FloatAppGate/public/core1/SAVVY/advice/index.php

<?php
require_once('../../core/backend.php');
require_once('../constants.php');

require_once('../common/vendor/autoload.php');
require_once('../common/Api.php');
require_once('../common/Db.php');
require_once('../common/GoogleKMS.php');
require_once('../common/Logger.php');
require_once('../common/Utilities.php');

require_once('Destinations.php');
require_once('DestinationsApi.php');

require_once('../trips/Address.php');
require_once('../trips/Geocode.php');
require_once('../trips/GeocodeApi.php');
require_once('../trips/Geofence.php');
require_once('../trips/GeofenceApi.php');

$httpAuthToken = $savvyext->cfgReadChar('system.oauth2_token');

header("Access-Control-Allow-Origin: *");
header("Access-Control-Expose-Headers: Access-Control-Allow-Origin");
header("Access-Control-Allow-Headers: Cache-Control, Pragma, Origin, Authorization, Content-Type, X-Requested-With, client_id");
header("Access-Control-Allow-Methods: POST, GET, PUT, DELETE, OPTIONS");
header('Content-type: application/json');

if ("OPTIONS" === $_SERVER['REQUEST_METHOD']) {
    exit();
}

$headers = getallheaders();
if ((!isset($headers["Authorization"]) || substr($headers["Authorization"],-strlen($httpAuthToken))!=$httpAuthToken) &&
    (!isset($headers["authorization"]) || substr($headers["authorization"],-strlen($httpAuthToken))!=$httpAuthToken)) {
    header('HTTP/1.1 401 Unauthorized');
    header('Status: 401 Unauthorized');
    echo "{\"status\":\"Missing authorization\"}";
    exit();
}

try {
	if (strpos($_SERVER['REQUEST_URI'],'/api/')===false) {
		throw new Exception("Invalid API request");
	}
	$requestUri = explode('/', trim($_SERVER['REQUEST_URI'],'/'));
	while (array_shift($requestUri) !== 'api') {
	};
	if ($requestUri[0]=='destinations') {
		$api = new DestinationsApi($requestUri);
	} 
	else {
		echo json_encode(Array('error' => 'Invalid API request'));
	}
	echo $api->run();
}
catch (Exception $e) {
	echo json_encode(Array('error' => $e->getMessage()));
}