- Posts: 24
- Thank you received: 2
Please Log in or Create an account to join the conversation.
Yes, encryption is mandatory. It is a security constraint, not to crypt data, but to confirm you have the correct API Key. Security (to retrive access rights) is in two points :Question : is it necessary too encrypt message (with AES-256) if i call the web service using https ? I try too call the web service using microsoft WinHttpRequest. and i have lot of problem with encryption.
Request recorded as Ticket #1490Propose Evolution : add a service for search elements with criteria. Sample : if i want know if a project named "Project ONE" exist, i can ask this web service with a criteria : '{"name":"Project ONE"}'. This evolution can help, if we want check existence of object before using insert or update WS.
Please Log in or Create an account to join the conversation.
else if (count($split)==2 and $split[1]=='search') { // =============== uri = {OblectClass}/search
if (isset($_REQUEST['data']) ) {
$data=$_REQUEST['data'];
} else {
$data=file_get_contents("php://input");
}
if (! $data) {
returnError($invalidQuery, "'data' missing for method ".$_SERVER['REQUEST_METHOD']);
}
$dataArray=@json_decode($data,true);
if (! $dataArray) {
returnError($invalidQuery, "'data' is not correctly encoded for method ".$_SERVER['REQUEST_METHOD'].". Request for correct API KEY");
}
if (isset($dataArray['items'])) {
$arrayData=$dataArray['items'];
} else {
$arrayData=array($dataArray);
}
$where="1=1 ";
foreach ($arrayData[0] as $field=>$value) {
$where.="and " . $field . "='" .$value . "' ";
}
}
Please Log in or Create an account to join the conversation.
Please Log in or Create an account to join the conversation.
else if (count($split)==2 and $split[1]=='search') { // =============== uri = {OblectClass}/search
if (isset($_REQUEST['data']) ) {
$data=$_REQUEST['data'];
} else {
$data=file_get_contents("php://input");
}
if (! $data) {
returnError($invalidQuery, "'data' missing for method ".$_SERVER['REQUEST_METHOD']);
}
$dataArray=@json_decode($data,true);
if (! $dataArray) {
returnError($invalidQuery, "'data' is not correctly encoded for method ".$_SERVER['REQUEST_METHOD'].". Request for correct API KEY");
}
if (isset($dataArray['items'])) {
$arrayData=$dataArray['items'];
} else {
$arrayData=array($dataArray);
}
$where=(count($arrayData))>0?"(1=0 ":"(1=1";
foreach ($arrayData as $arrayFilter) {
$where.="or (1=1 ";
foreach ($arrayFilter as $field=>$value) {
$where.="and " . $field . "='" .$value . "' ";
}
$where.=') ';
}
$where.=') ';
}
Please Log in or Create an account to join the conversation.
Please Log in or Create an account to join the conversation.
En poursuivant votre navigation, vous acceptez le dépôt de cookies tiers destinés au bon fonctionnement et à la sécurisation du site (gestion de session, reCaptcha) et à une analyse statistique anonymisée des accès sur notre site (Google Analytics). Si vous vous inscrivez, les informations que vous fournirez ne seront jamais divulguées à un tiers sous quelque forme que ce soit. En savoir plus
Ce site utilise des cookies pour assurer son bon fonctionnement et ne peuvent pas être désactivés de nos systèmes. Nous ne les utilisons pas à des fins publicitaires. Si ces cookies sont bloqués, certaines parties du site ne pourront pas fonctionner.
Ce site web utilise un certain nombre de cookies pour gérer, par exemple, les sessions utilisateurs.