mirror of
https://github.com/itflow-org/itflow
synced 2026-02-28 02:44:53 +00:00
API code style tidy
This commit is contained in:
Marcus Hill
@@ -7,8 +7,8 @@
|
||||
*/
|
||||
|
||||
// Includes
|
||||
include( __DIR__ . '../../../functions.php');
|
||||
include(__DIR__ . "../../../config.php");
|
||||
require_once( __DIR__ . '../../../functions.php');
|
||||
require_once(__DIR__ . "../../../config.php");
|
||||
|
||||
// JSON header
|
||||
header('Content-Type: application/json');
|
||||
@@ -17,9 +17,9 @@ header('Content-Type: application/json');
|
||||
$_POST = json_decode(file_get_contents('php://input'), true);
|
||||
|
||||
// Get user IP
|
||||
$ip = strip_tags(mysqli_real_escape_string($mysqli,get_ip()));
|
||||
$ip = strip_tags(mysqli_real_escape_string($mysqli, get_ip()));
|
||||
// Get user agent
|
||||
$user_agent = strip_tags(mysqli_real_escape_string($mysqli,$_SERVER['HTTP_USER_AGENT']));
|
||||
$user_agent = strip_tags(mysqli_real_escape_string($mysqli, $_SERVER['HTTP_USER_AGENT']));
|
||||
|
||||
// Setup return array
|
||||
$return_arr = array();
|
||||
@@ -43,75 +43,75 @@ DEFINE("WORDING_UNAUTHORIZED", "HTTP/1.1 401 Unauthorized");
|
||||
*/
|
||||
|
||||
// Decline methods other than GET/POST
|
||||
if($_SERVER['REQUEST_METHOD'] !== "GET" && $_SERVER['REQUEST_METHOD'] !== "POST"){
|
||||
header("HTTP/1.1 405 Method Not Allowed");
|
||||
var_dump($_SERVER['REQUEST_METHOD']);
|
||||
exit();
|
||||
if ($_SERVER['REQUEST_METHOD'] !== "GET" && $_SERVER['REQUEST_METHOD'] !== "POST") {
|
||||
header("HTTP/1.1 405 Method Not Allowed");
|
||||
var_dump($_SERVER['REQUEST_METHOD']);
|
||||
exit();
|
||||
}
|
||||
|
||||
// Check API key is provided
|
||||
if(!isset($_GET['api_key']) && !isset($_POST['api_key'])){
|
||||
header(WORDING_UNAUTHORIZED);
|
||||
exit();
|
||||
if (!isset($_GET['api_key']) && !isset($_POST['api_key'])) {
|
||||
header(WORDING_UNAUTHORIZED);
|
||||
exit();
|
||||
}
|
||||
|
||||
// Set API key variable
|
||||
if(isset($_GET['api_key'])){
|
||||
$api_key = $_GET['api_key'];
|
||||
if (isset($_GET['api_key'])) {
|
||||
$api_key = $_GET['api_key'];
|
||||
}
|
||||
if(isset($_POST['api_key'])){
|
||||
$api_key = $_POST['api_key'];
|
||||
if (isset($_POST['api_key'])) {
|
||||
$api_key = $_POST['api_key'];
|
||||
}
|
||||
|
||||
// Validate API key
|
||||
if(isset($api_key)){
|
||||
$api_key = mysqli_real_escape_string($mysqli,$api_key);
|
||||
if (isset($api_key)) {
|
||||
$api_key = mysqli_real_escape_string($mysqli, $api_key);
|
||||
|
||||
$sql = mysqli_query($mysqli,"SELECT * FROM api_keys WHERE api_key_secret = '$api_key' AND api_key_expire > NOW() LIMIT 1");
|
||||
$sql = mysqli_query($mysqli, "SELECT * FROM api_keys WHERE api_key_secret = '$api_key' AND api_key_expire > NOW() LIMIT 1");
|
||||
|
||||
// Failed
|
||||
if(mysqli_num_rows($sql) !== 1){
|
||||
// Invalid Key
|
||||
header(WORDING_UNAUTHORIZED);
|
||||
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'API', log_action = 'Failed', log_description = 'Incorrect or expired Key', log_ip = '$ip', log_user_agent = '$user_agent', log_created_at = NOW()");
|
||||
// Failed
|
||||
if (mysqli_num_rows($sql) !== 1) {
|
||||
// Invalid Key
|
||||
header(WORDING_UNAUTHORIZED);
|
||||
mysqli_query($mysqli, "INSERT INTO logs SET log_type = 'API', log_action = 'Failed', log_description = 'Incorrect or expired Key', log_ip = '$ip', log_user_agent = '$user_agent', log_created_at = NOW()");
|
||||
|
||||
$return_arr['success'] = "False";
|
||||
$return_arr['message'] = "API Key authentication failure or expired.";
|
||||
$return_arr['success'] = "False";
|
||||
$return_arr['message'] = "API Key authentication failure or expired.";
|
||||
|
||||
header(WORDING_UNAUTHORIZED);
|
||||
echo json_encode($return_arr);
|
||||
exit();
|
||||
}
|
||||
|
||||
// Success
|
||||
else{
|
||||
|
||||
// Set client ID, company ID & key name
|
||||
$row = mysqli_fetch_array($sql);
|
||||
$api_key_name = $row['api_key_name'];
|
||||
$client_id = $row['api_key_client_id'];
|
||||
$company_id = $row['company_id'];
|
||||
|
||||
// Set limit & offset for queries
|
||||
if(isset($_GET['limit'])){
|
||||
$limit = intval($_GET['limit']);
|
||||
}
|
||||
elseif(isset($_POST['limit'])){
|
||||
$limit = intval($_POST['limit']);
|
||||
}
|
||||
else{
|
||||
$limit = 50;
|
||||
header(WORDING_UNAUTHORIZED);
|
||||
echo json_encode($return_arr);
|
||||
exit();
|
||||
}
|
||||
|
||||
if(isset($_GET['offset'])){
|
||||
$offset = intval($_GET['offset']);
|
||||
}
|
||||
elseif(isset($_POST['offset'])){
|
||||
$offset = intval($_POST['offset']);
|
||||
}
|
||||
else{
|
||||
$offset = 0;
|
||||
}
|
||||
// Success
|
||||
else {
|
||||
|
||||
}
|
||||
// Set client ID, company ID & key name
|
||||
$row = mysqli_fetch_array($sql);
|
||||
$api_key_name = $row['api_key_name'];
|
||||
$client_id = $row['api_key_client_id'];
|
||||
$company_id = $row['company_id'];
|
||||
|
||||
// Set limit & offset for queries
|
||||
if (isset($_GET['limit'])) {
|
||||
$limit = intval($_GET['limit']);
|
||||
}
|
||||
elseif (isset($_POST['limit'])) {
|
||||
$limit = intval($_POST['limit']);
|
||||
}
|
||||
else {
|
||||
$limit = 50;
|
||||
}
|
||||
|
||||
if (isset($_GET['offset'])) {
|
||||
$offset = intval($_GET['offset']);
|
||||
}
|
||||
elseif (isset($_POST['offset'])) {
|
||||
$offset = intval($_POST['offset']);
|
||||
}
|
||||
else {
|
||||
$offset = 0;
|
||||
}
|
||||
|
||||
}
|
||||
}
|
||||
Reference in New Issue
Block a user