api.php /apis/

<?php

/* Require SSL */
if (empty($_SERVER['HTTPS']) || $_SERVER['HTTPS'] == 'off')
{
  header('HTTP/1.1 403 Forbidden', true, 403);
  print 'SSL is required to use this API';
  exit();
}

/* Read the type of request */
$apiName = (isset($_GET['apiName'])) ? $_GET['apiName'] : NULL;
$apiVersion = (isset($_GET['apiVersion'])) ? $_GET['apiVersion'] : NULL;
$requestType = (isset($_GET['requestType'])) ? $_GET['requestType'] : NULL;
if ( !isset($apiName) || !preg_match('/^[a-zA-Z0-9-]+$/', $apiName)
  || !isset($apiVersion) || !preg_match('/^\d+$/', $apiVersion)
  || !isset($requestType) || !preg_match('/^[a-zA-Z0-9-]+$/', $requestType) )
{
  header('HTTP/1.1 400 Bad Request', true, 400);
  print 'All requests must include the apiVersion and a requestType value in the GET parameters';
  exit();
}

/* Find the script file for the request type */
$requestScript = $apiName.'api_v'.$apiVersion.'/'.$requestType.'.php';
if ( !file_exists($requestScript) )
{
  header('HTTP/1.1 404 Not Found', true, 404);
  print 'The specified API request type "'.$requestType.'" does not exist';
  exit();
}

/*! Setup API directories */
define('COMMON_DIR', realpath('./common').'/');
define('CACHE_DIR', realpath('../cache').'/');
define('CONFIG_DIR', realpath('../config').'/');
define('PACKAGES_DIR', realpath('../packages').'/');

if ( COMMON_DIR == '/' || CACHE_DIR == '/' || CONFIG_DIR == '/' || PACKAGES_DIR == '/' )
{
  header('HTTP/1.1 500 Internal Server Error', true, 500);
  print 'Directories are not correctly configured';
  exit();
}

/* Include common script files */
define('API_INITIALISED', 1);
require_once ( COMMON_DIR.'functions.php' );

/* Read any request data and execute the request */
$requestData = @json_decode((isset($_POST['data']) ? $_POST['data'] : '{}'), true);
require $requestScript;

?>