这行得通......但它错了吗?特别是它本质上是不安全的吗?
我错过了什么?我真的需要服务模块来让我做一些简单的宁静(和安全)drupal<->电话应用程序通信吗?
这个想法是这些网址将通过电话应用程序发送(编辑:并且将使用 POST 而不是GET)
/**
* Simple restish switchboard reading
* This is not proper rest, but provide a quick and dirty framework.
*/
function _rest_go() {
// login https://example.com/rest/go?mode=login&name=(yourusername)&pass=(yourpasword)
// logout https://example.com/rest/go?mode=logout
// logout https://example.com/rest/go?mode=me
switch ($_REQUEST['mode']) {
case 'login':
$params = array(
'name' => $_REQUEST['name'],
'pass' => $_REQUEST['pass'],
);
$user = user_authenticate($params);
$result = $user;
break;
case 'logout':
require_once(drupal_get_path('module', 'user') . '/user.pages.inc');
user_logout();
$result = 'logged out';
break;
case 'me':
$result = rest::myCiviID();
break;
}
drupal_json($result);
exit();
}