patch

lbr38 · Nov 8, 2023 · 6db9886 · 6db9886
1 parent 0974857
commit 6db9886
Showing 1 changed file with 12 additions and 4 deletions.
diff --git a/www/controllers/Api/Api.php b/www/controllers/Api/Api.php
@@ -28,7 +28,7 @@ public function __construct()
          */
         if ($_SERVER['REQUEST_METHOD'] != 'GET' and $_SERVER['REQUEST_METHOD'] != 'POST' and $_SERVER['REQUEST_METHOD'] != 'PUT' and $_SERVER['REQUEST_METHOD'] != 'DELETE') {
             http_response_code(405);
-            echo json_encode(["return" => "405", "message_error" => array('Method not allowed.')]);
+            echo json_encode(["return" => "405", "message_error" => array('Method not allowed')]);
             exit;
         }
 
@@ -38,9 +38,17 @@ public function __construct()
         $this->method = $_SERVER['REQUEST_METHOD'];
 
         /**
-         *  Retrieve JSON data if any
+         *  Retrieve data if any
          */
-        $this->data = json_decode(file_get_contents("php://input"));
+        $this->data = file_get_contents("php://input");
+
+        if (!empty($this->data)) {
+            $this->data = json_decode($this->data);
+
+            if ($this->data == null) {
+                self::returnError(400, 'Invalid JSON data');
+            }
+        }
 
         /**
          *  Retrieve authentication header if any
@@ -107,7 +115,7 @@ public function __construct()
      *  Check if authentication is valid
      *  It can be an API key authentication or a host authId+token authentication
      */
-    public function authenticate(string $authHeader = null, object $data = null)
+    public function authenticate(string $authHeader = null, string|object $data = null)
     {
         /**
          *  New authentication method