Cyclone-Team/e949
2
0
Fork 1
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Продолжил делать API для манипуляции с юзерами

Browse Source
This commit is contained in:
Shr3dd3r 2023-08-16 06:34:01 +03:00
parent 79a031401a
commit 611e213592
7 changed files with 112 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
TODO.md
View File

@ -61,3 +61,7 @@
- Теги - Теги
- Перечень одобренных - Перечень одобренных
- Шаблонная разметка - Шаблонная разметка
- Локализация
- Кастомизация внешнего вида
- Цветовые схемы
- Название

9
api/_auth.php
View File

@ -2,6 +2,13 @@
require_once("_db.php"); //("api/_db.php"); require_once("_db.php"); //("api/_db.php");
// Check if request was to specified file
function ThisFileIsRequested ($fullpath) {
return substr($fullpath, -strlen($_SERVER["SCRIPT_NAME"])) === $_SERVER["SCRIPT_NAME"];
}
session_start(); session_start();
$LOGGED_IN = false; $LOGGED_IN = false;
@ -11,7 +18,7 @@ if (isset($_SESSION["userid"])) {
$s = $db->prepare("SELECT * FROM users WHERE id = ?"); $s = $db->prepare("SELECT * FROM users WHERE id = ?");
$s->bind_param("s", $_SESSION["userid"]); $s->bind_param("s", $_SESSION["userid"]);
$s->execute(); $s->execute();
if (!(bool)$s->get_result()->fetch_assoc()) { if (!(bool)$s->get_result()->fetch_assoc()) { // If not, then destroy session
session_unset(); session_unset();
session_destroy(); session_destroy();
echo "user id does not exist"; echo "user id does not exist";

2
api/_db.php
View File

@ -2,6 +2,8 @@
require_once("_config.php"); //("api/_config.php"); require_once("_config.php"); //("api/_config.php");
$db = new mysqli($Config["db"]["addr"], $Config["db"]["user"], $Config["db"]["pass"], $Config["db"]["name"]); $db = new mysqli($Config["db"]["addr"], $Config["db"]["user"], $Config["db"]["pass"], $Config["db"]["name"]);
?> ?>

8
api/_errors.php
View File

@ -1,6 +1,12 @@
<?php <?php
// Internal errors // Internal errors
$Err_Int_JSONEncodeError = "int.jsonencode"; $Err_Int_JSONEncode = "int.jsonencode"; // Failed to encode JSON data
// Request data parsing errors
$Err_RDP_InvalidID = "rdp.invalidid"; // Requested ID of resource is invalid
// Data processing errors
$Err_DP_IDNotFound = "dp.idnotfound"; // Resource not found by requested ID
?> ?>

4
api/_json.php
View File

@ -2,10 +2,12 @@
require_once("_errors.php"); require_once("_errors.php");
function ReturnJSONData ($arr) { function ReturnJSONData ($arr) {
$data = json_encode($arr); $data = json_encode($arr);
if (!$data) { if (!$data) {
$data = json_encode(array("error" => $Err_Int_JSONEncodeError)); $data = json_encode(array("error" => $Err_Int_JSONEncode));
} }
header("Content-Type: application/json; charset=utf-8"); header("Content-Type: application/json; charset=utf-8");
echo $data; echo $data;

89
api/user/index.php
View File

@ -3,12 +3,93 @@
require_once("../_auth.php"); require_once("../_auth.php");
require_once("../_json.php"); require_once("../_json.php");
// TODO
if ($LOGGED_IN) {
echo 1; // Check if user has specified role
function User_HasRole ($id, $role) {
global $db;
$s = $db->prepare("SELECT * FROM users WHERE id = ?");
$s->bind_param("s", $id);
$s->execute();
$d = $s->get_result()->fetch_assoc();
if (!(bool)$d) {
return null;
}
if ($d["role"] == $role) {
return true;
}
return false;
}
// Check if user is moderator
function User_IsMod ($id) {
global $db;
$s = $db->prepare("SELECT * FROM users WHERE id = ?");
$s->bind_param("s", $id);
$s->execute();
$d = $s->get_result()->fetch_assoc();
if (!(bool)$d) {
return null;
}
return in_array($d["role"], array("mod", "admin"));
}
// Get user information from DB
function User_GetInfoByID ($id) {
global $db;
$result = array();
$s = $db->prepare("SELECT * FROM users WHERE id = ?");
$s->bind_param("s", $id);
$s->execute();
$d = $s->get_result()->fetch_assoc();
if (!(bool)$d) {
return null;
}
$result["id"] = $d["id"];
$result["created_at"] = $d["created_at"];
$result["login"] = $d["login"];
$result["avatar_path"] = $d["avatar_path"];
$result["role"] = $d["role"];
$result["banned"] = $d["banned"];
if ($id === $_SESSION["userid"] || User_IsMod($_SESSION["userid"])) { // User himself and mods can see additional info
$result["email"] = $d["email"];
$result["invite_id"] = $d["invite_id"];
}
return $result;
}
if (ThisFileIsRequested(__FILE__)) {
$UserID = null;
if (isset($_REQUEST["id"])) {
if (!ctype_digit($_REQUEST["id"]))
ReturnJSONError($Err_RDP_InvalidID, "id must be numeric");
$UserID = intval($_REQUEST["id"]);
} else { } else {
echo 2; if ($LOGGED_IN)
$UserID = $_SESSION["userid"];
else
ReturnJSONError($Err_RDP_InvalidID, "id must be specified or valid session must be provided");
}
$ResponseData = User_GetInfoByID($UserID);
if ($ResponseData)
ReturnJSONData($ResponseData);
else
ReturnJSONError($Err_DP_IDNotFound, "wrong id");
} }
?> ?>

2
config.json
View File

@ -3,6 +3,6 @@
"addr": "localhost", "addr": "localhost",
"name": "e949", "name": "e949",
"user": "e949", "user": "e949",
"pass": "" "pass": "password"
} }
} }