164115 Mon Sep 17 00:00:00 2001 From: softwarespot Date: Sat, 6 Feb 2016 10:52:48 +0200 Subject: [PATCH 047/215] Updated API before possible release Related #609 --- application/config/routes.php | 2 +- application/controllers/Welcome.php | 2 +- application/libraries/Format.php | 10 +- application/libraries/REST_Controller.php | 44 +- application/views/rest_server.php | 32 +- application/views/welcome_message.php | 2 +- documentation/class-Example.html | 1 + documentation/class-Key.html | 1 + documentation/class-REST_Controller.html | 224 +- documentation/class-Welcome.html | 8 +- documentation/source-class-Format.html | 32 +- documentation/source-class-Key.html | 2 +- .../source-class-REST_Controller.html | 3383 +++++++++-------- documentation/source-class-Welcome.html | 4 +- 14 files changed, 1919 insertions(+), 1828 deletions(-) diff --git a/application/config/routes.php b/application/config/routes.php index 5cbeb064..f2d051f7 100644 --- a/application/config/routes.php +++ b/application/config/routes.php @@ -19,7 +19,7 @@ | | Please see the user guide for complete details: | -| http://codeigniter.com/user_guide/general/routing.html +| https://codeigniter.com/user_guide/general/routing.html | | ------------------------------------------------------------------------- | RESERVED ROUTES diff --git a/application/controllers/Welcome.php b/application/controllers/Welcome.php index d16a4dee..59818c7f 100644 --- a/application/controllers/Welcome.php +++ b/application/controllers/Welcome.php @@ -16,7 +16,7 @@ class Welcome extends CI_Controller { * * So any other public methods not prefixed with an underscore will * map to /index.php/welcome/ - * @see http://codeigniter.com/user_guide/general/urls.html + * @see https://codeigniter.com/user_guide/general/urls.html */ public function index() { diff --git a/application/libraries/Format.php b/application/libraries/Format.php index 0d3bf773..4f058e25 100644 --- a/application/libraries/Format.php +++ b/application/libraries/Format.php @@ -91,13 +91,13 @@ public function __construct($data = NULL, $from_type = NULL) // If the provided data is already formatted we should probably convert it to an array if ($from_type !== NULL) { - if (method_exists($this, '_from_' . $from_type)) + if (method_exists($this, '_from_'.$from_type)) { - $data = call_user_func([$this, '_from_' . $from_type], $data); + $data = call_user_func([$this, '_from_'.$from_type], $data); } else { - throw new Exception('Format class does not support conversion from "' . $from_type . '".'); + throw new Exception('Format class does not support conversion from "'.$from_type.'".'); } } @@ -416,12 +416,12 @@ public function to_json($data = NULL) elseif (preg_match('/^[a-z_\$][a-z0-9\$_]*(\.[a-z_\$][a-z0-9\$_]*)*$/i', $callback)) { // Return the data as encoded json with a callback - return $callback . '(' . json_encode($data) . ');'; + return $callback.'('.json_encode($data).');'; } // An invalid jsonp callback function provided. // Though I don't believe this should be hardcoded here - $data['warning'] = 'INVALID JSONP CALLBACK: ' . $callback; + $data['warning'] = 'INVALID JSONP CALLBACK: '.$callback; return json_encode($data); } diff --git a/application/libraries/REST_Controller.php b/application/libraries/REST_Controller.php index ea4bbcce..be69f2d5 100644 --- a/application/libraries/REST_Controller.php +++ b/application/libraries/REST_Controller.php @@ -381,7 +381,7 @@ public function __construct($config = 'rest') if (is_php('5.4') === FALSE) { // CodeIgniter 3 is recommended for v5.4 or above - throw new Exception('Using PHP v' . PHP_VERSION . ', though PHP v5.4 or greater is required'); + throw new Exception('Using PHP v'.PHP_VERSION.', though PHP v5.4 or greater is required'); } // Check to see if this is CI 3.x @@ -458,9 +458,9 @@ public function __construct($config = 'rest') $this->request->method = $this->_detect_method(); // Create an argument container if it doesn't exist e.g. _get_args - if (isset($this->{'_' . $this->request->method . '_args'}) === FALSE) + if (isset($this->{'_'.$this->request->method.'_args'}) === FALSE) { - $this->{'_' . $this->request->method . '_args'} = []; + $this->{'_'.$this->request->method.'_args'} = []; } // Set up the query parameters @@ -482,7 +482,7 @@ public function __construct($config = 'rest') { $this->request->body = $this->format->factory($this->request->body, $this->request->format)->to_array(); // Assign payload arguments to proper method container - $this->{'_' . $this->request->method . '_args'} = $this->request->body; + $this->{'_'.$this->request->method.'_args'} = $this->request->body; } // Merge both for one mega-args variable @@ -494,7 +494,7 @@ public function __construct($config = 'rest') $this->_put_args, $this->_post_args, $this->_delete_args, - $this->{'_' . $this->request->method . '_args'} + $this->{'_'.$this->request->method.'_args'} ); // Which format should the data be returned in? @@ -602,9 +602,9 @@ public function _remap($object_called, $arguments = []) } // Remove the supported format from the function name e.g. index.json => index - $object_called = preg_replace('/^(.*)\.(?:' . implode('|', array_keys($this->_supported_formats)) . ')$/', '$1', $object_called); + $object_called = preg_replace('/^(.*)\.(?:'.implode('|', array_keys($this->_supported_formats)).')$/', '$1', $object_called); - $controller_method = $object_called . '_' . $this->request->method; + $controller_method = $object_called.'_'.$this->request->method; // Do we want to log this method (if allowed by config)? $log_method = !(isset($this->methods[$controller_method]['log']) && $this->methods[$controller_method]['log'] === FALSE); @@ -855,7 +855,7 @@ protected function _get_default_output_format() protected function _detect_output_format() { // Concatenate formats to a regex pattern e.g. \.(csv|json|xml) - $pattern = '/\.(' . implode('|', array_keys($this->_supported_formats)) . ')($|\/)/'; + $pattern = '/\.('.implode('|', array_keys($this->_supported_formats)).')($|\/)/'; $matches = []; // Check if a file extension is used e.g. http://example.com/api/index.json?param1=param2 @@ -1120,7 +1120,7 @@ protected function _check_limit($controller_method) { $limited_uri = substr($limited_uri,0, -strlen($this->response->format) - 1); } - $limited_uri = 'uri:' . $limited_uri . ':' . $this->request->method; // It's good to differentiate GET from PUT + $limited_uri = 'uri:'.$limited_uri.':'.$this->request->method; // It's good to differentiate GET from PUT $limited_method_name = $controller_method; break; } @@ -1722,11 +1722,11 @@ protected function _perform_ldap_auth($username = '', $password = NULL) $ldapconn = ldap_connect($ldap['host'], $ldap['port']); if ($ldapconn) { - log_message('debug', 'Setting timeout to ' . $ldap['timeout'] . ' seconds'); + log_message('debug', 'Setting timeout to '.$ldap['timeout'].' seconds'); ldap_set_option($ldapconn, LDAP_OPT_NETWORK_TIMEOUT, $ldap['timeout']); - log_message('debug', 'LDAP Auth: Binding to ' . $ldap['host'] . ' with dn ' . $ldap['rdn']); + log_message('debug', 'LDAP Auth: Binding to '.$ldap['host'].' with dn '.$ldap['rdn']); // Binding to the ldap server $ldapbind = ldap_bind($ldapconn, $ldap['rdn'], $ldap['pass']); @@ -1744,13 +1744,13 @@ protected function _perform_ldap_auth($username = '', $password = NULL) // Search for user if (($res_id = ldap_search($ldapconn, $ldap['basedn'], "uid=$username")) === FALSE) { - log_message('error', 'LDAP Auth: User ' . $username . ' not found in search'); + log_message('error', 'LDAP Auth: User '.$username.' not found in search'); return FALSE; } if (ldap_count_entries($ldapconn, $res_id) !== 1) { - log_message('error', 'LDAP Auth: Failure, username ' . $username . 'found more than once'); + log_message('error', 'LDAP Auth: Failure, username '.$username.'found more than once'); return FALSE; } @@ -1773,7 +1773,7 @@ protected function _perform_ldap_auth($username = '', $password = NULL) return FALSE; } - log_message('debug', 'LDAP Auth: Success ' . $user_dn . ' authenticated successfully'); + log_message('debug', 'LDAP Auth: Success '.$user_dn.' authenticated successfully'); $this->_user_ldap_dn = $user_dn; @@ -1843,7 +1843,7 @@ protected function _check_login($username = NULL, $password = FALSE) if (!$this->config->item('auth_source') && $rest_auth === 'digest') { // For digest we do not have a password passed as argument - return md5($username . ':' . $this->config->item('rest_realm') . ':' . (isset($valid_logins[$username]) ? $valid_logins[$username] : '')); + return md5($username.':'.$this->config->item('rest_realm').':'.(isset($valid_logins[$username]) ? $valid_logins[$username] : '')); } if ($password === FALSE) @@ -1977,15 +1977,15 @@ protected function _prepare_digest_auth() preg_match_all('@(username|nonce|uri|nc|cnonce|qop|response)=[\'"]?([^\'",]+)@', $digest_string, $matches); $digest = (empty($matches[1]) || empty($matches[2])) ? [] : array_combine($matches[1], $matches[2]); - // For digest authentication the library function should return already stored md5(username:restrealm:password) for that username @see rest.php::auth_library_function config + // For digest authentication the library function should return already stored md5(username:restrealm:password) for that username see rest.php::auth_library_function config $username = $this->_check_login($digest['username'], TRUE); if (array_key_exists('username', $digest) === FALSE || $username === FALSE) { $this->_force_login($unique_id); } - $md5 = md5(strtoupper($this->request->method) . ':' . $digest['uri']); - $valid_response = md5($username . ':' . $digest['nonce'] . ':' . $digest['nc'] . ':' . $digest['cnonce'] . ':' . $digest['qop'] . ':' . $md5); + $md5 = md5(strtoupper($this->request->method).':'.$digest['uri']); + $valid_response = md5($username.':'.$digest['nonce'].':'.$digest['nc'].':'.$digest['cnonce'].':'.$digest['qop'].':'.$md5); // Check if the string don't compare (case-insensitive) if (strcasecmp($digest['response'], $valid_response) !== 0) @@ -2063,15 +2063,15 @@ protected function _force_login($nonce = '') if (strtolower($rest_auth) === 'basic') { // See http://tools.ietf.org/html/rfc2617#page-5 - header('WWW-Authenticate: Basic realm="' . $rest_realm . '"'); + header('WWW-Authenticate: Basic realm="'.$rest_realm.'"'); } elseif (strtolower($rest_auth) === 'digest') { // See http://tools.ietf.org/html/rfc2617#page-18 header( - 'WWW-Authenticate: Digest realm="' . $rest_realm - . '", qop="auth", nonce="' . $nonce - . '", opaque="' . md5($rest_realm) . '"'); + 'WWW-Authenticate: Digest realm="'.$rest_realm + .'", qop="auth", nonce="'.$nonce + .'", opaque="' . md5($rest_realm).'"'); } // Display an error response diff --git a/application/views/rest_server.php b/application/views/rest_server.php index a6c3ce3f..5212e6da 100644 --- a/application/views/rest_server.php +++ b/application/views/rest_server.php @@ -112,17 +112,17 @@ -

Page rendered in {elapsed_time} seconds. ' . CI_VERSION . '' : '' ?>

+

Page rendered in {elapsed_time} seconds. '.CI_VERSION.'' : '' ?>

- + diff --git a/application/views/welcome_message.php b/application/views/welcome_message.php index 69acde90..7a407656 100644 --- a/application/views/welcome_message.php +++ b/application/views/welcome_message.php @@ -92,7 +92,7 @@ -

Page rendered in {elapsed_time} seconds. ' . CI_VERSION . '' : '' ?>

+

Page rendered in {elapsed_time} seconds. '.CI_VERSION.'' : '' ?>

diff --git a/documentation/class-Example.html b/documentation/class-Example.html index e8af6477..18482b73 100644 --- a/documentation/class-Example.html +++ b/documentation/class-Example.html @@ -294,6 +294,7 @@

Overrides

_detect_method(), _detect_output_format(), _force_login(), + _get_default_output_format(), _log_access_time(), _log_request(), _log_response_code(), diff --git a/documentation/class-Key.html b/documentation/class-Key.html index 540d7d3e..957df227 100644 --- a/documentation/class-Key.html +++ b/documentation/class-Key.html @@ -317,6 +317,7 @@

Class Key

_detect_method(), _detect_output_format(), _force_login(), + _get_default_output_format(), _log_access_time(), _log_request(), _log_response_code(), diff --git a/documentation/class-REST_Controller.html b/documentation/class-REST_Controller.html index fc94cfdb..34c4d2aa 100644 --- a/documentation/class-REST_Controller.html +++ b/documentation/class-REST_Controller.html @@ -137,7 +137,7 @@

Direct known subclasses

3.0.0
Link: https://github.com/chriskacerguis/codeigniter-restserver
- Located at libraries/REST_Controller.php + Located at libraries/REST_Controller.php
@@ -187,7 +187,7 @@

Direct known subclasses

# - __construct( string $config = 'rest' ) + __construct( string $config = 'rest' )

Constructor for the REST API

@@ -223,7 +223,7 @@

Parameters

# - __destruct( ) + __destruct( )

Deconstructor

@@ -257,18 +257,18 @@

Author

# - _remap( string $object_called, array $arguments ) + _remap( string $object_called, array $arguments = [] )

Requests are not made to methods directly, the request will be for an "object". This simply maps the object and method to the correct -Controller method.

+Controller method

@@ -298,7 +298,7 @@

Parameters

# - response( array|null $data = NULL, integer|null $http_code = NULL, boolean $continue = FALSE ) + response( array|null $data = NULL, integer|null $http_code = NULL, boolean $continue = FALSE )

Takes mixed data and optionally a status code, then creates the response

@@ -338,20 +338,20 @@

Parameters

# - set_response( array|null $data = NULL, integer|null $http_code = NULL ) + set_response( array|null $data = NULL, integer|null $http_code = NULL )

Takes mixed data and optionally a status code, then creates the response within the buffers of the Output class. The response is sent to the client lately by the framework, after the current controller's method termination. -All the hooks after the controller's method termination are executable.

+All the hooks after the controller's method termination are executable