source: trunk/admin/ws_checker.php @ 2299

Last change on this file since 2299 was 2299, checked in by plg, 16 years ago

Bug fixed: as rvelices notified me by email, my header replacement script was
bugged (r2297 was repeating new and old header).

By the way, I've also removed the replacement keywords. We were using them
because it was a common usage with CVS but it is advised not to use them with
Subversion. Personnaly, it is a problem when I search differences between 2
Piwigo installations outside Subversion.

  • Property svn:eol-style set to LF
  • Property svn:keywords set to Author Date Id Revision
File size: 10.7 KB
Line 
1<?php
2// +-----------------------------------------------------------------------+
3// | Piwigo - a PHP based picture gallery                                  |
4// +-----------------------------------------------------------------------+
5// | Copyright(C) 2008      Piwigo Team                  http://piwigo.org |
6// | Copyright(C) 2003-2008 PhpWebGallery Team    http://phpwebgallery.net |
7// | Copyright(C) 2002-2003 Pierrick LE GALL   http://le-gall.net/pierrick |
8// +-----------------------------------------------------------------------+
9// | This program is free software; you can redistribute it and/or modify  |
10// | it under the terms of the GNU General Public License as published by  |
11// | the Free Software Foundation                                          |
12// |                                                                       |
13// | This program is distributed in the hope that it will be useful, but   |
14// | WITHOUT ANY WARRANTY; without even the implied warranty of            |
15// | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU      |
16// | General Public License for more details.                              |
17// |                                                                       |
18// | You should have received a copy of the GNU General Public License     |
19// | along with this program; if not, write to the Free Software           |
20// | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, |
21// | USA.                                                                  |
22// +-----------------------------------------------------------------------+
23
24// Next evolution...
25// Out of parameter WS management
26// The remainer objective is to check
27//  -  Does Web Service working properly?
28//  -  Does any access return something really?
29//     Give a way to check to the webmaster...
30// These questions are one of module name explanations (checker).
31
32if((!defined("PHPWG_ROOT_PATH")) or (!$conf['allow_web_services']))
33{
34  die('Hacking attempt!');
35}
36include_once(PHPWG_ROOT_PATH.'admin/include/functions.php');
37include_once(PHPWG_ROOT_PATH.'include/ws_functions.inc.php');
38
39/**
40 * official_req returns the managed requests list in array format
41 * FIXME A New list need to be build for ws_checker.php
42 * returns array of authrorized request/methods
43 * */
44function official_req()
45{
46  $official = array(                  /* Requests are limited to             */
47      'categories.'                          /* all categories. methods */
48    , 'categories.getImages'
49    , 'categories.getList'
50    , 'images.'                              /* all images. methods */
51    , 'images.getInfo'
52    , 'images.addComment'
53    , 'images.search'
54    , 'tags.'                                /* all tags. methods */
55    , 'tags.getImages'
56    , 'tags.getList'
57  );
58  if (function_exists('local_req')) {
59     $local = local_req();
60     return array_merge( $official, $local );
61  }
62  return $official;
63}
64
65/**
66 * check_target($string) verifies and corrects syntax of target parameter
67 * example : check_target(cat/23,24,24,24,25,27) returns cat/23-25,27
68 * */
69function check_target($list)
70{
71  if ( $list !== '' )
72  {
73    $type = explode('/',$list); // Find type list
74    if ( !in_array($type[0],array('list','cat','tag') ) )
75    {
76      $type[0] = 'list'; // Assume an id list
77    }
78    $ids = explode( ',',$type[1] );
79    $list = $type[0] . '/';
80
81    // 1,2,21,3,22,4,5,9-12,6,11,12,13,2,4,6,
82
83    $result = expand_id_list( $ids );
84
85    // 1,2,3,4,5,6,9,10,11,12,13,21,22,
86    // I would like
87    // 1-6,9-13,21-22
88    $serial[] = $result[0]; // To be shifted
89    foreach ($result as $k => $id)
90    {
91      $next_less_1 = (isset($result[$k + 1]))? $result[$k + 1] - 1:-1;
92      if ( $id == $next_less_1 and end($serial)=='-' )
93      { // nothing to do
94      }
95      elseif ( $id == $next_less_1 )
96      {
97        $serial[]=$id;
98        $serial[]='-';
99      }
100      else
101      {
102        $serial[]=$id;  // end serie or non serie
103      }
104    }
105    $null = array_shift($serial); // remove first value
106    $list .= array_shift($serial); // add the real first one
107    $separ = ',';
108    foreach ($serial as $id)
109    {
110      $list .= ($id=='-') ? '' : $separ . $id;
111      $separ = ($id=='-') ? '-':','; // add comma except if hyphen
112    }
113  }
114  return $list;
115}
116
117// +-----------------------------------------------------------------------+
118// | Check Access and exit when user status is not ok                      |
119// +-----------------------------------------------------------------------+
120check_status(ACCESS_ADMINISTRATOR);
121
122// accepted queries
123$req_type_list = official_req();
124
125//--------------------------------------------------------- update informations
126$chk_partner = '';
127// Is a new access required?
128
129if (isset($_POST['wsa_submit']))
130{
131// Check $_post (Some values are commented - maybe a future use)
132$add_partner = htmlspecialchars( $_POST['add_partner'], ENT_QUOTES);
133$add_target = check_target( $_POST['add_target']) ;
134$add_end = ( is_numeric($_POST['add_end']) ) ? $_POST['add_end']:0;
135$add_request = htmlspecialchars( $_POST['add_request'], ENT_QUOTES);
136$add_limit = ( is_numeric($_POST['add_limit']) ) ? $_POST['add_limit']:1; 
137$add_comment = htmlspecialchars( $_POST['add_comment'], ENT_QUOTES);
138if ( strlen($add_partner) < 8 )
139{ // TODO What? Complete with some MD5...
140}
141  $query = '
142INSERT INTO '.WEB_SERVICES_ACCESS_TABLE.'
143( `name` , `access` , `start` , `end` , `request` , `limit` , `comment` )
144VALUES (' . "
145  '$add_partner', '$add_target',
146  NOW(),
147  ADDDATE( NOW(), INTERVAL $add_end DAY),
148  '$add_request', '$add_limit', '$add_comment' );";
149
150  pwg_query($query);
151  $chk_partner = $add_partner;
152 
153  $template->append(
154    'update_results',
155    l10n('ws_adding_legend').l10n('ws_success_upd')
156  );
157}
158
159// Next, Update selected access
160if (isset($_POST['wsu_submit']))
161{
162  $upd_end = ( is_numeric($_POST['upd_end']) ) ? $_POST['upd_end']:0;
163  $settxt = ' end = ADDDATE(NOW(), INTERVAL '. $upd_end .' DAY)';
164
165  if ((isset($_POST['selection'])) and (trim($settxt) != ''))
166  {
167    $uid = (int) $_POST['selection'];
168    $query = '
169    UPDATE '.WEB_SERVICES_ACCESS_TABLE.'
170    SET '.$settxt.'
171    WHERE id = '.$uid.'; ';
172    pwg_query($query);
173    $template->append(
174      'update_results',
175      l10n('ws_update_legend').l10n('ws_success_upd')
176    );
177  } else {
178    $template->append(
179      'update_results',
180      l10n('ws_update_legend').l10n('ws_failed_upd')
181    );
182  }
183}
184// Next, Delete selected access
185
186if (isset($_POST['wsX_submit']))
187{
188  if ((isset($_POST['delete_confirmation']))
189   and (isset($_POST['selection'])))
190  {
191    $uid = (int) $_POST['selection'];
192    $query = 'DELETE FROM '.WEB_SERVICES_ACCESS_TABLE.'
193               WHERE id = '.$uid.'; ';
194    pwg_query($query);
195    $template->append(
196      'update_results',
197      l10n('ws_delete_legend').l10n('ws_success_upd')
198    );
199  } else {
200    $template->append(
201      'update_results',
202      l10n('Not selected / Not confirmed').l10n('ws_failed_upd')
203    );
204  } 
205}
206
207
208
209$template->assign(
210  array(
211    'U_HELP' => get_root_url().'popuphelp.php?page=web_service',   
212    )
213  );
214
215// Build where
216$where = '';
217$order = ' ORDER BY `id` DESC' ;
218
219$query = '
220SELECT *
221  FROM '.WEB_SERVICES_ACCESS_TABLE.'
222WHERE 1=1  '
223.$where.
224' '
225.$order.
226';';
227$result = pwg_query($query);
228$acc_list = mysql_num_rows($result);
229$result = pwg_query($query);
230// +-----------------------------------------------------------------------+
231// |                             template init                             |
232// +-----------------------------------------------------------------------+
233
234$template->set_filenames(
235  array(
236    'ws_checker' => 'admin/ws_checker.tpl'
237    )
238  );
239
240
241// Access List
242while ($row = mysql_fetch_array($result))
243{
244  $chk_partner = ( $chk_partner == '' ) ? $row['name'] : $chk_partner;
245  $template->append(
246    'access_list',
247     array(
248       'ID'               => $row['id'],
249       'NAME'             => 
250         (is_adviser()) ? '*********' : $row['name'],       
251       'TARGET'           => $row['access'],
252       'END'              => $row['end'],
253       'REQUEST'          => $row['request'],
254       'LIMIT'            => $row['limit'],
255       'COMMENT'          => $row['comment'],
256     )
257  );
258}
259
260$template->assign('add_requests', $req_type_list);
261
262$template->assign('add_limits', $conf['ws_allowed_limit'] );
263
264// Postponed Start Date
265// By default 0, 1, 2, 3, 5, 7, 14 or 30 days
266/*foreach ($conf['ws_postponed_start'] as $value) {
267  $template->assign_block_vars(
268    'add_start',
269     array(
270       'VALUE'=> $value,
271       'CONTENT' => $value,
272       'SELECTED' => ($conf['ws_postponed_start'][0] == $value) ? $selected:'',
273     )
274  );
275}*/
276
277// Durations (Allowed Web Services Period)
278// By default 10, 5, 2, 1 year(s) or 6, 3, 1 month(s) or 15, 10, 7, 5, 1, 0 day(s)
279$template->assign('add_ends', $conf['ws_durations']);
280
281if ( $chk_partner !== '' )
282{
283  if (function_exists('curl_init'))
284  {
285    $request = get_absolute_root_url().'ws.php?method=pwg.getVersion&format=rest&'
286             . "partner=$chk_partner" ;
287    $session = curl_init($request);
288    curl_setopt ($session, CURLOPT_POST, true);
289    curl_setopt($session, CURLOPT_HEADER, true);
290    curl_setopt($session, CURLOPT_RETURNTRANSFER, true);
291    $response = curl_exec($session);
292    curl_close($session);
293    $status_code = array();
294    preg_match('/\d\d\d/', $response, $status_code);
295    switch( $status_code[0] ) {
296        case 200:
297        $ws_status = l10n('Web Services under control');
298                break;
299        case 503:
300                $ws_status = 'PhpWebGallery Web Services failed and returned an '
301                   . 'HTTP status of 503. Service is unavailable. An internal '
302                   . 'problem prevented us from returning data to you.';
303                break;
304        case 403:
305                $ws_status = 'PhpWebGallery Web Services failed and returned an '
306                   . 'HTTP status of 403. Access is forbidden. You do not have '
307                   . 'permission to access this resource, or are over '
308                   . 'your rate limit.';
309                break;
310        case 400:
311                // You may want to fall through here and read the specific XML error
312                $ws_status = 'PhpWebGallery Web Services failed and returned an '
313                   . 'HTTP status of 400. Bad request. The parameters passed '
314                   . 'to the service did not match as expected. The exact '
315                   . 'error is returned in the XML response.';
316                break;
317        default:
318                $ws_status = 'PhpWebGallery Web Services returned an unexpected HTTP '
319                   . 'status of:' . $status_code[0];
320    }
321  }
322  else
323  {
324    $ws_status = 'Cannot check - curl not installed';
325  }
326  $template->assign( 'WS_STATUS', $ws_status );
327}
328
329//----------------------------------------------------------- sending html code
330
331$template->assign_var_from_handle('ADMIN_CONTENT', 'ws_checker');
332
333include_once(PHPWG_ROOT_PATH.'include/ws_core.inc.php');
334?>
Note: See TracBrowser for help on using the repository browser.