bug fixes: media manager and plugin API

This commit is contained in:
Diego Najar 2018-08-10 15:41:23 +02:00
parent 39d409ccc7
commit 6d067b036c
5 changed files with 41 additions and 22 deletions

View File

@ -111,7 +111,7 @@ function getFiles(pageNumber) {
$.post("<?php echo HTML_PATH_ADMIN_ROOT ?>ajax/list-files",
{ tokenCSRF: tokenCSRF,
pageNumber: pageNumber,
path: "<?php echo PATH_UPLOADS_THUMBNAILS ?>"
path: "thumbnails" // the path are defined in the list-files
},
function(data) {
displayFiles(data.files);

View File

@ -10,8 +10,9 @@ $pageNumber = $pageNumber - 1;
// (string) $_POST['path']
$path = isset($_POST['path']) ? $_POST['path'] : false;
// ----------------------------------------------------------------------------
if ($path==false) {
if ($path=='thumbnails') {
$path = PATH_UPLOADS_THUMBNAILS;
} else {
exit (json_encode(array(
'status'=>1,
'files'=>'Invalid path.'

View File

@ -58,9 +58,11 @@ class Pages extends dbJSON {
// Check values on args and set default values if not exists
foreach ($this->dbFields as $field=>$value) {
if ($field=='tags') {
if (!empty($args['tags'])) {
$finalValue = $this->generateTags($args['tags']);
$tags = '';
if (isset($args['tags'])) {
$tags = $args['tags'];
}
$finalValue = $this->generateTags($tags);
} elseif (isset($args[$field])) {
// Sanitize if will be stored on database
$finalValue = Sanitize::html($args[$field]);
@ -150,7 +152,11 @@ class Pages extends dbJSON {
// Check values on args or set default values
foreach ($this->dbFields as $field=>$value) {
if ($field=='tags') {
$finalValue = $this->generateTags($args['tags']);
$tags = '';
if (isset($args['tags'])) {
$tags = $args['tags'];
}
$finalValue = $this->generateTags($tags);
} elseif (isset($args[$field])) {
// Sanitize if will be stored on database
$finalValue = Sanitize::html($args[$field]);

View File

@ -98,14 +98,13 @@ class pluginAPI extends Plugin {
// AUTHENTICATION TOKEN
// ------------------------------------------------------------
$writePermissions = false;
if ( !empty($inputs['authentication']) ) {
if (!empty($inputs['authentication'])) {
// Get the user with the authentication token, FALSE if doesn't exit
$username = $users->getByAuthToken($inputs['authentication']);
if ($username!==false) {
// Get the object user to check the role
$user = $users->getUser($username);
try {
$user = new User($username);
if (($user->role()=='admin') && ($user->enabled())) {
// Loggin the user to create the session
$login = new Login();
@ -113,6 +112,9 @@ class pluginAPI extends Plugin {
// Enable write permissions
$writePermissions = true;
}
} catch (Exception $e) {
// Continue without permissions
}
}
}
@ -249,7 +251,7 @@ class pluginAPI extends Plugin {
$tmp = array(
'status'=>'0',
'message'=>'List of pages, amount of items: '.$numberOfItems,
'message'=>'List of pages, number of items: '.$numberOfItems,
'data'=>array()
);
@ -293,7 +295,6 @@ class pluginAPI extends Plugin {
// This function is defined on functions.php
$key = createPage($args);
if ($key===false) {
return array(
'status'=>'1',
@ -312,7 +313,7 @@ class pluginAPI extends Plugin {
{
// Unsanitize content because all values are sanitized
if (isset($args['content'])) {
$args['content'] = Text::htmlDecode($args['content']);
$args['content'] = Sanitize::htmlDecode($args['content']);
}
$args['key'] = $key;

View File

@ -37,7 +37,18 @@ Things to do:
----
curl -vvv \
-X GET \
curl -X GET \
-G "http://localhost:8000/api/pages" \
-d "token=80a09ba055b73f68e3c9e7c9ea12b432"
-d "token=58b1419d05ffb9dcfb299e515985c33a"
{
"token": "58b1419d05ffb9dcfb299e515985c33a",
"authentication": "0adaa7af50d40b459cd5c4376aab0d67",
"title": "My dog",
"content": "Content of the page here, support Markdown code and HTML code."
}
curl -X PUT \
-H "Content-Type: application/json" \
-d @data.json \
"http://localhost:8000/api/pages"