ArkiwiAPI/arav_up_api/index.php

<?php

header('Access-Control-Allow-Origin: *');
header('Access-Control-Allow-Methods: GET, POST, OPTIONS');
header('Access-Control-Allow-Headers: X-Requested-With');
header('Access-Control-Max-Age: 86400');

// includes
$includePath = array();
$includePath[] = '../arav_up_inclu';
$includePath[] = get_include_path();
$includePath = implode(PATH_SEPARATOR,$includePath);
set_include_path($includePath);

// carica configurazione
require '../arav_up_confs.php';

require_once('arkiwi.php');
require_once('auth.php');
require_once('report.php');

// presenta auth
if (!isset($_SERVER['PHP_AUTH_USER'])) {
     prompt_auth();
//     report(1,"PHP_AUTH_USER not set, exiting"); //Lo vogliamo davvero loggare?
     exit;
}

$authstate = do_local_auth($_SERVER['PHP_AUTH_USER'], hash("sha256",$_SERVER['PHP_AUTH_PW']));
// report(1,"userid : ".$authstate["userid"]);
// report(1,"dir : ".$authstate["dir"]);
if ($authstate["esito"] != "AUTH_OK") {
//     // es: is_inside_dir($object, $authstate["dir"]);
    prompt_auth();
//     report(1,"esito not AUTH_OK, exiting");
    exit;
}
else {
    // registra in sessione i dati dell'utente //FIXME lo facciamo qui o dentro la funzione do_local_auth?
    $_SESSION['authstate'] = $authstate;
}

// -----------------

// I am not afraid of errors:
error_reporting(E_ALL);

// Parse the request, and run:
$request = parseRequest();
$request->run();

// Print the headers and the body:
$request->writeHeader();
$request->writeBody();