search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Security fix - html escape sql error messages
[openemr.git] / library / lab_exchange_api.php
blob81497d042bd94738f7326f3941acc72f0ab82ab0
1 <?php
2 // Copyright (C) 2010 Maviq <info@maviq.com>
3 //
4 // This program is free software; you can redistribute it and/or
5 // modify it under the terms of the GNU General Public License
6 // as published by the Free Software Foundation; either version 2
7 // of the License, or (at your option) any later version.
8 //
9 if(!extension_loaded("curl"))
10 throw(new Exception(
11 "Curl extension is required"));
12
13 class LabExchangeClient {
14
15 protected $Endpoint;
16 protected $SiteId;
17 protected $Token;
18
19 public function __construct($siteId, $token, $endpoint) {
20 $this->SiteId = $siteId;
21 $this->Token = $token;
22 $this->Endpoint = $endpoint;
23
24 }
25
26 public function sendRequest($path, $method="GET", $vars=array()){
27
28 echo "Path: {$path}\n";
29
30 $encoded = "";
31 foreach($vars AS $key=>$value)
32 $encoded .= "$key=".urlencode($value)."&";
33 $encoded = substr($encoded, 0, -1);
34 $tmpfile = "";
35 $fp = null;
36
37 // Construct full url.
38 $url = "{$this->Endpoint}/$path";
39
40 echo "Url: {$url}\n";
41
42 // If GET and vars, append them.
43 if($method == "GET")
44 $url .= (FALSE === strpos($path, '?')?"?":"&").$encoded;
45
46 // Initialize a new curl object.
47 $curl = curl_init($url);
48 curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false);
49 curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, false);
50 curl_setopt($curl, CURLOPT_RETURNTRANSFER, TRUE);
51 switch(strtoupper($method)) {
52 case "GET":
53 curl_setopt($curl, CURLOPT_HTTPGET, TRUE);
54 break;
55 case "POST":
56 curl_setopt($curl, CURLOPT_POST, TRUE);
57 curl_setopt($curl, CURLOPT_POSTFIELDS, $encoded);
58 break;
59 case "PUT":
60 // curl_setopt($curl, CURLOPT_PUT, TRUE);
61 curl_setopt($curl, CURLOPT_POSTFIELDS, $encoded);
62 curl_setopt($curl, CURLOPT_CUSTOMREQUEST, "PUT");
63 file_put_contents($tmpfile = tempnam("/tmp", "put_"),
64 $encoded);
65 curl_setopt($curl, CURLOPT_INFILE, $fp = fopen($tmpfile,
66 'r'));
67 curl_setopt($curl, CURLOPT_INFILESIZE,
68 filesize($tmpfile));
69 break;
70 case "DELETE":
71 curl_setopt($curl, CURLOPT_CUSTOMREQUEST, "DELETE");
72 break;
73 default:
74 throw(new Exception("Unknown method $method"));
75 break;
76 }
77
78 // Send credentials.
79 curl_setopt($curl, CURLOPT_USERPWD,
80 $pwd = "{$this->SiteId}:{$this->Token}");
81
82 // Do the request. If FALSE, then an exception occurred.
83 if(FALSE === ($result = curl_exec($curl)))
84 throw(new Exception(
85 "Curl failed with error " . curl_error($curl)));
86
87 // Get result code.
88 $responseCode = curl_getinfo($curl, CURLINFO_HTTP_CODE);
89
90 // Unlink tmpfiles.
91 if($fp)
92 fclose($fp);
93 if(strlen($tmpfile))
94 unlink($tmpfile);
95
96 return new RestResponse($url, $result, $responseCode);
97 }
98
99 }
100
101 class RestResponse {
102
103 public $ResponseText;
104 public $ResponseXml;
105 public $HttpStatus;
106 public $Url;
107 public $QueryString;
108 public $IsError;
109 public $ErrorMessage;
110
111 public function __construct($url, $text, $status) {
112 preg_match('/([^?]+)\??(.*)/', $url, $matches);
113 $this->Url = $matches[1];
114 $this->QueryString = $matches[2];
115 $this->ResponseText = $text;
116 $this->HttpStatus = $status;
117 if($this->HttpStatus != 204)
118 $this->ResponseXml = @simplexml_load_string($text);
119
120 if($this->IsError = ($status >= 400))
121 $this->ErrorMessage =
122 (string)$this->ResponseXml->RestException->Message;
123
124 }
125
126 }
127
128 ?>
129
Mirror of official OpenEMR Sourceforge repository