diff --git a/deal/index.php b/deal/index.php index 9c7411e..e4a135d 100644 --- a/deal/index.php +++ b/deal/index.php @@ -1,169 +1,6 @@ connect_error) { -// logMessage("DB connected successfully"); -// -// $stmt = $mysqli->prepare("INSERT INTO documents (target_id, target_type, parent, name, file) VALUES (?, ?, ?, ?, ?)"); -// $user_id = (int)(isset($_SESSION['id']) ? $_SESSION['id'] : 0); -// $stmt->bind_param("iiiis", $target_id, $target_type, $parent, $name, $filePath); -// $stmt->execute(); -// $documentId = $stmt->insert_id; -// $stmt->close(); -// -// logMessage("Document inserted with ID=$documentId"); -// -// $api_url = "http://llar.joyworkdev.ru/api/documents/storeFromLegacy"; -// $postData = json_encode([ -// 'document_id' => $documentId, -// 'name' => $name, -// 'file' => $filePath, -// 'target_id' => $target_id, -// 'target_type' => $target_type, -// ]); -// -// $ch = curl_init(); -// curl_setopt_array($ch, [ -// CURLOPT_URL => $api_url, -// CURLOPT_RETURNTRANSFER => true, -// CURLOPT_CUSTOMREQUEST => 'POST', -// CURLOPT_POSTFIELDS => $postData, -// CURLOPT_HTTPHEADER => $headers, -// CURLOPT_HEADER => false, -// ]); -// -// $response = curl_exec($ch); -// $httpCode = curl_getinfo($ch, CURLINFO_HTTP_CODE); -// curl_close($ch); -// -// logMessage("API response code=$httpCode, response=" . substr($response, 0, 200)); -// -// http_response_code($httpCode); -// echo $response; -// exit; -// } else { -// logMessage("DB connection failed: " . $mysqli->connect_error); -// http_response_code(500); -// echo json_encode(['error' => 'DB connection failed']); -// exit; -// } -// } else { -// logMessage("Failed to move uploaded file"); -// http_response_code(500); -// echo json_encode(['error' => 'Failed to save file']); -// exit; -// } -// } else { -// logMessage("File upload error: " . (isset($_FILES['file']['error']) ? $_FILES['file']['error'] : 'no file')); -// http_response_code(422); -// echo json_encode(['error' => 'File upload error']); -// exit; -// } -//} - -$ch = curl_init(); - -curl_setopt_array($ch, [ - CURLOPT_URL => $api_url, - CURLOPT_RETURNTRANSFER => true, - CURLOPT_CUSTOMREQUEST => $_SERVER['REQUEST_METHOD'], - CURLOPT_POSTFIELDS => $input_data, - CURLOPT_HTTPHEADER => $headers, - CURLOPT_HEADER => false, -]); - -$response = curl_exec($ch); -$httpCode = curl_getinfo($ch, CURLINFO_HTTP_CODE); -$curlError = curl_error($ch); -if ($curlError) { - logMessage("cURL Error: " . $curlError); -} - -curl_close($ch); - -http_response_code($httpCode); -echo $response; \ No newline at end of file +$proxy = new DealProxy(); +$proxy->handle(); +?> \ No newline at end of file diff --git a/engine/classes/DealProxy.php b/engine/classes/DealProxy.php new file mode 100644 index 0000000..a763a17 --- /dev/null +++ b/engine/classes/DealProxy.php @@ -0,0 +1,112 @@ +logFile = __DIR__ . '/proxy.log'; + } + + /** Simple logger */ + private function logMessage(string $message): void + { + $date = date('Y-m-d H:i:s'); + file_put_contents($this->logFile, "[$date] $message\n", FILE_APPEND); + } + + /** Build the target URL based on incoming request */ + private function buildTargetUrl(): string + { + $path = $_GET['path'] ?? ''; + unset($_GET['path']); + $query = http_build_query($_GET); + $apiUrl = "https://llar.joyworkdev.ru/api/" . ltrim($path, '/'); + if ($query) { + $apiUrl .= '?' . $query; + } + return $apiUrl; + } + + /** Build headers for the forwarded request */ + private function buildHeaders(): array + { + $headers = [ + 'Accept: application/json', + ]; + + // Preserve original Content-Type if present + $originalContentType = $_SERVER['CONTENT_TYPE'] ?? ''; + if ($originalContentType) { + $headers[] = 'Content-Type: ' . $originalContentType; + $this->logMessage("Incoming Content-Type: '$originalContentType'"); + } else { + $this->logMessage('WARNING: Incoming Content-Type not detected'); + } + + // Pass session cookie if exists + if (!empty($_COOKIE['PHPSESSID'])) { + $headers[] = 'Cookie: PHPSESSID=' . $_COOKIE['PHPSESSID']; + } + // Pass custom header from Vue if present + if (!empty($_SERVER['HTTP_X_SESSION_ID'])) { + $headers[] = 'X-Session-ID: ' . $_SERVER['HTTP_X_SESSION_ID']; + } + return $headers; + } + + /** Forward the request using cURL and output the response */ + private function forwardRequest(string $targetUrl, array $headers, string $method, string $body): void + { + $ch = curl_init(); + curl_setopt_array($ch, [ + CURLOPT_URL => $targetUrl, + CURLOPT_RETURNTRANSFER => true, + CURLOPT_CUSTOMREQUEST => $method, + CURLOPT_POSTFIELDS => $body, + CURLOPT_HTTPHEADER => $headers, + CURLOPT_HEADER => false, + ]); + + $response = curl_exec($ch); + $httpCode = curl_getinfo($ch, CURLINFO_HTTP_CODE); + $curlError = curl_error($ch); + if ($curlError) { + $this->logMessage('cURL Error: ' . $curlError); + } + curl_close($ch); + + http_response_code($httpCode); + echo $response; + } + + /** Main handler – called from index.php */ + public function handle(): void + { + // CORS headers – keep them here to be sent before any output + header('Access-Control-Allow-Origin: *'); + header('Access-Control-Allow-Credentials: true'); + header('Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS'); + header('Access-Control-Allow-Headers: Accept, Content-Type, X-Requested-With, Authorization'); + if ($_SERVER['REQUEST_METHOD'] === 'OPTIONS') { + http_response_code(204); + exit; + } + + $targetUrl = $this->buildTargetUrl(); + $headers = $this->buildHeaders(); + $method = $_SERVER['REQUEST_METHOD']; + $body = file_get_contents('php://input'); + $this->logMessage('Forwarding request to ' . $targetUrl); + $this->forwardRequest($targetUrl, $headers, $method, $body); + } +} +?>