<?php
/**
 * api/Rest.inc.php
 *
 * Base REST class. Fixed for PHP 8 compatibility:
 * - Removed get_magic_quotes_gpc() which was removed in PHP 8.0
 * - cleanInputs() no longer calls stripslashes conditionally
 */
class REST
{
    public array  $_allow        = [];
    public string $_content_type = 'application/json';
    public array  $_request      = [];

    private string $_method = '';
    private int    $_code   = 200;

    public function __construct()
    {
        $this->inputs();
    }

    public function get_referer(): string
    {
        return $_SERVER['HTTP_REFERER'] ?? '';
    }

    public function response(string $data, int $status): void
    {
        $this->_code = $status;
        $this->set_headers();
        echo $data;
        exit;
    }

    private function get_status_message(): string
    {
        $status = [
            100 => 'Continue',
            200 => 'OK',
            201 => 'Created',
            204 => 'No Content',
            301 => 'Moved Permanently',
            302 => 'Found',
            400 => 'Bad Request',
            401 => 'Unauthorized',
            403 => 'Forbidden',
            404 => 'Not Found',
            405 => 'Method Not Allowed',
            406 => 'Not Acceptable',
            409 => 'Conflict',
            500 => 'Internal Server Error',
        ];
        return $status[$this->_code] ?? 'Internal Server Error';
    }

    public function get_request_method(): string
    {
        return $_SERVER['REQUEST_METHOD'];
    }

    private function inputs(): void
    {
        switch ($this->get_request_method()) {
            case 'POST':
                $this->_request = $this->cleanInputs($_POST);
                break;
            case 'GET':
            case 'DELETE':
                $this->_request = $this->cleanInputs($_GET);
                break;
            case 'PUT':
                parse_str(file_get_contents('php://input'), $input);
                $this->_request = $this->cleanInputs($input);
                break;
            default:
                $this->response('', 406);
        }
    }

    private function cleanInputs(array|string $data): array|string
    {
        if (is_array($data)) {
            return array_map([$this, 'cleanInputs'], $data);
        }
        // PHP 8: magic_quotes were removed; just strip tags and trim
        return trim(strip_tags((string) $data));
    }

    private function set_headers(): void
    {
        header('HTTP/1.1 ' . $this->_code . ' ' . $this->get_status_message());
        header('Content-Type: ' . $this->_content_type);
    }
}