function health_api_access in Health Status 7

Access callback for seeing if the user can view the Health API.

The Health API requires a secret key be posted to it. The key can be set in the admin/config/system/health settings page.

1 string reference to 'health_api_access'

health_menu in ./health.module: Implements hook_menu().

File

./health.module, line 221: Contains the basic hooks and function used by the Health system.

Code

function health_api_access() {

  // Make sure they sent a key.
  if (!isset($_POST['key']) || empty($_POST['key'])) {
    return FALSE;
  }

  // Check if we are requiring HTTPS.
  if (variable_get('health_api_require_https', TRUE) && $_SERVER['HTTPS'] !== "on") {

    // User is not using HTTPS.
    return FALSE;
  }
  $key = $_POST['key'];

  // Check the key versus the one we have stored.
  if ($key !== variable_get('health_api_access_key', FALSE)) {

    // Wrong key sent.
    return FALSE;
  }

  // All checks passed, allow access.
  return TRUE;
}

You are here

function health_api_access in Health Status 7

File

Code

API Navigation