111 lines
3.1 KiB
PHP
111 lines
3.1 KiB
PHP
<?php
|
|
|
|
require_once __DIR__.'/../bootstrap.php';
|
|
|
|
use App\Classes\BaseHandler;
|
|
|
|
class QueryHandler extends BaseHandler
|
|
{
|
|
public function __construct()
|
|
{
|
|
parent::__construct();
|
|
$this->ensureAllowedOrigin();
|
|
}
|
|
|
|
protected function ensureAllowedOrigin(): void
|
|
{
|
|
$allowedHosts = ['coryd.dev', 'www.coryd.dev', 'localhost'];
|
|
$origin = $_SERVER['HTTP_ORIGIN'] ?? '';
|
|
$referer = $_SERVER['HTTP_REFERER'] ?? '';
|
|
$hostAllowed = fn ($url) => in_array(parse_url($url, PHP_URL_HOST), $allowedHosts, true);
|
|
|
|
if (! $hostAllowed($origin) && ! $hostAllowed($referer)) {
|
|
$this->sendErrorResponse('Forbidden: invalid origin', 403);
|
|
}
|
|
|
|
$allowedSource = $origin ?: $referer;
|
|
$scheme = parse_url($allowedSource, PHP_URL_SCHEME) ?? 'https';
|
|
$host = parse_url($allowedSource, PHP_URL_HOST);
|
|
|
|
header("Access-Control-Allow-Origin: {$scheme}://{$host}");
|
|
header('Access-Control-Allow-Headers: Content-Type');
|
|
header('Access-Control-Allow-Methods: GET, POST');
|
|
}
|
|
|
|
public function handleRequest(): void
|
|
{
|
|
$data = $_GET['data'] ?? null;
|
|
$id = $_GET['id'] ?? null;
|
|
$cacheDuration = intval($_GET['cacheDuration'] ?? 3600);
|
|
|
|
if (! $data) {
|
|
$this->sendErrorResponse("Missing 'data' parameter", 400);
|
|
}
|
|
|
|
$cacheKey = $this->buildCacheKey($data, $id);
|
|
|
|
if ($this->cache) {
|
|
$cached = $this->cache->get($cacheKey);
|
|
|
|
if ($cached) {
|
|
header('Content-Type: application/json');
|
|
echo $cached;
|
|
exit();
|
|
}
|
|
}
|
|
|
|
$query = $id ? "id=eq.$id" : '';
|
|
|
|
try {
|
|
$response = $this->fetchFromApi($data, $query);
|
|
$markdownFields = $this->getMarkdownFieldsFromQuery();
|
|
|
|
if (! empty($response) && ! empty($markdownFields)) {
|
|
$response = $this->parseMarkdownFields($response, $markdownFields);
|
|
}
|
|
|
|
$json = json_encode($response);
|
|
|
|
if ($this->cache) {
|
|
$this->cache->setex($cacheKey, $cacheDuration, $json);
|
|
}
|
|
|
|
header('Content-Type: application/json');
|
|
echo $json;
|
|
} catch (\Exception $e) {
|
|
$this->sendErrorResponse('PostgREST fetch failed: '.$e->getMessage(), 500);
|
|
}
|
|
}
|
|
|
|
private function buildCacheKey(string $data, ?string $id): string
|
|
{
|
|
return "proxy_{$data}".($id ? "_{$id}" : '');
|
|
}
|
|
|
|
private function getMarkdownFieldsFromQuery(): array
|
|
{
|
|
$fields = $_GET['markdown'] ?? [];
|
|
|
|
if (! is_array($fields)) {
|
|
$fields = explode(',', $fields);
|
|
}
|
|
|
|
return array_map('trim', array_filter($fields));
|
|
}
|
|
|
|
private function parseMarkdownFields(array $data, array $fields): array
|
|
{
|
|
foreach ($data as &$item) {
|
|
foreach ($fields as $field) {
|
|
if (! empty($item[$field])) {
|
|
$item["{$field}_html"] = parseMarkdown($item[$field]);
|
|
}
|
|
}
|
|
}
|
|
|
|
return $data;
|
|
}
|
|
}
|
|
|
|
$handler = new QueryHandler();
|
|
$handler->handleRequest();
|