iger
/
engelsystem
9
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

cookie-0006-API-add-cmd-sendMessage.patch

This commit is contained in:
Philip Häusler 2014-01-05 19:34:17 +01:00
parent 9dc5dbe3b6
commit 6664433fab
3 changed files with 90 additions and 32 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

95
includes/controller/api.php
View File

@ -13,14 +13,16 @@ Every API Request must be contained the Api Key (using JSON parameter 'key') and
Testing API calls (using curl): Testing API calls (using curl):
------------------------------- -------------------------------
$ curl -d '{"key":"<key>","cmd":"getVersion"}' '<Address>/?p=api' $ curl -d '{"cmd":"getVersion"}' '<Address>/?p=api'
$ curl -d '{"cmd":"getApiKey","user":"admin","pw":"admin"}' '<Address>/?p=api'
$ curl -d '{"key":"<key>","cmd":"getRoom"}' '<Address>/?p=api'
$ curl -d '{"key":"<key>","cmd":"sendmessage","uid":"23","text":"test message"}' '<Address>/?p=api'
Methods without key: Methods without key:
-------------------- --------------------
getVersion getVersion
Description: Description:
Returns API version. Returns API version.
Parameters: Parameters:
nothing nothing
Return Example: Return Example:
@ -28,7 +30,7 @@ getVersion
getApiKey getApiKey
Description: Description:
Returns API Key version. Returns API Key version.
Parameters: Parameters:
user (string) user (string)
pw (string) pw (string)
@ -39,36 +41,36 @@ Methods with Key:
----------------- -----------------
getRoom getRoom
Description: Description:
Returns a list of all Rooms (no id set) or details of a single Room (requested id) Returns a list of all Rooms (no id set) or details of a single Room (requested id)
Parameters: Parameters:
id (integer) - Room ID id (integer) - Room ID
Return Example: Return Example:
[{"RID":"1"},{"RID":"2"},{"RID":"3"},{"RID":"4"}] [{"RID":"1"},{"RID":"2"},{"RID":"3"},{"RID":"4"}]
{"RID":"1","Name":"Room Name","Man":null,"FromPentabarf":"","show":"Y","Number":"0"} {"RID":"1","Name":"Room Name","Man":null,"FromPentabarf":"","show":"Y","Number":"0"}
getAngelType getAngelType
Description: Description:
Returns a list of all Angel Types (no id set) or details of a single Angel Type (requested id) Returns a list of all Angel Types (no id set) or details of a single Angel Type (requested id)
Parameters: Parameters:
id (integer) - Type ID id (integer) - Type ID
Return Example: Return Example:
[{"id":"8"},{"id":"9"}] [{"id":"8"},{"id":"9"}]
{"id":"9","name":"Angeltypes 2","restricted":"0"} {"id":"9","name":"Angeltypes 2","restricted":"0"}
getUser getUser
Description: Description:
Returns a list of all Users (no id set) or details of a single User (requested id) Returns a list of all Users (no id set) or details of a single User (requested id)
Parameters: Parameters:
id (integer) - User ID id (integer) - User ID
Return Example: Return Example:
[{"UID":"1"},{"UID":"23"},{"UID":"42"}] [{"UID":"1"},{"UID":"23"},{"UID":"42"}]
{"UID":"1","Nick":"admin","Name":"Gates","Vorname":"Bill","Telefon":"","DECT":"","Handy":"","email":"","ICQ":"","jabber":"","Avatar":"115"} {"UID":"1","Nick":"admin","Name":"Gates","Vorname":"Bill","Telefon":"","DECT":"","Handy":"","email":"","ICQ":"","jabber":"","Avatar":"115"}
getShift getShift
Description: Description:
Returns a list of all Shifte (no id set, filter is optional) or details of a single Shift (requested id) Returns a list of all Shifte (no id set, filter is optional) or details of a single Shift (requested id)
Parameters: Parameters:
id (integer) - Shift ID id (integer) - Shift ID
filterRoom (Array of integer) - Array of Room IDs (optional, for list request) filterRoom (Array of integer) - Array of Room IDs (optional, for list request)
filterTask (Array of integer) - Array if Task (optional, for list request) filterTask (Array of integer) - Array if Task (optional, for list request)
filterOccupancy (integer) - Occupancy state: (optional, for list request) filterOccupancy (integer) - Occupancy state: (optional, for list request)
@ -83,13 +85,21 @@ getShift
getMessage getMessage
Description: Description:
Returns a list of all Messages (no id set) or details of a single Message (requested id) Returns a list of all Messages (no id set) or details of a single Message (requested id)
Parameters: Parameters:
id (integer) - Message ID id (integer) - Message ID
Return Example: Return Example:
[{"id":"1"},{"id":"2"},{"id":"3"}] [{"id":"1"},{"id":"2"},{"id":"3"}]
{"id":"3","Datum":"1388247583","SUID":"23","RUID":"42","isRead":"N","Text":"message text"} {"id":"3","Datum":"1388247583","SUID":"23","RUID":"42","isRead":"N","Text":"message text"}
sendMessage
Description:
send a Message to an other angel
Parameters:
uid (integer) - User ID of the reciever
text (string) - Message Text
Return Example:
{"status":"success"}
************************************************************************************************/ ************************************************************************************************/
@ -98,8 +108,8 @@ getMessage
* General API Controller * General API Controller
*/ */
function api_controller() { function api_controller() {
global $DataJson, $_REQUEST; global $user, $DataJson, $_REQUEST;
header("Content-Type: application/json; charset=utf-8"); header("Content-Type: application/json; charset=utf-8");
// decode JSON request // decode JSON request
@ -160,19 +170,22 @@ function api_controller() {
case 'getmessage': case 'getmessage':
getMessage(); getMessage();
break; break;
case 'sendmessage':
sendMessage();
break;
default: default:
$DataJson = array ( $DataJson = array (
'status' => 'failed', 'status' => 'failed',
'error' => 'Unknown Command "'. $cmd. '"' ); 'error' => 'Unknown Command "'. $cmd. '"' );
} }
// check // check
if( $DataJson === false) { if( $DataJson === false) {
$DataJson = array ( $DataJson = array (
'status' => 'failed', 'status' => 'failed',
'error' => 'DataJson === false' ); 'error' => 'DataJson === false' );
} }
echo json_encode($DataJson); echo json_encode($DataJson);
die(); die();
} }
@ -182,8 +195,8 @@ function api_controller() {
*/ */
function getVersion(){ function getVersion(){
global $DataJson; global $DataJson;
$DataJson = array( $DataJson = array(
'status' => 'success', 'status' => 'success',
'Version' => 1); 'Version' => 1);
} }
@ -195,7 +208,7 @@ function getVersion(){
function getApiKey(){ function getApiKey(){
global $DataJson, $_REQUEST; global $DataJson, $_REQUEST;
if (!isset($_REQUEST['user']) ) { if (!isset($_REQUEST['user']) ) {
$DataJson = array ( $DataJson = array (
'status' => 'failed', 'status' => 'failed',
'error' => 'Missing parameter "user".' ); 'error' => 'Missing parameter "user".' );
@ -206,12 +219,12 @@ function getApiKey(){
'error' => 'Missing parameter "pw".' ); 'error' => 'Missing parameter "pw".' );
} else { } else {
$Erg = sql_select( "SELECT `UID`, `Passwort`, `api_key` FROM `User` WHERE `Nick`='" . sql_escape($_REQUEST['user']) . "'"); $Erg = sql_select( "SELECT `UID`, `Passwort`, `api_key` FROM `User` WHERE `Nick`='" . sql_escape($_REQUEST['user']) . "'");
if (count($Erg) == 1) { if (count($Erg) == 1) {
$Erg = $Erg[0]; $Erg = $Erg[0];
if (verify_password( $_REQUEST['pw'], $Erg["Passwort"], $Erg["UID"])) { if (verify_password( $_REQUEST['pw'], $Erg["Passwort"], $Erg["UID"])) {
$key = $Erg["api_key"]; $key = $Erg["api_key"];
$DataJson = array( $DataJson = array(
'status' => 'success', 'status' => 'success',
'Key' => $key); 'Key' => $key);
} else { } else {
@ -225,17 +238,17 @@ function getApiKey(){
'error' => 'User not found.' ); 'error' => 'User not found.' );
} }
} }
sleep(1); sleep(1);
} }
/** /**
* Get Room * Get Room
*/ */
function getRoom(){ function getRoom(){
global $DataJson, $_REQUEST; global $DataJson, $_REQUEST;
if (isset($_REQUEST['id']) ) { if (isset($_REQUEST['id']) ) {
$DataJson = mRoom( $_REQUEST['id']); $DataJson = mRoom( $_REQUEST['id']);
} else { } else {
@ -261,7 +274,7 @@ function getAngelType(){
*/ */
function getUser(){ function getUser(){
global $DataJson, $_REQUEST; global $DataJson, $_REQUEST;
if (isset($_REQUEST['id']) ) { if (isset($_REQUEST['id']) ) {
$DataJson = mUser_Limit( $_REQUEST['id']); $DataJson = mUser_Limit( $_REQUEST['id']);
} else { } else {
@ -295,4 +308,30 @@ function getMessage(){
} }
} }
/**
* Send Message
*/
function sendMessage(){
global $DataJson, $_REQUEST;
if (!isset($_REQUEST['uid']) ) {
$DataJson = array (
'status' => 'failed',
'error' => 'Missing parameter "uid".' );
}
elseif (!isset($_REQUEST['text']) ) {
$DataJson = array (
'status' => 'failed',
'error' => 'Missing parameter "text".' );
} else {
if( mMessage_Send( $_REQUEST['uid'], $_REQUEST['text']) === true) {
$DataJson = array( 'status' => 'success');
} else {
$DataJson = array(
'status' => 'failed',
'error' => 'Transmitting was terminated with an Error.');
}
}
}
?> ?>

22
includes/model/Message_model.php
View File

@ -26,4 +26,26 @@ function mMessage($id) {
return null; return null;
} }
/**
* send message
*
* @param $id User ID of Reciever
* @param $text Text of Message
*/
function mMessage_Send($id, $text) {
global $user;
$text = preg_replace("/([^\p{L}\p{P}\p{Z}\p{N}\n]{1,})/ui", '', strip_tags($text));
$to = preg_replace("/([^0-9]{1,})/ui", '', strip_tags( $id));
if (($text != "" && is_numeric($to)) &&
(sql_num_query("SELECT * FROM `User` WHERE `UID`=" . sql_escape($to) . " AND NOT `UID`=" . sql_escape($user['UID']) . " LIMIT 1") > 0) ) {
sql_query("INSERT INTO `Messages` SET `Datum`=" . sql_escape(time()) . ", `SUID`=" . sql_escape($user['UID']) . ", `RUID`=" . sql_escape($to) . ", `Text`='" . sql_escape($text) . "'");
return true;
} else {
return false;
}
}
?> ?>

5
includes/pages/user_messages.php
View File

@ -98,10 +98,7 @@ function user_messages() {
break; break;
case "send": case "send":
$text = preg_replace("/([^\p{L}\p{P}\p{Z}\p{N}\n]{1,})/ui", '', strip_tags($_REQUEST['text'])); if( mMessage_Send( $_REQUEST['to'], $_REQUEST['text']) === true) {
$to = preg_replace("/([^0-9]{1,})/ui", '', strip_tags($_REQUEST['to']));
if ($text != "" && is_numeric($to) && sql_num_query("SELECT * FROM `User` WHERE `UID`=" . sql_escape($to) . " AND NOT `UID`=" . sql_escape($user['UID']) . " LIMIT 1") > 0) {
sql_query("INSERT INTO `Messages` SET `Datum`=" . sql_escape(time()) . ", `SUID`=" . sql_escape($user['UID']) . ", `RUID`=" . sql_escape($to) . ", `Text`='" . sql_escape($text) . "'");
redirect(page_link_to("user_messages")); redirect(page_link_to("user_messages"));
} else { } else {
return error(_("Transmitting was terminated with an Error."), true); return error(_("Transmitting was terminated with an Error."), true);