Projekte/web-base
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Some more functionalities

Browse Source
This commit is contained in:
Roman Hergenreder
2020-02-10 00:52:25 +01:00
parent f4ed99fc72
commit 1853756db4
25 changed files with 897 additions and 188 deletions
Download Patch File Download Diff File Expand all files Collapse all files

22
core/Api/ExecuteSelect.class.php
View File

@@ -16,21 +16,19 @@ class ExecuteSelect extends Request {
$this->variableParamCount = true;
}
public function getDescription() { return 'Führt ein SELECT Statement aus.'; }
public function getSection() { return "Internal"; }
public function execute($aValues = array()) {
if(!parent::execute($aValues)) {
public function execute($values = array()) {
if(!parent::execute($values)) {
return false;
}
$sql = $this->user->getSQL();
$this->success = false;
$this->result['rows'] = array();
if(count($this->params) === 1) {
$res = $this->user->getSQL()->query($this->getParam('query'));
$res = $sql->query($this->getParam('query'));
if(!$res) {
$this->lastError = 'Database Error: query() failed with ' . $this->user->getSQL()->getLastError();
$this->lastError = 'Database Error: query() failed with ' . $sql->getLastError();
return false;
}
@@ -77,7 +75,7 @@ class ExecuteSelect extends Request {
$tmp = array();
foreach($aSqlParams as $key => $value) $tmp[$key] = &$aSqlParams[$key];
if($stmt = $this->user->getSQL()->connection->prepare($this->getParam('query'))) {
if($stmt = $sql->connection->prepare($this->getParam('query'))) {
if(call_user_func_array(array($stmt, "bind_param"), $tmp))
{
if($stmt->execute()) {
@@ -89,18 +87,18 @@ class ExecuteSelect extends Request {
$res->close();
$this->success = true;
} else {
$this->lastError = 'Database Error: execute() failed with ' . $this->user->getSQL()->getLastError();
$this->lastError = 'Database Error: execute() failed with ' . $sql->getLastError();
}
} else {
$this->lastError = 'Database Error: get_result() failed with ' . $this->user->getSQL()->getLastError();
$this->lastError = 'Database Error: get_result() failed with ' . $sql->getLastError();
}
} else {
$this->lastError = 'Database Error: bind_param() failed with ' . $this->user->getSQL()->getLastError();
$this->lastError = 'Database Error: bind_param() failed with ' . $sql->getLastError();
}
$stmt->close();
} else {
$this->lastError = 'Database Error: prepare failed with() ' . $this->user->getSQL()->getLastError();
$this->lastError = 'Database Error: prepare failed with() ' . $sql->getLastError();
}
}

4
core/Api/ExecuteStatement.class.php
View File

@@ -16,8 +16,8 @@ class ExecuteStatement extends Request {
$this->variableParamCount = true;
}
public function execute($aValues = array()) {
if(!parent::execute($aValues)) {
public function execute($values = array()) {
if(!parent::execute($values)) {
return false;
}

36
core/Api/GetLanguages.class.php Normal file
View File

@@ -0,0 +1,36 @@
<?php
namespace Api;
class GetLanguages extends Request {
public function __construct($user, $externCall = false) {
parent::__construct($user, $externCall, array());
}
public function execute($values = array()) {
if(!parent::execute($values)) {
return false;
}
$query = 'SELECT uid, code, name FROM Language';
$request = new ExecuteSelect($this->user);
$this->success = $request->execute(array('query' => $query));
$this->lastError = $request->getLastError();
if($this->success) {
$this->result['languages'] = array();
if(count($request->getResult()['rows']) === 0) {
$this->lastError = L("No languages found");
} else {
foreach($request->getResult()['rows'] as $row) {
$this->result['languages'][$row['uid']] = $row;
}
}
}
return $this->success;
}
};
?>

75
core/Api/Login.class.php Normal file
View File

@@ -0,0 +1,75 @@
<?php
namespace Api;
use Api\Parameter\Parameter;
use Api\Parameter\StringType;
class Login extends Request {
private $startedAt;
public function __construct($user, $externCall = false) {
parent::__construct($user, $externCall, array(
'username' => new StringType('username', 32),
'password' => new StringType('password'),
));
$this->forbidMethod("GET");
}
private function wrongCredentials() {
$runtime = microtime(true) - $this->startedAt;
$sleepTime = round(3e6 - $runtime);
if($sleepTime > 0) usleep($sleepTime);
return $this->createError(L('Wrong username or password'));
}
public function execute($values = array()) {
if(!parent::execute($values)) {
return false;
}
if($this->user->isLoggedIn()) {
$this->lastError = L('You are already logged in');
$this->success = true;
return true;
}
$this->startedAt = microtime(true);
$this->success = false;
$username = $this->getParam('username');
$password = $this->getParam('password');
$query = 'SELECT User.uid, User.password, User.salt FROM User WHERE User.name=?';
$request = new ExecuteSelect($this->user);
$this->success = $request->execute(array('query' => $query, $username));
$this->lastError = $request->getLastError();
if($this->success) {
$this->success = false;
if(count($request->getResult()['rows']) === 0) {
return $this->wrongCredentials();
$this->lastError = L('Wrong username or password');
} else {
$row = $request->getResult()['rows'][0];
$salt = $row['salt'];
$uid = $row['uid'];
$hash = hash('sha256', $password . $salt);
if($hash === $row['password']) {
if(!($this->success = $this->user->createSession($uid))) {
return $this->createError("Error creating Session");
} else {
$this->result['logoutIn'] = $this->user->getSession()->getExpiresSeconds();
}
}
else {
return $this->wrongCredentials();
}
}
}
return $this->success;
}
};
?>

24
core/Api/Logout.class.php Normal file
View File

@@ -0,0 +1,24 @@
<?php
namespace Api;
class Logout extends Request {
public function __construct($user, $externCall = false) {
parent::__construct($user, $externCall);
$this->loginRequired = true;
$this->apiKeyAllowed = false;
}
public function execute($values = array()) {
if(!parent::execute($values)) {
return false;
}
$this->success = true;
$this->user->logout();
return true;
}
};
?>

22
core/Api/Request.class.php
View File

@@ -53,9 +53,9 @@ class Request {
return "($str)";
}
public function parseParams($aValues) {
public function parseParams($values) {
foreach($this->params as $name => $param) {
$value = (isset($aValues[$name]) ? $aValues[$name] : NULL);
$value = (isset($values[$name]) ? $values[$name] : NULL);
if(!$param->optional && is_null($value)) {
$this->lastError = 'Missing parameter: ' . $name;
@@ -73,8 +73,8 @@ class Request {
return true;
}
public function parseVariableParams($aValues) {
foreach($aValues as $name => $value) {
public function parseVariableParams($values) {
foreach($values as $name => $value) {
if(isset($this->params[$name])) continue;
$type = Parameter\Parameter::parseType($value);
$param = new Parameter\Parameter($name, $type, true);
@@ -83,7 +83,7 @@ class Request {
}
}
public function execute($aValues = array()) {
public function execute($values = array()) {
$this->params = $this->aDefaultParams;
$this->success = false;
$this->result = array();
@@ -94,10 +94,10 @@ class Request {
}
if($this->externCall) {
$aValues = $_REQUEST;
$values = $_REQUEST;
if($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_SERVER["CONTENT_TYPE"]) && in_array("application/json", explode(";", $_SERVER["CONTENT_TYPE"]))) {
$jsonData = json_decode(file_get_contents('php://input'), true);
$aValues = array_merge($aValues, $jsonData);
$values = array_merge($values, $jsonData);
}
}
@@ -121,8 +121,8 @@ class Request {
if($this->loginRequired) {
$authorized = false;
if(isset($aValues['api_key']) && $this->apiKeyAllowed) {
$apiKey = $aValues['api_key'];
if(isset($values['api_key']) && $this->apiKeyAllowed) {
$apiKey = $values['api_key'];
$authorized = $this->user->authorize($apiKey);
}
@@ -133,11 +133,11 @@ class Request {
}
}
if(!$this->parseParams($aValues))
if(!$this->parseParams($values))
return false;
if($this->variableParamCount)
$this->parseVariableParams($aValues);
$this->parseVariableParams($values);
if(!$this->user->getSQL()->isConnected()) {
$this->lastError = $this->user->getSQL()->getLastError();

75
core/Api/SetLanguage.php Normal file
View File

@@ -0,0 +1,75 @@
<?php
namespace Api;
use Api\Parameter\Parameter;
use Api\Parameter\StringType;
class SetLanguage extends Request {
private $language;
public function __construct($user, $externCall = false) {
parent::__construct($user, $externCall, array(
'langId' => new Parameter('langId', Parameter::TYPE_INT, true, NULL),
'langCode' => new StringType('langCode', 5, true, NULL),
));
}
private function checkLanguage() {
$langId = $this->getParam("langId");
$langCode = $this->getParam("langCode");
if(is_null($langId) && is_null($langCode)) {
return $this->createError(L("Either langId or langCode must be given"));
}
$query = "SELECT uid, code, name FROM Language WHERE uid=? OR code=?";
$request = new ExecuteSelect($this->user);
$this->success = $request->execute(array("query" => $query, $langId, $langCode));
$this->lastError = $request->getLastError();
if($this->success) {
if(count($request->getResult()['rows']) == 0) {
return $this->createError(L("This Language does not exist"));
} else {
$row = $request->getResult()['rows'][0];
$this->language = \Objects\Language::newInstance($row['uid'], $row['code'], $row['name']);
if(!$this->language) {
return $this->createError(L("Error while loading language"));
}
}
}
return $this->success;
}
private function updateLanguage() {
$languageId = $this->language->getId();
$userId = $this->user->getId();
$query = "UPDATE User SET uidLanguage = ? WHERE uid = ?";
$request = new ExecuteStatement($this->user);
$this->success = $request->execute(array("query" => $query, $languageId, $userId));
$this->lastError = $request->getLastError();
return $this->success;
}
public function execute($values = array()) {
if(!parent::execute($values)) {
return false;
}
if(!$this->checkLanguage())
return false;
if($this->user->isLoggedIn()) {
$this->updateLanguage();
}
$this->user->setLangauge($this->language);
return $this->success;
}
};
?>