This script is the one that interactuates with the application HP WallArt sending and receiving data in a constant communication, every time we change something in designer.
Requests can be done with the three standard call methods: GET | POST | PUT.
We will use mysql.class.php to communicate in a reliable manner with our mysql database.
//must load the file init.php class bbdd MySql connection require_once '../core/init.php'; require_once '../core/mysql.class.php'; //define an array of states in which a project can be: $ESTADOS = array(1 => 'EDITING', 2 => 'IN_CART', 3 => 'PURCHASED', 4 => 'DELETED'); //captured in a variable the path required $request_path = $_SERVER['PATH_INFO']; //we authorize: $authorized = false; $server = new OAuthServer(); try { if ($server->verifyIfSigned()) { $authorized = true; } else { echo 'no está verificado'; } } catch (OAuthException2 $e) { } //if he is not authorized, the error if (!$authorized) { if (preg_match('/\/projects\/(\d+)\/add_to_cart/', $request_path, $matches)){ //Skip oAuth verification for add_to_cart }else{ header('HTTP/1.1 401 Unauthorized'); header('Content-Type: text/plain'); echo "OAuth Verification from Services.php Failed: " . $e->getMessage(); die; } } //create a function to capture the headers, because not all facilities have implemented the php function getallheaders if (!function_exists("getallheaders")) { function getallheaders_manual() { $result = array(); foreach($_SERVER as $key => $value) { if (substr($key, 0, 5) == "HTTP_") { $key = str_replace(" ", "-", ucwords(strtolower(str_replace("_", " ", substr($key, 5))))); $result[$key] = $value; } else { $result[$key] = $value; } } return $result; } } // From here on we are authenticated with OAuth. //case 1: user_info if ($request_path == "/user_info") { //capture the headers received $headers = getallheaders_manual(); //seek the oauth_token received by header $data = explode(':', $headers['Authorization']); $data2 = explode(',', $data[0]); foreach ($data2 as $val) { $valor = explode('=', $val); $header2[trim($valor[0])] = str_replace('"', '', trim($valor[1])); } //we recover the value of oauth_token oauth_server_token table. MySQL.class.php use the library makes requests to the database. $db = new db; $q = " SELECT * FROM oauth_server_token WHERE ost_token = '".$header2['oauth_token']."' "; $db->query($q); $db->next_record(); //we search our database or session variables in the name of the person logged-in $db2 = new db; $q2 = " SELECT * FROM usuarios WHERE id = '".$db->f('ost_usa_id_ref')."' "; $db2->query($q2); $db2->next_record(); //back the requested values id and user name $user_info = array('id' => $db->f('ost_usa_id_ref'), 'name' => urlencode($db2->f('nombre')) ); echo json_encode($user_info); exit; } //case 2: projects. Here we have two options, GET or POST else if ($request_path == "/projects") { //first the case where we send the list of projects in an array if ($_SERVER['REQUEST_METHOD'] == "GET") { //capture the headers received $headers = getallheaders_manual(); //seek the oauth_token received by header $data = explode(':', $headers['Authorization']); $data2 = explode(',', $data[0]); foreach ($data2 as $val) { $valor = explode('=', $val); $header2[trim($valor[0])] = str_replace('"', '', trim($valor[1])); } //we recover the value of oauth_token oauth_server_token table. MySQL.class.php use the library makes requests to the database. $db = new db; $q = " SELECT * FROM oauth_server_token WHERE ost_token = '".$header2['oauth_token']."' "; $db->query($q); $db->next_record(); //Load projects from the current user in the table of projects, the value of the user id $db2 = new db; $q2 = " SELECT * FROM proyectos WHERE user_id = '".$db->f('ost_usa_id_ref')."' "; $db2->query($q2); $proyectos = array(); //load a project array table obtained for that user projects while($db2->next_record()) { $proyecto = array(); $proyecto['id'] = $db2->f('id'); $proyecto['name'] = $db2->f('nombre_proyecto'); $proyecto['path'] = $db2->f('folder_project'); $proyecto['state'] = $ESTADOS[$db2->f('status')]; $proyectos[] = $proyecto; } echo json_encode($proyectos); exit; } //second the case where we receive data from a project. else if ($_SERVER['REQUEST_METHOD'] == "POST") { //Use the incoming params of the POST to create the project record in your database for the user and send back info as response. $datos = json_decode($HTTP_RAW_POST_DATA); //Incoming id will always be nil for new project. You have to send back the id of the project record in your DB once you create it. $name = $datos->{"name"}; $path = $datos->{"path"}; //capture the headers received $headers = getallheaders_manual(); //seek the oauth_token received by header $data = explode(':', $headers['Authorization']); $data2 = explode(',', $data[0]); foreach ($data2 as $val) { $valor = explode('=', $val); $header2[trim($valor[0])] = str_replace('"', '', trim($valor[1])); } //we recover the value of oauth_token oauth_server_token table. MySQL.class.php use the library makes requests to the database. $db = new db; $q = " SELECT * FROM oauth_server_token WHERE ost_token = '".$header2['oauth_token']."' "; $db->query($q); $db->next_record(); //get the id of the project $project_id = $db->f('ost_usa_pro_ref'); //update project name and path of the folder in the database table projects $db = new db; $q = " UPDATE (nombre_proyecto, folder_project) SET ('".$name."', '".$path."') WHERE id = '".$project_id."' "; $db->query($q); //load the data back from the current project $db = new db; $q = " SELECT * FROM proyectos WHERE id = '".$project_id."' "; $db->query($q); $db->next_record(); //send back the new values $new_project = array('id' => $db->f('id'), 'name' => $db->f('nombre_proyecto'), 'path' => $db->f('folder_project'), 'state' => $ESTADOS[$db->f('status')]); echo json_encode($new_project); exit; } } //case 3: Link to go to shopping cart else if (preg_match('/\/projects\/(\d+)\/add_to_cart$/', $request_path, $matches)) { //capture the id of the project from the URL itself received $project_id = $matches[1]; if ($_SERVER['REQUEST_METHOD'] == "POST") { //make a header to the address on our website where we have the shopping cart, with the id of the project. From here on the checkout is done the same. header('Location: ' . "http://www.mydomain.com/addtocart.php?id=".$project_id, true, 301); die(); } } //case 4: Sending mails from the designer else if (preg_match('/\/projects\/(\d+)\/email_message$/', $request_path, $matches)) { //capture the id of the project from the URL itself received $project_id = $matches[1]; if ($_SERVER['REQUEST_METHOD'] == "POST") { //Send email from your server to the recipient with data from the POST. $data = json_decode($HTTP_RAW_POST_DATA); $recipient = $data->{"recipient"}; $preview_image_url = $data->{"preview_image_url"}; //here we have to implement a method for sending mails. It may be for example with the php mail function $recipient = $data->{"recipient"}; $subject = 'Asunto'; $message = $data->{"message"}; $message .= '