2016-05-29 19:21:11 +02:00
|
|
|
<?php
|
|
|
|
|
|
|
|
|
|
class pluginAPI extends Plugin {
|
|
|
|
|
|
2017-06-25 22:54:59 +02:00
|
|
|
private $method;
|
|
|
|
|
|
2016-05-30 05:36:13 +02:00
|
|
|
public function init()
|
|
|
|
|
{
|
2017-06-22 00:21:08 +02:00
|
|
|
// Generate the API Token
|
|
|
|
|
$token = md5( uniqid().time().DOMAIN );
|
2016-06-05 03:31:07 +02:00
|
|
|
|
2016-05-30 05:36:13 +02:00
|
|
|
$this->dbFields = array(
|
2017-06-22 00:21:08 +02:00
|
|
|
'token'=>$token, // API Token
|
2017-06-22 23:50:12 +02:00
|
|
|
'amountOfItems'=>15 // Amount of items to return
|
2016-05-30 05:36:13 +02:00
|
|
|
);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
public function form()
|
|
|
|
|
{
|
2017-06-25 22:54:59 +02:00
|
|
|
global $Language;
|
|
|
|
|
|
2017-06-22 23:50:12 +02:00
|
|
|
$html = '<div>';
|
|
|
|
|
$html .= '<label>'.$Language->get('API Token').'</label>';
|
2017-06-25 22:54:59 +02:00
|
|
|
$html .= '<input name="token" type="text" value="'.$this->getValue('token').'">';
|
2017-06-22 23:50:12 +02:00
|
|
|
$html .= '<span class="tip">'.$Language->get('This token is for read only and is regenerated every time you install the plugin').'</span>';
|
2016-05-30 05:36:13 +02:00
|
|
|
$html .= '</div>';
|
|
|
|
|
|
2016-06-05 03:31:07 +02:00
|
|
|
$html .= '<div>';
|
2017-06-22 23:50:12 +02:00
|
|
|
$html .= '<label>'.$Language->get('Amount of pages').'</label>';
|
|
|
|
|
$html .= '<input id="jsamountOfItems" name="amountOfItems" type="text" value="'.$this->getValue('amountOfItems').'">';
|
2017-09-09 00:33:14 +02:00
|
|
|
$html .= '<span class="tip">'.$Language->get('This is the maximum of pages to return when you call to').'</span>';
|
2016-06-05 03:31:07 +02:00
|
|
|
$html .= '</div>';
|
2016-06-03 03:37:52 +02:00
|
|
|
|
2016-05-30 05:36:13 +02:00
|
|
|
return $html;
|
|
|
|
|
}
|
|
|
|
|
|
2016-12-01 02:39:16 +01:00
|
|
|
|
|
|
|
|
// API HOOKS
|
|
|
|
|
// ----------------------------------------------------------------------------
|
|
|
|
|
|
2017-07-05 23:30:30 +02:00
|
|
|
public function beforeAll()
|
2016-09-25 20:38:15 +02:00
|
|
|
{
|
2016-12-01 02:39:16 +01:00
|
|
|
global $Url;
|
2016-12-02 00:59:58 +01:00
|
|
|
global $dbPages;
|
2017-06-22 00:21:08 +02:00
|
|
|
global $dbUsers;
|
2016-09-25 20:38:15 +02:00
|
|
|
|
2017-06-22 00:21:08 +02:00
|
|
|
// CHECK URL
|
|
|
|
|
// ------------------------------------------------------------
|
2017-07-29 01:20:47 +02:00
|
|
|
$URI = $this->webhook('api', $returnsAfterURI=true, $fixed=false);
|
2017-07-19 22:50:08 +02:00
|
|
|
if ($URI===false) {
|
2016-12-01 02:39:16 +01:00
|
|
|
return false;
|
|
|
|
|
}
|
|
|
|
|
|
2017-06-25 22:54:59 +02:00
|
|
|
// METHOD
|
|
|
|
|
// ------------------------------------------------------------
|
|
|
|
|
$method = $this->getMethod();
|
|
|
|
|
|
2017-07-19 22:50:08 +02:00
|
|
|
// METHOD INPUTS
|
2016-12-01 02:39:16 +01:00
|
|
|
// ------------------------------------------------------------
|
2017-07-19 22:50:08 +02:00
|
|
|
$inputs = $this->getMethodInputs();
|
2016-12-01 02:39:16 +01:00
|
|
|
|
2017-07-19 22:50:08 +02:00
|
|
|
if ( empty($inputs) ) {
|
2017-08-30 20:02:31 +02:00
|
|
|
$this->response(404, 'Not Found', array('message'=>'Missing method inputs.'));
|
2017-07-07 23:38:01 +02:00
|
|
|
}
|
|
|
|
|
|
2017-07-19 22:50:08 +02:00
|
|
|
// ENDPOINT PARAMETERS
|
2016-12-01 02:39:16 +01:00
|
|
|
// ------------------------------------------------------------
|
2017-07-19 22:50:08 +02:00
|
|
|
$parameters = $this->getEndpointParameters($URI);
|
2016-12-01 02:39:16 +01:00
|
|
|
|
2017-07-19 22:50:08 +02:00
|
|
|
if ( empty($parameters) ) {
|
2017-08-30 20:02:31 +02:00
|
|
|
$this->response(404, 'Not Found', array('message'=>'Missing endpoint parameters.'));
|
2017-07-07 23:38:01 +02:00
|
|
|
}
|
|
|
|
|
|
2017-06-22 00:21:08 +02:00
|
|
|
// API TOKEN
|
|
|
|
|
// ------------------------------------------------------------
|
2017-08-30 20:02:31 +02:00
|
|
|
// Token from the plugin, the user can change it on the settings of the plugin
|
2017-06-22 00:21:08 +02:00
|
|
|
$tokenAPI = $this->getValue('token');
|
2016-12-01 02:39:16 +01:00
|
|
|
|
2017-06-22 00:21:08 +02:00
|
|
|
// Check empty token
|
2017-07-19 22:50:08 +02:00
|
|
|
if ( empty($inputs['token']) ) {
|
2017-08-30 20:02:31 +02:00
|
|
|
$this->response(404, 'Not Found', array('message'=>'Missing API token.'));
|
2016-12-01 02:39:16 +01:00
|
|
|
}
|
2017-06-22 00:21:08 +02:00
|
|
|
|
2017-08-30 20:02:31 +02:00
|
|
|
// Check if the token is valid
|
2017-07-19 22:50:08 +02:00
|
|
|
if ($inputs['token']!==$tokenAPI) {
|
|
|
|
|
$this->response(401, 'Unauthorized', array('message'=>'Invalid API token.'));
|
2016-12-01 02:39:16 +01:00
|
|
|
}
|
|
|
|
|
|
2017-06-22 00:21:08 +02:00
|
|
|
// AUTHENTICATION TOKEN
|
2016-12-01 02:39:16 +01:00
|
|
|
// ------------------------------------------------------------
|
2017-06-22 00:21:08 +02:00
|
|
|
$writePermissions = false;
|
2017-07-19 22:50:08 +02:00
|
|
|
if ( !empty($inputs['authentication']) ) {
|
2017-06-22 00:21:08 +02:00
|
|
|
// Get the user with the authentication token
|
|
|
|
|
$username = $dbUsers->getByAuthToken($inputs['authentication']);
|
2017-07-19 22:50:08 +02:00
|
|
|
if ($username!==false) {
|
2017-06-22 00:21:08 +02:00
|
|
|
// Enable write permissions
|
|
|
|
|
$writePermissions = true;
|
2016-12-01 02:39:16 +01:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2017-07-19 22:50:08 +02:00
|
|
|
// ENDPOINTS
|
2017-06-22 23:50:12 +02:00
|
|
|
// ------------------------------------------------------------
|
2016-12-01 02:39:16 +01:00
|
|
|
|
2017-06-22 23:50:12 +02:00
|
|
|
// (GET) /api/pages
|
2017-07-19 22:50:08 +02:00
|
|
|
if ( ($method==='GET') && ($parameters[0]==='pages') && empty($parameters[1]) ) {
|
2017-06-22 23:50:12 +02:00
|
|
|
$data = $this->getPages();
|
2016-12-01 02:39:16 +01:00
|
|
|
}
|
2017-06-22 23:50:12 +02:00
|
|
|
// (GET) /api/pages/<key>
|
2017-07-19 22:50:08 +02:00
|
|
|
elseif ( ($method==='GET') && ($parameters[0]==='pages') && !empty($parameters[1]) ) {
|
2016-12-01 19:09:29 +01:00
|
|
|
$data = $this->getPage($parameters[1]);
|
2016-12-01 02:39:16 +01:00
|
|
|
}
|
2017-06-22 23:50:12 +02:00
|
|
|
// (POST) /api/pages
|
2017-07-19 22:50:08 +02:00
|
|
|
elseif ( ($method==='POST') && ($parameters[0]==='pages') && empty($parameters[1]) && $writePermissions ) {
|
2017-06-22 23:50:12 +02:00
|
|
|
$data = $this->newPage($inputs);
|
|
|
|
|
}
|
|
|
|
|
else {
|
2017-07-19 22:50:08 +02:00
|
|
|
$this->response(401, 'Unauthorized', array('message'=>'Access denied or invalid endpoint.'));
|
2016-12-02 00:59:58 +01:00
|
|
|
}
|
2017-06-22 23:50:12 +02:00
|
|
|
|
2017-07-19 22:50:08 +02:00
|
|
|
$this->response(200, 'OK', $data);
|
2016-09-25 20:38:15 +02:00
|
|
|
}
|
|
|
|
|
|
2017-06-22 00:21:08 +02:00
|
|
|
// PRIVATE METHODS
|
2016-12-01 02:39:16 +01:00
|
|
|
// ----------------------------------------------------------------------------
|
|
|
|
|
|
2017-06-25 22:54:59 +02:00
|
|
|
private function getMethod()
|
|
|
|
|
{
|
|
|
|
|
// METHODS
|
|
|
|
|
// ------------------------------------------------------------
|
|
|
|
|
// GET
|
|
|
|
|
// POST
|
|
|
|
|
// PUT
|
|
|
|
|
// DELETE
|
|
|
|
|
|
|
|
|
|
$this->method = $_SERVER['REQUEST_METHOD'];
|
|
|
|
|
return $this->method;
|
|
|
|
|
}
|
|
|
|
|
|
2017-07-19 22:50:08 +02:00
|
|
|
private function getMethodInputs()
|
2017-06-22 00:21:08 +02:00
|
|
|
{
|
2017-06-25 22:54:59 +02:00
|
|
|
switch($this->method) {
|
2017-06-22 00:21:08 +02:00
|
|
|
case "POST":
|
|
|
|
|
$inputs = $_POST;
|
|
|
|
|
break;
|
|
|
|
|
case "GET":
|
|
|
|
|
case "DELETE":
|
|
|
|
|
$inputs = $_GET;
|
|
|
|
|
break;
|
|
|
|
|
case "PUT":
|
|
|
|
|
$inputs = file_get_contents("php://input");
|
|
|
|
|
break;
|
|
|
|
|
default:
|
|
|
|
|
$inputs = json_encode(array());
|
|
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
|
2017-07-07 23:38:01 +02:00
|
|
|
return $this->cleanInputs($inputs);
|
|
|
|
|
}
|
2017-06-22 00:21:08 +02:00
|
|
|
|
2017-07-19 22:50:08 +02:00
|
|
|
private function getEndpointParameters($URI)
|
|
|
|
|
{
|
|
|
|
|
// ENDPOINT Parameters
|
|
|
|
|
// ------------------------------------------------------------
|
|
|
|
|
// /api/pages | GET | returns all pages
|
|
|
|
|
// /api/pages/{key} | GET | returns the page with the {key}
|
|
|
|
|
// /api/pages | POST | create a new page
|
|
|
|
|
|
2017-08-30 20:02:31 +02:00
|
|
|
$URI = ltrim($URI, '/');
|
2017-07-19 22:50:08 +02:00
|
|
|
$parameters = explode('/', $URI);
|
|
|
|
|
|
|
|
|
|
// Sanitize parameters
|
|
|
|
|
foreach ($parameters as $key=>$value) {
|
|
|
|
|
$parameters[$key] = Sanitize::html($value);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return $parameters;
|
|
|
|
|
}
|
|
|
|
|
|
2017-07-07 23:38:01 +02:00
|
|
|
private function cleanInputs($inputs)
|
|
|
|
|
{
|
|
|
|
|
$tmp = array();
|
2017-07-19 22:50:08 +02:00
|
|
|
if ( is_array($inputs) ) {
|
2017-07-07 23:38:01 +02:00
|
|
|
foreach($inputs as $key=>$value) {
|
|
|
|
|
$tmp[$key] = Sanitize::html($value);
|
|
|
|
|
}
|
2017-07-19 22:50:08 +02:00
|
|
|
} elseif ( is_string($inputs) ) {
|
2017-07-07 23:38:01 +02:00
|
|
|
$tmp = json_decode($inputs, true);
|
|
|
|
|
if(json_last_error()===0) {
|
|
|
|
|
$tmp = array();
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
return $tmp;
|
2017-06-22 00:21:08 +02:00
|
|
|
}
|
|
|
|
|
|
2017-07-19 22:50:08 +02:00
|
|
|
private function response($code=200, $message='OK', $data=array())
|
2016-12-01 19:09:29 +01:00
|
|
|
{
|
2017-07-19 22:50:08 +02:00
|
|
|
header('HTTP/1.1 '.$code.' '.$message);
|
2017-08-30 20:02:31 +02:00
|
|
|
header('Access-Control-Allow-Origin: *');
|
2016-12-01 19:09:29 +01:00
|
|
|
header('Content-Type: application/json');
|
2017-07-19 22:50:08 +02:00
|
|
|
$json = json_encode($data);
|
2016-12-01 19:09:29 +01:00
|
|
|
exit($json);
|
|
|
|
|
}
|
|
|
|
|
|
2016-05-30 05:36:13 +02:00
|
|
|
private function getPage($key)
|
2016-05-29 19:21:11 +02:00
|
|
|
{
|
|
|
|
|
// Generate the object Page
|
|
|
|
|
$Page = buildPage($key);
|
|
|
|
|
|
2017-07-19 22:50:08 +02:00
|
|
|
if (!$Page) {
|
2016-12-01 19:09:29 +01:00
|
|
|
return array(
|
|
|
|
|
'status'=>'1',
|
|
|
|
|
'message'=>'Page not found.'
|
|
|
|
|
);
|
2016-05-29 19:21:11 +02:00
|
|
|
}
|
|
|
|
|
|
2017-06-22 23:50:12 +02:00
|
|
|
$data = array();
|
2016-12-01 19:09:29 +01:00
|
|
|
$data['status'] = '0';
|
2017-06-22 23:50:12 +02:00
|
|
|
$data['message'] = 'Page filtered by key: '.$key;
|
2016-12-02 00:59:58 +01:00
|
|
|
$data['data'] = $Page->json( $returnsArray=true );
|
2016-12-01 19:09:29 +01:00
|
|
|
|
|
|
|
|
return $data;
|
2016-05-29 19:21:11 +02:00
|
|
|
}
|
|
|
|
|
|
2017-06-22 23:50:12 +02:00
|
|
|
private function getPages()
|
2016-06-06 04:24:15 +02:00
|
|
|
{
|
2017-06-22 23:50:12 +02:00
|
|
|
global $dbPages;
|
|
|
|
|
|
|
|
|
|
$onlyPublished = true;
|
|
|
|
|
$amountOfItems = $this->getValue('amountOfItems');
|
|
|
|
|
$pageNumber = 1;
|
|
|
|
|
$list = $dbPages->getList($pageNumber, $amountOfItems, $onlyPublished);
|
2016-06-06 04:24:15 +02:00
|
|
|
|
2016-12-01 19:09:29 +01:00
|
|
|
$tmp = array(
|
|
|
|
|
'status'=>'0',
|
2017-06-22 23:50:12 +02:00
|
|
|
'message'=>'List of pages, amount of items: '.$amountOfItems,
|
2016-12-02 00:59:58 +01:00
|
|
|
'data'=>array()
|
2016-12-01 19:09:29 +01:00
|
|
|
);
|
2016-06-06 04:24:15 +02:00
|
|
|
|
2017-06-22 23:50:12 +02:00
|
|
|
// Get keys of pages
|
|
|
|
|
$keys = array_keys($list);
|
2017-07-19 22:50:08 +02:00
|
|
|
foreach ($keys as $pageKey) {
|
2017-06-22 23:50:12 +02:00
|
|
|
// Create the page object from the page key
|
|
|
|
|
$page = buildPage($pageKey);
|
2017-06-25 22:54:59 +02:00
|
|
|
array_push($tmp['data'], $page->json( $returnsArray=true ));
|
2016-06-06 04:24:15 +02:00
|
|
|
}
|
|
|
|
|
|
2016-12-01 19:09:29 +01:00
|
|
|
return $tmp;
|
2016-06-06 04:24:15 +02:00
|
|
|
}
|
|
|
|
|
|
2017-07-07 23:38:01 +02:00
|
|
|
private function createPage($args)
|
2017-06-22 23:50:12 +02:00
|
|
|
{
|
|
|
|
|
// This function is defined on functions.php
|
2017-07-07 23:38:01 +02:00
|
|
|
return createPage($args);
|
2017-06-22 23:50:12 +02:00
|
|
|
}
|
|
|
|
|
|
2016-12-02 00:59:58 +01:00
|
|
|
}
|
