cookie-0005-API-add-getApiKey.patch

main
Philip Häusler 11 years ago
parent 316c18f912
commit 9dc5dbe3b6

@ -16,16 +16,27 @@ Testing API calls (using curl):
$ curl -d '{"key":"<key>","cmd":"getVersion"}' '<Address>/?p=api' $ curl -d '{"key":"<key>","cmd":"getVersion"}' '<Address>/?p=api'
Methods: Methods without key:
-------- --------------------
getVersion getVersion
Description: Description:
Returns API version. Returns API version.
Parameters: Parameters:
nothing nothing
Return Example: Return Example:
{"version": "1"} {"status":"success","version": "1"}
getApiKey
Description:
Returns API Key version.
Parameters:
user (string)
pw (string)
Return Example:
{"status":"success","Key":"1234567890123456789012"}
Methods with Key:
-----------------
getRoom getRoom
Description: Description:
Returns a list of all Rooms (no id set) or details of a single Room (requested id) Returns a list of all Rooms (no id set) or details of a single Room (requested id)
@ -66,7 +77,9 @@ getShift
3 occupied and free 3 occupied and free
Return Example: Return Example:
[{"SID":"1"},{"SID":"2"},{"SID":"3"}] [{"SID":"1"},{"SID":"2"},{"SID":"3"}]
{"SID":"1","start":"1388185200","end":"1388199600","RID":"1","name":"Shift 1","URL":null,"PSID":null} {"SID":"10","start":"1388264400","end":"1388271600","RID":"1","name":"Shift 1","URL":null,"PSID":null,\
"ShiftEntry":[{"TID":"8","UID":"4","freeloaded":"0"}],
"NeedAngels":[{"TID":"8","count":"1","restricted":"0","taken":1},{"TID":"9","count":"2","restricted":"0","taken":0}]}
getMessage getMessage
Description: Description:
@ -87,37 +100,51 @@ getMessage
function api_controller() { function api_controller() {
global $DataJson, $_REQUEST; global $DataJson, $_REQUEST;
header("Content-Type: application/json; charset=utf-8");
// decode JSON request // decode JSON request
$input = file_get_contents("php://input"); $input = file_get_contents("php://input");
$input = json_decode($input, true); $input = json_decode($input, true);
$_REQUEST = $input; $_REQUEST = $input;
// get command
$cmd='';
if (isset($_REQUEST['cmd']) )
$cmd = strtolower( $_REQUEST['cmd']);
// decode commands, without key
switch( $cmd) {
case 'getversion':
getVersion();
die( json_encode($DataJson));
break;
case 'getapikey':
getApiKey();
die( json_encode($DataJson));
break;
}
// get API KEY // get API KEY
if (isset($_REQUEST['key']) && preg_match("/^[0-9a-f]{32}$/", $_REQUEST['key'])) if (isset($_REQUEST['key']) && preg_match("/^[0-9a-f]{32}$/", $_REQUEST['key']))
$key = $_REQUEST['key']; $key = $_REQUEST['key'];
else else
die("Missing key."); die( json_encode( array (
'status' => 'failed',
'error' => 'Missing parameter "key".' )));
// check API key // check API key
$user = User_by_api_key($key); $user = User_by_api_key($key);
if ($user === false) if ($user === false)
die("Unable to find user."); die( json_encode( array (
'status' => 'failed',
'error' => 'Unable to find user' )));
if ($user == null) if ($user == null)
die("Key invalid."); die( json_encode( array (
'status' => 'failed',
// get command 'error' => 'Key invalid.' )));
$cmd='';
if (isset($_REQUEST['cmd']) )
$cmd = strtolower( $_REQUEST['cmd']);
// decode command // decode command
switch( $cmd) { switch( $cmd) {
case 'echo':
$DataJson = $input;
break;
case 'getversion':
getVersion();
break;
case 'getroom': case 'getroom':
getRoom(); getRoom();
break; break;
@ -134,11 +161,18 @@ function api_controller() {
getMessage(); getMessage();
break; break;
default: default:
die("Unknown Command (". $cmd. ")"); $DataJson = array (
'status' => 'failed',
'error' => 'Unknown Command "'. $cmd. '"' );
} }
// check
if( $DataJson === false) {
$DataJson = array (
'status' => 'failed',
'error' => 'DataJson === false' );
}
header("Content-Type: application/json; charset=utf-8");
echo json_encode($DataJson); echo json_encode($DataJson);
die(); die();
} }
@ -148,9 +182,54 @@ function api_controller() {
*/ */
function getVersion(){ function getVersion(){
global $DataJson; global $DataJson;
$DataJson['Version'] = 1;
$DataJson = array(
'status' => 'success',
'Version' => 1);
} }
/**
* Get API Key
*/
function getApiKey(){
global $DataJson, $_REQUEST;
if (!isset($_REQUEST['user']) ) {
$DataJson = array (
'status' => 'failed',
'error' => 'Missing parameter "user".' );
}
elseif (!isset($_REQUEST['pw']) ) {
$DataJson = array (
'status' => 'failed',
'error' => 'Missing parameter "pw".' );
} else {
$Erg = sql_select( "SELECT `UID`, `Passwort`, `api_key` FROM `User` WHERE `Nick`='" . sql_escape($_REQUEST['user']) . "'");
if (count($Erg) == 1) {
$Erg = $Erg[0];
if (verify_password( $_REQUEST['pw'], $Erg["Passwort"], $Erg["UID"])) {
$key = $Erg["api_key"];
$DataJson = array(
'status' => 'success',
'Key' => $key);
} else {
$DataJson = array (
'status' => 'failed',
'error' => 'PW wrong' );
}
} else {
$DataJson = array (
'status' => 'failed',
'error' => 'User not found.' );
}
}
sleep(1);
}
/** /**
* Get Room * Get Room
*/ */

@ -3,14 +3,14 @@
/** /**
* Returns all needed angeltypes and already taken needs. * Returns all needed angeltypes and already taken needs.
* *
* @param Shift $shift * @param shiftID id of shift
*/ */
function NeededAngelTypes_by_shift($shift) { function NeededAngelTypes_by_shift($shiftId) {
$needed_angeltypes_source = sql_select(" $needed_angeltypes_source = sql_select("
SELECT `NeededAngelTypes`.*, `AngelTypes`.`name`, `AngelTypes`.`restricted` SELECT `NeededAngelTypes`.*, `AngelTypes`.`name`, `AngelTypes`.`restricted`
FROM `NeededAngelTypes` FROM `NeededAngelTypes`
JOIN `AngelTypes` ON `AngelTypes`.`id` = `NeededAngelTypes`.`angel_type_id` JOIN `AngelTypes` ON `AngelTypes`.`id` = `NeededAngelTypes`.`angel_type_id`
WHERE `shift_id`=" . sql_escape($shift['SID']) . " WHERE `shift_id`=" . sql_escape($shiftId) . "
AND `count` > 0 AND `count` > 0
ORDER BY `room_id` DESC ORDER BY `room_id` DESC
"); ");
@ -23,7 +23,7 @@ function NeededAngelTypes_by_shift($shift) {
SELECT `NeededAngelTypes`.*, `AngelTypes`.`name`, `AngelTypes`.`restricted` SELECT `NeededAngelTypes`.*, `AngelTypes`.`name`, `AngelTypes`.`restricted`
FROM `NeededAngelTypes` FROM `NeededAngelTypes`
JOIN `AngelTypes` ON `AngelTypes`.`id` = `NeededAngelTypes`.`angel_type_id` JOIN `AngelTypes` ON `AngelTypes`.`id` = `NeededAngelTypes`.`angel_type_id`
WHERE `room_id`=" . sql_escape($shift['RID']) . " WHERE `room_id`=" . sql_escape($shiftId) . "
AND `count` > 0 AND `count` > 0
ORDER BY `room_id` DESC ORDER BY `room_id` DESC
"); ");
@ -33,7 +33,7 @@ function NeededAngelTypes_by_shift($shift) {
$needed_angeltypes = array(); $needed_angeltypes = array();
foreach ($needed_angeltypes_source as $angeltype) { foreach ($needed_angeltypes_source as $angeltype) {
$shift_entries = ShiftEntries_by_shift_and_angeltype($shift['SID'], $angeltype['angel_type_id']); $shift_entries = ShiftEntries_by_shift_and_angeltype($shiftId, $angeltype['angel_type_id']);
if ($shift_entries === false) if ($shift_entries === false)
return false; return false;

@ -51,10 +51,27 @@ return null;
*/ */
function mShift($id) { function mShift($id) {
$shifts_source = sql_select("SELECT * FROM `Shifts` WHERE `SID`=" . sql_escape($id) . " LIMIT 1"); $shifts_source = sql_select("SELECT * FROM `Shifts` WHERE `SID`=" . sql_escape($id) . " LIMIT 1");
$shiftsEntry_source = sql_select("SELECT `TID` , `UID` , `freeloaded` FROM `ShiftEntry` WHERE `SID`=" . sql_escape($id) );
if ($shifts_source === false) if ($shifts_source === false)
return false; return false;
if (count($shifts_source) > 0) if (count($shifts_source) > 0) {
return $shifts_source[0]; $result = $shifts_source[0];
$result['ShiftEntry'] = $shiftsEntry_source;
$temp = NeededAngelTypes_by_shift($id);
foreach( $temp as $e)
{
$result['NeedAngels'][] = array (
'TID' => $e['angel_type_id'],
'count' => $e['count'],
'restricted' => $e['restricted'],
'taken' => $e['taken'] );
}
return $result;
}
return null; return null;
} }
@ -71,7 +88,7 @@ function Shifts() {
return false; return false;
foreach ($shifts_source as &$shift) { foreach ($shifts_source as &$shift) {
$needed_angeltypes = NeededAngelTypes_by_shift($shift); $needed_angeltypes = NeededAngelTypes_by_shift($shift['SID']);
if ($needed_angeltypes === false) if ($needed_angeltypes === false)
return false; return false;

Loading…
Cancel
Save