AS1024/itflow
1
0
Fork 0
mirror of https://github.com/itflow-org/itflow synced 2026-02-28 02:44:53 +00:00
Code Issues Packages Projects Releases Wiki Activity

Add support for client-specific API keys

Browse Source 
Refactoring API. Added a contact update endpoint.
Small misc changes.
This commit is contained in:
Marcus Hill
2022-04-15 17:43:06 +01:00
parent bdd00c843d
commit e55622827d
26 changed files with 286 additions and 194 deletions
Download Patch File Download Diff File Expand all files Collapse all files

24
api/v1/assets/read.php
View File

@@ -5,37 +5,37 @@ require('../require_get_method.php');
// Asset via ID (single)
if(isset($_GET['asset_id'])){
$id = intval($_GET['asset_id']);
$sql = mysqli_query($mysqli, "SELECT * FROM assets WHERE asset_id = '$id' AND company_id = '$company_id'");
$id = intval($_GET['asset_id']);
$sql = mysqli_query($mysqli, "SELECT * FROM assets WHERE asset_id = '$id' AND asset_client_id LIKE '$client_id' AND company_id = '$company_id'");
}
// Asset query via type
elseif(isset($_GET['asset_type'])){
$type = mysqli_real_escape_string($mysqli,ucfirst($_GET['asset_type']));
$sql = mysqli_query($mysqli, "SELECT * FROM assets WHERE asset_type = '$type' AND company_id = '$company_id' ORDER BY asset_id LIMIT $limit OFFSET $offset");
$type = mysqli_real_escape_string($mysqli,ucfirst($_GET['asset_type']));
$sql = mysqli_query($mysqli, "SELECT * FROM assets WHERE asset_type = '$type' AND asset_client_id LIKE '$client_id' AND company_id = '$company_id' ORDER BY asset_id LIMIT $limit OFFSET $offset");
}
// Asset query via name
elseif(isset($_GET['asset_name'])){
$name = mysqli_real_escape_string($mysqli,$_GET['asset_name']);
$sql = mysqli_query($mysqli, "SELECT * FROM assets WHERE asset_name = '$name' AND company_id = '$company_id' ORDER BY asset_id LIMIT $limit OFFSET $offset");
$name = mysqli_real_escape_string($mysqli,$_GET['asset_name']);
$sql = mysqli_query($mysqli, "SELECT * FROM assets WHERE asset_name = '$name' AND asset_client_id LIKE '$client_id' AND company_id = '$company_id' ORDER BY asset_id LIMIT $limit OFFSET $offset");
}
// Asset query via serial
elseif(isset($_GET['asset_serial'])){
$serial = mysqli_real_escape_string($mysqli,$_GET['asset_serial']);
$sql = mysqli_query($mysqli, "SELECT * FROM assets WHERE asset_serial = '$serial' AND company_id = '$company_id' ORDER BY asset_id LIMIT $limit OFFSET $offset");
$serial = mysqli_real_escape_string($mysqli,$_GET['asset_serial']);
$sql = mysqli_query($mysqli, "SELECT * FROM assets WHERE asset_serial = '$serial' AND asset_client_id LIKE '$client_id' AND company_id = '$company_id' ORDER BY asset_id LIMIT $limit OFFSET $offset");
}
// Asset query via client ID
elseif(isset($_GET['asset_client_id'])){
$client = intval($_GET['asset_client_id']);
$sql = mysqli_query($mysqli, "SELECT * FROM assets WHERE asset_client_id = '$client' AND company_id = '$company_id' ORDER BY asset_id LIMIT $limit OFFSET $offset");
elseif(isset($_GET['client_id']) && $client_id == "%"){
$client_id = intval($_GET['client_id']);
$sql = mysqli_query($mysqli, "SELECT * FROM assets WHERE asset_client_id LIKE '$client_id' AND company_id = '$company_id' ORDER BY asset_id LIMIT $limit OFFSET $offset");
}
// All assets
else{
$sql = mysqli_query($mysqli, "SELECT * FROM assets WHERE company_id = '$company_id' ORDER BY asset_id LIMIT $limit OFFSET $offset");
$sql = mysqli_query($mysqli, "SELECT * FROM assets WHERE asset_client_id LIKE '$client_id' AND company_id = '$company_id' ORDER BY asset_id LIMIT $limit OFFSET $offset");
}
// Output