API: Add some missing end points

api/v1/software/create.php

@@ -0,0 +1,27 @@
+<?php
+
+require_once '../validate_api_key.php';
+
+require_once '../require_post_method.php';
+
+$software_row = false; // Creation, not an update
+require_once 'software_model.php';
+
+// Default
+$insert_id = false;
+
+if (!empty($name)) {
+
+    $insert_sql = mysqli_query($mysqli, "INSERT INTO software SET software_name = '$name', software_description = '$description', software_key = '$key', software_seats = $seats, software_version = '$version', software_expire = '$expire', software_notes = '$notes', software_type = $type, software_vendor_id = $vendor_id, software_client_id = $client_id");
+
+    if ($insert_sql) {
+        $insert_id = mysqli_insert_id($mysqli);
+
+        // Logging
+        logAction("Software", "Create", "Created software $name via API ($api_key_name)", $client_id, $insert_id);
+        logAction("API", "Success", "Created software $name via API ($api_key_name)", $client_id);
+    }
+}
+
+// Output
+require_once '../create_output.php';

api/v1/software/delete.php

@@ -0,0 +1,28 @@
+<?php
+
+require_once '../validate_api_key.php';
+
+require_once '../require_post_method.php';
+
+// Parse ID
+$software_id = intval($_POST['software_id']);
+
+// Default
+$delete_count = false;
+
+if (!empty($software_id)) {
+    $row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT * FROM software WHERE software_id = $software_id AND software_client_id = $client_id LIMIT 1"));
+    $software_name = $row['software_name'];
+
+    $delete_sql = mysqli_query($mysqli, "DELETE FROM software WHERE software_id = $software_id AND software_client_id = $client_id LIMIT 1");
+
+    if ($delete_sql && !empty($software_name)) {
+        $delete_count = mysqli_affected_rows($mysqli);
+
+        // Logging
+        logAction("Software", "Delete", "$software_name via API ($api_key_name)", $client_id);
+    }
+}
+
+// Output
+require_once '../delete_output.php';

api/v1/software/software_model.php

@@ -0,0 +1,75 @@
+<?php
+
+// Variable assignment from POST (or: blank/from DB is updating)
+
+if (isset($_POST['software_name'])) {
+    $name = sanitizeInput($_POST['software_name']);
+} elseif ($software_row) {
+    $name = mysqli_real_escape_string($mysqli, $software_row['software_name']);
+} else {
+    $name = '';
+}
+
+if (isset($_POST['software_description'])) {
+    $description = sanitizeInput($_POST['software_description']);
+} elseif ($software_row) {
+    $description = mysqli_real_escape_string($mysqli, $software_row['software_description']);
+} else {
+    $description = '';
+}
+
+if (isset($_POST['software_key'])) {
+    $key = sanitizeInput($_POST['software_key']);
+} elseif ($software_row) {
+    $key = mysqli_real_escape_string($mysqli, $software_row['software_key']);
+} else {
+    $key = '';
+}
+
+if (isset($_POST['software_seats'])) {
+    $seats = intval($_POST['software_seats']);
+} elseif ($software_row) {
+    $seats = $software_row['software_seats'];
+} else {
+    $seats = 0;
+}
+
+if (isset($_POST['software_version'])) {
+    $version = sanitizeInput($_POST['software_version']);
+} elseif ($software_row) {
+    $version = mysqli_real_escape_string($mysqli, $software_row['software_version']);
+} else {
+    $version = '';
+}
+
+if (isset($_POST['software_expire'])) {
+    $expire = sanitizeInput($_POST['software_expire']);
+} elseif ($software_row) {
+    $expire = $software_row['software_expire'];
+} else {
+    $expire = 'NULL';
+}
+
+if (isset($_POST['software_notes'])) {
+    $notes = sanitizeInput($_POST['software_notes']);
+} elseif ($software_row) {
+    $notes = mysqli_real_escape_string($mysqli, $software_row['software_notes']);
+} else {
+    $notes = '';
+}
+
+if (isset($_POST['software_type'])) {
+    $type = intval($_POST['software_type']);
+} elseif ($software_row) {
+    $type = $software_row['software_type'];
+} else {
+    $type = 0;
+}
+
+if (isset($_POST['software_vendor_id'])) {
+    $vendor_id = intval($_POST['software_vendor_id']);
+} elseif ($software_row) {
+    $vendor_id = $software_row['software_vendor_id'];
+} else {
+    $vendor_id = 0;
+}

api/v1/software/update.php

@@ -0,0 +1,31 @@
+<?php
+
+require_once '../validate_api_key.php';
+
+require_once '../require_post_method.php';
+
+// Parse ID
+$software_id = intval($_POST['software_id']);
+
+// Default
+$update_count = false;
+
+if (!empty($software_id)) {
+
+    $software_row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT * FROM software WHERE software_id = '$software_id' AND software_client_id = $client_id LIMIT 1"));
+
+    require_once 'software_model.php';
+
+    $update_sql = mysqli_query($mysqli, "UPDATE software SET software_name = '$name', software_description = '$description', software_key = '$key', software_seats = $seats, software_version = '$version', software_expire = '$expire', software_notes = '$notes', software_type = $type, software_vendor_id = $vendor_id WHERE software_id = $software_id AND software_client_id = $client_id LIMIT 1");
+
+    if ($update_sql) {
+        $update_count = mysqli_affected_rows($mysqli);
+
+        // Logging
+        logAction("Software", "Edit", "$name via API ($api_key_name)", $client_id);
+        logAction("API", "Success", "Edited software $name via API ($api_key_name)", $client_id);
+    }
+}
+
+// Output
+require_once '../update_output.php';