bludit/bl-plugins/api/plugin.php

251 lines
5.9 KiB
PHP
Raw Normal View History

2016-05-29 19:21:11 +02:00
<?php
class pluginAPI extends Plugin {
2017-06-25 22:54:59 +02:00
private $method;
public function init()
{
// Generate the API Token
$token = md5( uniqid().time().DOMAIN );
$this->dbFields = array(
'token'=>$token, // API Token
2017-06-22 23:50:12 +02:00
'amountOfItems'=>15 // Amount of items to return
);
}
public function form()
{
2017-06-25 22:54:59 +02:00
global $Language;
2017-06-22 23:50:12 +02:00
$html = '<div>';
$html .= '<label>'.$Language->get('API Token').'</label>';
2017-06-25 22:54:59 +02:00
$html .= '<input name="token" type="text" value="'.$this->getValue('token').'">';
2017-06-22 23:50:12 +02:00
$html .= '<span class="tip">'.$Language->get('This token is for read only and is regenerated every time you install the plugin').'</span>';
$html .= '</div>';
$html .= '<div>';
2017-06-22 23:50:12 +02:00
$html .= '<label>'.$Language->get('Amount of pages').'</label>';
$html .= '<input id="jsamountOfItems" name="amountOfItems" type="text" value="'.$this->getValue('amountOfItems').'">';
$html .= '<span class="tip">'.$Language->get('The amount of pages to return when you call to /api/pages').'</span>';
$html .= '</div>';
2016-06-03 03:37:52 +02:00
return $html;
}
2016-12-01 02:39:16 +01:00
// API HOOKS
// ----------------------------------------------------------------------------
public function beforeRulesLoad()
2016-09-25 20:38:15 +02:00
{
2016-12-01 02:39:16 +01:00
global $Url;
2016-12-02 00:59:58 +01:00
global $dbPages;
global $dbUsers;
2016-09-25 20:38:15 +02:00
// CHECK URL
// ------------------------------------------------------------
2016-12-01 02:39:16 +01:00
// Check if the URI start with /api/
$startString = HTML_PATH_ROOT.'api/';
$URI = $Url->uri();
$length = mb_strlen($startString, CHARSET);
if( mb_substr($URI, 0, $length)!=$startString ) {
return false;
}
// Remove the first part of the URI
$URI = mb_substr($URI, $length);
2017-06-25 22:54:59 +02:00
// METHOD
// ------------------------------------------------------------
$method = $this->getMethod();
// INPUTS
2016-12-01 02:39:16 +01:00
// ------------------------------------------------------------
$inputs = $this->getInputs();
2016-12-01 02:39:16 +01:00
// PARAMETERS
2016-12-01 02:39:16 +01:00
// ------------------------------------------------------------
$parameters = $this->getParameters($URI);
2016-12-01 02:39:16 +01:00
// API TOKEN
// ------------------------------------------------------------
$tokenAPI = $this->getValue('token');
2016-12-01 02:39:16 +01:00
// Check empty token
if( empty($inputs['token']) ) {
$this->response(array(
'status'=>'1',
'message'=>'Missing API token.'
));
2016-12-01 02:39:16 +01:00
}
// Check the token is valid
if( $inputs['token']!=$tokenAPI ) {
$this->response(array(
'status'=>'1',
'message'=>'Invalid API token.'
));
2016-12-01 02:39:16 +01:00
}
// AUTHENTICATION TOKEN
2016-12-01 02:39:16 +01:00
// ------------------------------------------------------------
$writePermissions = false;
if( !empty($inputs['authentication']) ) {
// Get the user with the authentication token
$username = $dbUsers->getByAuthToken($inputs['authentication']);
if( $username!==false ) {
// Enable write permissions
$writePermissions = true;
2016-12-01 02:39:16 +01:00
}
}
2017-06-22 23:50:12 +02:00
// REQUESTS
// ------------------------------------------------------------
2016-12-01 02:39:16 +01:00
2017-06-22 23:50:12 +02:00
// (GET) /api/pages
if( ($method==='GET') && ($parameters[0]==='pages') && empty($parameters[1]) ) {
$data = $this->getPages();
2016-12-01 02:39:16 +01:00
}
2017-06-22 23:50:12 +02:00
// (GET) /api/pages/<key>
2016-12-01 02:39:16 +01:00
elseif( ($method==='GET') && ($parameters[0]==='pages') && !empty($parameters[1]) ) {
2016-12-01 19:09:29 +01:00
$data = $this->getPage($parameters[1]);
2016-12-01 02:39:16 +01:00
}
2017-06-22 23:50:12 +02:00
// (POST) /api/pages
elseif( ($method==='POST') && ($parameters[0]==='pages') && empty($parameters[1]) && $writePermissions ) {
$data = $this->newPage($inputs);
}
else {
$data = array(
'status'=>'1',
'message'=>'Error: URI not found or Access denied.'
);
2016-12-02 00:59:58 +01:00
}
2017-06-22 23:50:12 +02:00
$this->response($data);
2016-09-25 20:38:15 +02:00
}
// PRIVATE METHODS
2016-12-01 02:39:16 +01:00
// ----------------------------------------------------------------------------
2017-06-25 22:54:59 +02:00
private function getMethod()
{
// METHODS
// ------------------------------------------------------------
// GET
// POST
// PUT
// DELETE
$this->method = $_SERVER['REQUEST_METHOD'];
return $this->method;
}
private function getParameters($URI)
{
// PARAMETERS
// ------------------------------------------------------------
// /api/pages | GET | returns all pages
// /api/pages/{key} | GET | returns the page with the {key}
// /api/cli/regenerate | POST | check for new posts and pages
$parameters = explode('/', $URI);
// Sanitize parameters
foreach($parameters as $key=>$value) {
$parameters[$key] = Sanitize::html($value);
}
return $parameters;
}
private function getInputs()
{
2017-06-25 22:54:59 +02:00
switch($this->method) {
case "POST":
$inputs = $_POST;
break;
case "GET":
case "DELETE":
$inputs = $_GET;
break;
case "PUT":
$inputs = file_get_contents("php://input");
break;
default:
$inputs = json_encode(array());
break;
}
// Input data need to be JSON
$inputs = json_decode(file_get_contents('php://input'),true);
// Sanitize inputs
foreach($inputs as $key=>$value) {
$inputs[$key] = Sanitize::html($value);
}
return $inputs;
}
2016-12-01 19:09:29 +01:00
private function response($data=array())
{
$json = json_encode($data);
header('Content-Type: application/json');
exit($json);
}
private function getPage($key)
2016-05-29 19:21:11 +02:00
{
// Generate the object Page
$Page = buildPage($key);
if(!$Page) {
2016-12-01 19:09:29 +01:00
return array(
'status'=>'1',
'message'=>'Page not found.'
);
2016-05-29 19:21:11 +02:00
}
2017-06-22 23:50:12 +02:00
$data = array();
2016-12-01 19:09:29 +01:00
$data['status'] = '0';
2017-06-22 23:50:12 +02:00
$data['message'] = 'Page filtered by key: '.$key;
2016-12-02 00:59:58 +01:00
$data['data'] = $Page->json( $returnsArray=true );
2016-12-01 19:09:29 +01:00
return $data;
2016-05-29 19:21:11 +02:00
}
2017-06-22 23:50:12 +02:00
private function getPages()
2016-06-06 04:24:15 +02:00
{
2017-06-22 23:50:12 +02:00
global $dbPages;
$onlyPublished = true;
$amountOfItems = $this->getValue('amountOfItems');
$pageNumber = 1;
$list = $dbPages->getList($pageNumber, $amountOfItems, $onlyPublished);
2016-06-06 04:24:15 +02:00
2016-12-01 19:09:29 +01:00
$tmp = array(
'status'=>'0',
2017-06-22 23:50:12 +02:00
'message'=>'List of pages, amount of items: '.$amountOfItems,
2016-12-02 00:59:58 +01:00
'data'=>array()
2016-12-01 19:09:29 +01:00
);
2016-06-06 04:24:15 +02:00
2017-06-22 23:50:12 +02:00
// Get keys of pages
$keys = array_keys($list);
foreach($keys as $pageKey) {
// Create the page object from the page key
$page = buildPage($pageKey);
2017-06-25 22:54:59 +02:00
array_push($tmp['data'], $page->json( $returnsArray=true ));
2016-06-06 04:24:15 +02:00
}
2016-12-01 19:09:29 +01:00
return $tmp;
2016-06-06 04:24:15 +02:00
}
2017-06-22 23:50:12 +02:00
private function newPage($args)
{
// This function is defined on functions.php
return createNewPage($args);
}
2016-12-02 00:59:58 +01:00
}