cookie-0006-API-add-cmd-sendMessage.patch

main
Philip Häusler 11 years ago
parent 9dc5dbe3b6
commit 6664433fab

@ -13,8 +13,10 @@ Every API Request must be contained the Api Key (using JSON parameter 'key') and
Testing API calls (using curl):
-------------------------------
$ curl -d '{"key":"<key>","cmd":"getVersion"}' '<Address>/?p=api'
$ curl -d '{"cmd":"getVersion"}' '<Address>/?p=api'
$ curl -d '{"cmd":"getApiKey","user":"admin","pw":"admin"}' '<Address>/?p=api'
$ curl -d '{"key":"<key>","cmd":"getRoom"}' '<Address>/?p=api'
$ curl -d '{"key":"<key>","cmd":"sendmessage","uid":"23","text":"test message"}' '<Address>/?p=api'
Methods without key:
--------------------
@ -90,6 +92,14 @@ getMessage
[{"id":"1"},{"id":"2"},{"id":"3"}]
{"id":"3","Datum":"1388247583","SUID":"23","RUID":"42","isRead":"N","Text":"message text"}
sendMessage
Description:
send a Message to an other angel
Parameters:
uid (integer) - User ID of the reciever
text (string) - Message Text
Return Example:
{"status":"success"}
************************************************************************************************/
@ -98,7 +108,7 @@ getMessage
* General API Controller
*/
function api_controller() {
global $DataJson, $_REQUEST;
global $user, $DataJson, $_REQUEST;
header("Content-Type: application/json; charset=utf-8");
@ -160,6 +170,9 @@ function api_controller() {
case 'getmessage':
getMessage();
break;
case 'sendmessage':
sendMessage();
break;
default:
$DataJson = array (
'status' => 'failed',
@ -295,4 +308,30 @@ function getMessage(){
}
}
/**
* Send Message
*/
function sendMessage(){
global $DataJson, $_REQUEST;
if (!isset($_REQUEST['uid']) ) {
$DataJson = array (
'status' => 'failed',
'error' => 'Missing parameter "uid".' );
}
elseif (!isset($_REQUEST['text']) ) {
$DataJson = array (
'status' => 'failed',
'error' => 'Missing parameter "text".' );
} else {
if( mMessage_Send( $_REQUEST['uid'], $_REQUEST['text']) === true) {
$DataJson = array( 'status' => 'success');
} else {
$DataJson = array(
'status' => 'failed',
'error' => 'Transmitting was terminated with an Error.');
}
}
}
?>

@ -26,4 +26,26 @@ function mMessage($id) {
return null;
}
/**
* send message
*
* @param $id User ID of Reciever
* @param $text Text of Message
*/
function mMessage_Send($id, $text) {
global $user;
$text = preg_replace("/([^\p{L}\p{P}\p{Z}\p{N}\n]{1,})/ui", '', strip_tags($text));
$to = preg_replace("/([^0-9]{1,})/ui", '', strip_tags( $id));
if (($text != "" && is_numeric($to)) &&
(sql_num_query("SELECT * FROM `User` WHERE `UID`=" . sql_escape($to) . " AND NOT `UID`=" . sql_escape($user['UID']) . " LIMIT 1") > 0) ) {
sql_query("INSERT INTO `Messages` SET `Datum`=" . sql_escape(time()) . ", `SUID`=" . sql_escape($user['UID']) . ", `RUID`=" . sql_escape($to) . ", `Text`='" . sql_escape($text) . "'");
return true;
} else {
return false;
}
}
?>

@ -98,10 +98,7 @@ function user_messages() {
break;
case "send":
$text = preg_replace("/([^\p{L}\p{P}\p{Z}\p{N}\n]{1,})/ui", '', strip_tags($_REQUEST['text']));
$to = preg_replace("/([^0-9]{1,})/ui", '', strip_tags($_REQUEST['to']));
if ($text != "" && is_numeric($to) && sql_num_query("SELECT * FROM `User` WHERE `UID`=" . sql_escape($to) . " AND NOT `UID`=" . sql_escape($user['UID']) . " LIMIT 1") > 0) {
sql_query("INSERT INTO `Messages` SET `Datum`=" . sql_escape(time()) . ", `SUID`=" . sql_escape($user['UID']) . ", `RUID`=" . sql_escape($to) . ", `Text`='" . sql_escape($text) . "'");
if( mMessage_Send( $_REQUEST['to'], $_REQUEST['text']) === true) {
redirect(page_link_to("user_messages"));
} else {
return error(_("Transmitting was terminated with an Error."), true);

Loading…
Cancel
Save