diff --git a/proxy/config.php b/proxy/config.php
index cb1f740..0423a9d 100644
--- a/proxy/config.php
+++ b/proxy/config.php
@@ -19,7 +19,7 @@ $target_civicrm = 'https://your.civicrm.installation.org';
/****************************************************************
- ** DEFAULT PATHS **
+ ** FEATURES / DEFAULT PATHS **
** **
** set to NULL to disable a feature **
****************************************************************/
@@ -32,6 +32,15 @@ $target_file = $target_civicrm . '/sites/default/files/civicrm/persist/';
$target_mosaico = NULL; // (disabled by default): $target_civicrm . '/civicrm/mosaico/img?src=';
$target_mail_view = $target_civicrm . '/civicrm/mailing/view';
+/****************************************************************
+ ** GENERAL OPTIONS **
+ ****************************************************************/
+
+// This logo is shown if the proxy server is address with a web browser
+// add your own logo here
+$civiproxy_logo = "
";
+
+
// Set api-key for mail subscribe/unsubscribe user
// Set to NULL/FALSE to disable the feature
$mail_subscription_user_key = NULL;
@@ -77,6 +86,12 @@ $file_cache_include = array(
/****************************************************************
** REST API OPTIONS **
****************************************************************/
+
+// if you enable this, the system will also try to
+// parse the 'json' parameter, which holds additional
+// input data according to the CiviCRM REST API specs
+$rest_evaluate_json_parameter = FALSE;
+
// whitelisting is done per IP address ($_SERVER['REMOTE_ADDR']) with a 'all' for the generic stuff that applies to all IP addresses
// - if a request comes in and the IP is not a key in the array, the whitelisted in 'all' are used
// - if a request comes in and the IP is indeed a key in the array, the whitelisted in the IP are checked first. If nothing is
@@ -102,4 +117,3 @@ $rest_allowed_actions = array(
),
),
);
-
diff --git a/proxy/proxy.php b/proxy/proxy.php
index fc954e9..20168c7 100644
--- a/proxy/proxy.php
+++ b/proxy/proxy.php
@@ -8,8 +8,7 @@
+---------------------------------------------------------*/
require_once "config.php";
-$civiproxy_version = '0.5';
-$civiproxy_logo = "";
+$civiproxy_version = '0.6.dev1';
/**
* this will redirect the request to another URL,
@@ -165,8 +164,14 @@ function civiproxy_security_check($target, $quit=TRUE) {
*
* @param $valid_parameters array ' => ''
* where type can be 'int', 'string' (unchecked),
+ * @param $request provides the request data to use,
+ * defaults to $_REQUEST
*/
-function civiproxy_get_parameters($valid_parameters) {
+function civiproxy_get_parameters($valid_parameters, $request = NULL) {
+ if ($request === NULL) {
+ $request = $_REQUEST;
+ }
+
$result = array();
$default_sanitation = NULL;
@@ -177,8 +182,8 @@ function civiproxy_get_parameters($valid_parameters) {
continue;
}
- if (isset($_REQUEST[$name])) {
- $result[$name] = civiproxy_sanitise($_REQUEST[$name], $type);
+ if (isset($request[$name])) {
+ $result[$name] = civiproxy_sanitise($request[$name], $type);
}
}
@@ -186,7 +191,7 @@ function civiproxy_get_parameters($valid_parameters) {
if ($default_sanitation !== NULL) {
// i.e. we want the others too
$remove_parameters = array('key', 'api_key', 'version', 'entity', 'action');
- foreach ($_REQUEST as $name => $value) {
+ foreach ($request as $name => $value) {
if (!in_array($name, $remove_parameters) && !isset($valid_parameters[$name])) {
$result[$name] = civiproxy_sanitise($value, $default_sanitation);
}
@@ -220,6 +225,19 @@ function civiproxy_sanitise($value, $type) {
error_log("CiviProxy: removed invalid email parameter: " . $value);
$value = '';
}
+ } elseif ($type == 'json') {
+ // valid json
+ $json_data = json_decode($value, true);
+ if ($json_data === NULL) {
+ $value = '';
+ } else {
+ $value = json_encode($value);
+ }
+ } elseif ($type == 'array') {
+ // this should only happen _inside_ the json field
+ if (!is_array($value)) {
+ $value = '';
+ }
} elseif (is_array($type)) {
// this is a list of valid options
$requested_value = $value;
diff --git a/proxy/rest.php b/proxy/rest.php
index d97efb7..a8848d4 100644
--- a/proxy/rest.php
+++ b/proxy/rest.php
@@ -64,7 +64,7 @@ if (isset($rest_allowed_actions['all'])) {
} else {
civiproxy_rest_error("Invalid entity/action.");
}
-}
+}
// extract parameters and add credentials and action data
$parameters = civiproxy_get_parameters($valid_parameters);
@@ -75,6 +75,18 @@ foreach ($action as $key => $value) {
$parameters[$key] = $value;
}
+// evaluate the JSON parameter
+global $rest_evaluate_json_parameter;
+if ($rest_evaluate_json_parameter) {
+ if (isset($_REQUEST['json'])) {
+ $json_data = json_decode($_REQUEST['json'], true);
+ if (!empty($json_data)) {
+ $json_parameters = civiproxy_get_parameters($valid_parameters, $json_data);
+ $parameters['json'] = json_encode($json_parameters);
+ }
+ }
+}
+
// finally execute query
civiproxy_redirect($target_rest, $parameters);