AS1024
/
itflow
mirror of https://github.com/itflow-org/itflow
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #455 from wrongecho/api 

Add delete asset API endpoint
This commit is contained in:
Johnny 2022-05-02 11:30:02 -04:00 committed by GitHub
parent f0d497fec8 c19328f3d8
commit 44f8569b50
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
6 changed files with 57 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

28
api/v1/assets/delete.php Normal file
View File

@ -0,0 +1,28 @@
<?php
require('../validate_api_key.php');
require('../require_post_method.php');
// Parse ID
$asset_id = intval($_POST['asset_id']);
// Default
$delete_count = FALSE;
if(!empty($asset_id)){
$row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT * FROM assets WHERE asset_id = $asset_id AND asset_client_id = $client_id AND company_id = '$company_id' LIMIT 1"));
$asset_name = $row['asset_name'];
$delete_sql = mysqli_query($mysqli, "DELETE FROM assets WHERE asset_id = $asset_id AND asset_client_id = $client_id AND company_id = '$company_id' LIMIT 1");
// Check delete & get affected rows
if($delete_sql && !empty($asset_name)){
$delete_count = mysqli_affected_rows($mysqli);
//Logging
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Asset', log_action = 'Deleted', log_description = '$asset_name via API ($api_key_name)', log_ip = '$ip', log_client_id = $client_id, company_id = $company_id");
}
}
// Output
include('../delete_output.php');

4
api/v1/assets/update.php
View File

@ -7,7 +7,7 @@ require('../require_post_method.php');
$asset_id = intval($_POST['asset_id']);
// Default
$update_id = FALSE;
$update_count = FALSE;
if(!empty($asset_id)){
@ -104,7 +104,7 @@ if(!empty($asset_id)){
// Check insert & get insert ID
if($update_sql){
$update_id = mysqli_affected_rows($mysqli);
$update_count = mysqli_affected_rows($mysqli);
//Logging
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Asset', log_action = 'Updated', log_description = '$name via API ($api_key_name)', log_ip = '$ip', log_client_id = $client_id, company_id = $company_id");

4
api/v1/contacts/update.php
View File

@ -8,7 +8,7 @@ $contact_id = intval($_POST['contact_id']);
include('contact_model.php');
// Default
$update_id = FALSE;
$update_count = FALSE;
if(!empty($name) && !empty($email)){
@ -16,7 +16,7 @@ if(!empty($name) && !empty($email)){
// Check insert & get insert ID
if($update_sql){
$update_id = mysqli_affected_rows($mysqli);
$update_count = mysqli_affected_rows($mysqli);
//Logging
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Contact', log_action = 'Updated', log_description = '$name via API ($api_key_name)', log_ip = '$ip', log_created_at = NOW(), log_client_id = $client_id, company_id = $company_id");

23
api/v1/delete_output.php Normal file
View File

@ -0,0 +1,23 @@
<?php
/*
* API - delete_output.php
* Included on calls to delete.php endpoints
* Returns success/failure messages
*/
// Check if delete query was successful
if(isset($delete_count) && is_numeric($delete_count) && $delete_count > 0){
// Delete was successful
$return_arr['success'] = "True";
$return_arr['count'] = $delete_count;
}
// Delete query returned false: something went wrong, or it was declined due to required variables missing
else{
$return_arr['success'] = "False";
$return_arr['message'] = "Auth success but delete query failed. Ensure ALL required variables are provided and database schema is up-to-date. Most likely cause: asset/client/company ID mismatch.";
}
echo json_encode($return_arr);
exit();

1
api/v1/require_post_method.php
View File

@ -10,6 +10,5 @@ if($_SERVER['REQUEST_METHOD'] !== "POST"){
// Client ID must be specific for INSERT/UPDATE/DELETE queries
// If this API key allows any client, set $client_id to the one specified, else leave it
if($client_id == 0){
//
$client_id = intval($_POST['client_id']);
}

4
api/v1/update_output.php
View File

@ -7,10 +7,10 @@
*/
// Check if the insert query was successful
if(isset($update_id) && is_numeric($update_id) && $update_id > 0){
if(isset($update_count) && is_numeric($update_count) && $update_count > 0){
// Insert successful
$return_arr['success'] = "True";
$return_arr['count'] = $update_id;
$return_arr['count'] = $update_count;
}
// Query returned false: something went wrong, or it was declined due to required variables missing