API Plugin improves

This commit is contained in:
dignajar 2016-11-30 22:39:16 -03:00
parent e1e612bfb0
commit 3c2ddf7804
2 changed files with 130 additions and 96 deletions

View File

@ -7,10 +7,10 @@ define('BLUDIT_RELEASE_DATE', '2016-10-11');
define('BLUDIT_BUILD', '20161011'); define('BLUDIT_BUILD', '20161011');
// Debug mode // Debug mode
// Change to FALSE, for prevent warning or error on browser
define('DEBUG_MODE', TRUE); define('DEBUG_MODE', TRUE);
error_reporting(0); // Turn off all error reporting error_reporting(0); // Turn off all error reporting
if(DEBUG_MODE) if(DEBUG_MODE) {
{
// Turn on all error reporting // Turn on all error reporting
ini_set("display_errors", 1); ini_set("display_errors", 1);
ini_set('display_startup_errors',1); ini_set('display_startup_errors',1);
@ -90,7 +90,7 @@ define('NO_PARENT_CHAR', '3849abb4cb7abd24c2d8dac17b216f17');
// Post per page on Manage->Posts // Post per page on Manage->Posts
define('POSTS_PER_PAGE_ADMIN', 10); define('POSTS_PER_PAGE_ADMIN', 10);
// Cli mode status for new posts/pages // Enable or disable Cli mode
define('CLI_MODE', FALSE); define('CLI_MODE', FALSE);
// Cli mode status for new posts/pages // Cli mode status for new posts/pages
@ -99,7 +99,7 @@ define('CLI_STATUS', 'published');
// Cli mode username for new posts/pages // Cli mode username for new posts/pages
define('CLI_USERNAME', 'admin'); define('CLI_USERNAME', 'admin');
// Filename for posts and pages, you can change for example, for index.md // Filename for posts and pages, you can change it, for example, for index.md
define('FILENAME', 'index.txt'); define('FILENAME', 'index.txt');
// Database date format // Database date format
@ -117,8 +117,8 @@ define('TOKEN_EMAIL_TTL', '+15 minutes');
// Charset, default UTF-8. // Charset, default UTF-8.
define('CHARSET', 'UTF-8'); define('CHARSET', 'UTF-8');
// EXTREME FRIENDLY URL, TRUE for dissmiss internet standard // EXTREME FRIENDLY URL, TRUE for dissmiss internet standard. Experimental!
define('EXTREME_FRIENDLY_URL', false); define('EXTREME_FRIENDLY_URL', FALSE);
// Directory permissions // Directory permissions
define('DIR_PERMISSIONS', 0755); define('DIR_PERMISSIONS', 0755);

View File

@ -7,12 +7,13 @@ class pluginAPI extends Plugin {
global $Security; global $Security;
// This key is used for request such as get the list of all posts and pages // This key is used for request such as get the list of all posts and pages
$authKey = md5($Security->key1().time().DOMAIN); $token = md5($Security->key1().time().DOMAIN);
$this->dbFields = array( $this->dbFields = array(
'ping'=>1, // 0 = false, 1 = true 'ping'=>0, // 0 = false, 1 = true
'authKey'=>$authKey, // Private key 'token'=>$token, // Private key
'showAllAmount'=>15 // Amount of posts and pages for return 'showAllAmount'=>15, // Amount of posts and pages for return
'authentication'=>1 // Authentication required
); );
} }
@ -28,17 +29,17 @@ class pluginAPI extends Plugin {
$html .= '</div>'; $html .= '</div>';
$html .= '<div>'; $html .= '<div>';
$html .= '<p><b>Authorization Key:</b> '.$this->getDbField('authKey').'</p>'; $html .= '<p><b>Authorization Key:</b> '.$this->getDbField('token').'</p>';
$html .= '<div class="tip">This key is private, do not share it with anyone.</div>'; $html .= '<div class="tip">This key is private, do not share it with anyone.</div>';
$html .= '</div>'; $html .= '</div>';
$html .= '<div>'; $html .= '<div>';
$html .= '<p><b>Show all posts:</b> <a href="'.DOMAIN_BASE.'api/show/all/posts/'.$this->getDbField('authKey').'">'.DOMAIN_BASE.'api/show/all/posts/'.$this->getDbField('authKey').'</a></p>'; $html .= '<p><b>Show all posts:</b> <a href="'.DOMAIN_BASE.'api/show/all/posts/'.$this->getDbField('token').'">'.DOMAIN_BASE.'api/show/all/posts/'.$this->getDbField('token').'</a></p>';
$html .= '<div class="tip">Get all posts from this site.</div>'; $html .= '<div class="tip">Get all posts from this site.</div>';
$html .= '</div>'; $html .= '</div>';
$html .= '<div>'; $html .= '<div>';
$html .= '<p><b>Show all pages:</b> <a href="'.DOMAIN_BASE.'api/show/all/pages/'.$this->getDbField('authKey').'">'.DOMAIN_BASE.'api/show/all/pages/'.$this->getDbField('authKey').'</a></p>'; $html .= '<p><b>Show all pages:</b> <a href="'.DOMAIN_BASE.'api/show/all/pages/'.$this->getDbField('token').'">'.DOMAIN_BASE.'api/show/all/pages/'.$this->getDbField('token').'</a></p>';
$html .= '<div class="tip">Get all pages from this site.</div>'; $html .= '<div class="tip">Get all pages from this site.</div>';
$html .= '</div>'; $html .= '</div>';
@ -55,11 +56,6 @@ class pluginAPI extends Plugin {
return $html; return $html;
} }
public function afterFormSave()
{
$this->ping();
}
public function install($position=0) public function install($position=0)
{ {
parent::install($position); parent::install($position);
@ -67,14 +63,128 @@ class pluginAPI extends Plugin {
$this->ping(); $this->ping();
} }
// API HOOKS
// ----------------------------------------------------------------------------
public function afterFormSave()
{
$this->ping();
}
public function beforeRulesLoad()
{
global $Url;
// Check if the URI start with /api/
$startString = HTML_PATH_ROOT.'api/';
$URI = $Url->uri();
$length = mb_strlen($startString, CHARSET);
if( mb_substr($URI, 0, $length)!=$startString ) {
return false;
}
// Remove the first part of the URI
$URI = mb_substr($URI, $length);
// METHODS
// ------------------------------------------------------------
// GET
// POST
// PUT
// DELETE
$method = $_SERVER['REQUEST_METHOD'];
// INPUTS
// ------------------------------------------------------------
// token | authentication token
$inputs = json_decode(file_get_contents('php://input'),true);
if( empty($inputs) ) {
// Default variables for $input
$inputs = array(
'token'=>''
);
}
else {
// Sanitize inputs
foreach( $inputs as $key=>$value ) {
if(empty($value)) {
return false;
} else {
$inputs[$key] = Sanitize::html($value);
}
}
}
// PARAMETERS
// ------------------------------------------------------------
// /api/posts | GET | returns all posts
// /api/posts/{slug} | GET | returns the post with the {slug}
// /api/pages | GET | returns all pages
// /api/pages/{slug} | GET | returns the page with the {slug}
// /api/cli/regenerate | PUT | check for new posts and pages
$parameters = explode('/', $URI);
// Sanitize parameters
foreach( $parameters as $key=>$value ) {
if(empty($value)) {
return false;
} else {
$parameters[$key] = Sanitize::html($value);
}
}
// Check authentication
if( $this->getDbField('authentication')==1 ) {
if( $inputs['token']!=$this->getDbField('token') ) {
return false;
}
}
// Default JSON
$json = json_encode(array(
'status'=>'0', // 0 = ok, 1 = error
'bludit'=>'Bludit API plugin',
'message'=>'Missing parameters, check the URL.'
));
// /api/posts
if( ($method==='GET') && ($parameters[0]==='posts') && empty($parameters[1]) ) {
$json = $this->getAllPosts();
}
// /api/pages
elseif( ($method==='GET') && ($parameters[0]==='pages') && empty($parameters[1]) ) {
$json = $this->getAllPages();
}
// /api/posts/{slug}
elseif( ($method==='GET') && ($parameters[0]==='posts') && !empty($parameters[1]) ) {
$json = $this->getPost($key);
}
// /api/pages/{slug}
elseif( ($method==='GET') && ($parameters[0]==='pages') && !empty($parameters[1]) ) {
$json = $this->getPage($key);
}
// Print the JSON
header('Content-Type: application/json');
exit($json);
}
// FUNCTIONS
// ----------------------------------------------------------------------------
private function ping() private function ping()
{ {
if($this->getDbField('ping')) { if($this->getDbField('ping')) {
// Get the authentication key // Get the authentication key
$authKey = $this->getDbField('authKey'); $token = $this->getDbField('token');
$url = 'https://api.bludit.com/ping?authKey='.$authKey.'&url='.DOMAIN_BASE; $url = 'https://api.bludit.com/ping?token='.$token.'&url='.DOMAIN_BASE;
// Check if curl is installed // Check if curl is installed
if( function_exists('curl_version') ) { if( function_exists('curl_version') ) {
@ -165,80 +275,4 @@ class pluginAPI extends Plugin {
return json_encode($tmp); return json_encode($tmp);
} }
public function beforeRulesLoad()
{
global $Url;
// The URI start with /api/
$startString = HTML_PATH_ROOT.'api/';
$URI = $Url->uri();
$length = mb_strlen($startString, CHARSET);
if( mb_substr($URI, 0, $length)!=$startString ) {
return false;
}
// Remove the first part of the URI
$URI = mb_substr($URI, $length);
// Parameters
// ------------------------------------------------------------
// show post {post slug}
// show page {page slug}
// show all posts {AUTH KEY}
// show all pages {AUTH KEY}
// Get parameters
$parameters = explode('/', $URI);
for($i=0; $i<3; $i++) {
if(empty($parameters[$i])) {
return false;
} else {
// Sanizite
$parameters[$i] = Sanitize::html($parameters[$i]);
}
}
// Default JSON
$json = json_encode(array(
'status'=>'0',
'bludit'=>'Bludit API plugin',
'message'=>'Check the parameters'
));
if($parameters[0]==='show') {
if($parameters[1]==='all') {
// Authentication key from the URI
$authKey = $parameters[3];
// Compare keys
if( $authKey===$this->getDbField('authKey') ) {
if($parameters[2] === 'posts') {
$json = $this->getAllPosts();
}
elseif($parameters[2] === 'pages') {
$json = $this->getAllPages();
}
}
}
elseif($parameters[1]==='post' || $parameters[1]==='page') {
$key = $parameters[2];
if($parameters[1] === 'post') {
$json = $this->getPost($key);
}
elseif($parameters[1] === 'page') {
$json = $this->getPage($key);
}
}
}
// Print the JSON
header('Content-Type: application/json');
exit($json);
}
} }