Changeset 1781
- Timestamp:
- Feb 6, 2007, 2:02:06 AM (17 years ago)
- Location:
- trunk
- Files:
-
- 5 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/admin/ws_checker.php
r1760 r1781 39 39 } 40 40 include_once(PHPWG_ROOT_PATH.'admin/include/functions.php'); 41 include_once(PHPWG_ROOT_PATH.'include/ws_functions.inc.php'); 41 42 42 43 /** 43 * include ws_functions in only managed from ws_checker but 44 * if ws_methods would be generalized in the code this one would be promoted 45 * somewhere else... Maybe very soon because it can be in plugins. 46 * */ 47 include_once( PHPWG_ROOT_PATH .'include/ws_functions.inc.php' ); 44 * official_req returns the managed requests list in array format 45 * FIXME A New list need to be build for ws_checker.php 46 * returns array of authrorized request/methods 47 * */ 48 function official_req() 49 { 50 $official = array( /* Requests are limited to */ 51 'categories.' /* all categories. methods */ 52 , 'categories.getImages' /* <= see */ 53 , 'categories.getList' /* <= see */ 54 , 'images.' /* all images. methods */ 55 , 'images.getInfo' /* <= see */ 56 , 'tags.' /* all tags. methods */ 57 , 'tags.getImages' /* <= see */ 58 , 'tags.getList' /* <= see */ 59 ); 60 if (function_exists('local_req')) { 61 $local = local_req(); 62 return array_merge( $official, $local ); 63 } 64 return $official; 65 } 66 67 /** 68 * check_target($string) verifies and corrects syntax of target parameter 69 * example : check_target(cat/23,24,24,24,25,27) returns cat/23-25,27 70 * */ 71 function check_target($list) 72 { 73 if ( $list !== '' ) 74 { 75 $type = explode('/',$list); // Find type list 76 if ( !in_array($type[0],array('list','cat','tag') ) ) 77 { 78 $type[0] = 'list'; // Assume an id list 79 } 80 $ids = explode( ',',$type[1] ); 81 $list = $type[0] . '/'; 82 83 // 1,2,21,3,22,4,5,9-12,6,11,12,13,2,4,6, 84 85 $result = expand_id_list( $ids ); 86 87 // 1,2,3,4,5,6,9,10,11,12,13,21,22, 88 // I would like 89 // 1-6,9-13,21-22 90 $serial[] = $result[0]; // To be shifted 91 foreach ($result as $k => $id) 92 { 93 $next_less_1 = (isset($result[$k + 1]))? $result[$k + 1] - 1:-1; 94 if ( $id == $next_less_1 and end($serial)=='-' ) 95 { // nothing to do 96 } 97 elseif ( $id == $next_less_1 ) 98 { 99 $serial[]=$id; 100 $serial[]='-'; 101 } 102 else 103 { 104 $serial[]=$id; // end serie or non serie 105 } 106 } 107 $null = array_shift($serial); // remove first value 108 $list .= array_shift($serial); // add the real first one 109 $separ = ','; 110 foreach ($serial as $id) 111 { 112 $list .= ($id=='-') ? '' : $separ . $id; 113 $separ = ($id=='-') ? '-':','; // add comma except if hyphen 114 } 115 } 116 return $list; 117 } 48 118 49 119 // +-----------------------------------------------------------------------+ -
trunk/include/config_default.inc.php
r1767 r1781 589 589 // +-----------------------------------------------------------------------+ 590 590 591 // Web services are allowed (true) or completely forbidden (false) 592 $conf['allow_web_services'] = true; 593 594 // Maximum number of images to be returned foreach call to the web service 595 $conf['ws_max_images_per_page'] = 500; 596 591 597 // On Access control false 592 598 // Controls are done on public basis or 593 599 // if connected on member authorization basis 594 595 $conf['ws_access_control'] = false; 600 $conf['ws_access_control'] = false; 596 601 597 602 // On Access control true 598 603 // Additionnal controls are made based on Web Service Access Table 599 600 // Web services are accepted601 $conf['allow_web_services'] = true;602 604 603 605 // Max returned rows number ( > 0 ) -
trunk/include/ws_core.inc.php
-
Property
svn:keywords
set to
Author Date Id Revision
r1768 r1781 4 4 // | Copyright (C) 2003-2007 PhpWebGallery Team - http://phpwebgallery.net | 5 5 // +-----------------------------------------------------------------------+ 6 // | branch : BSF (Best So Far) 7 // | file : $URL: svn+ssh://rvelices@svn.gna.org/svn/phpwebgallery/trunk/action.php $ 8 // | last update : $Date: 2006-12-21 18:49:12 -0500 (Thu, 21 Dec 2006) $ 9 // | last modifier : $Author: rvelices $ 10 // | revision : $Rev: 1678 $ 6 // | file : $Id$ 7 // | last update : $Date$ 8 // | last modifier : $Author$ 9 // | revision : $Revision$ 11 10 // +-----------------------------------------------------------------------+ 12 11 // | This program is free software; you can redistribute it and/or modify | … … 143 142 * @author Tom Buskens <ortega@php.net> 144 143 * @author Aidan Lister <aidan@php.net> 145 * @version $Revision : 1.7$144 * @version $Revision$ 146 145 * @since PHP 5 147 146 * @require PHP 4.0.6 (is_callable) … … 557 556 $this->makeArrayParam( $the_param ); 558 557 } 558 if ( isset($options['maxValue']) and $the_param>$options['maxValue']) 559 { 560 $the_param = $options['maxValue']; 561 } 559 562 $params[$name] = $the_param; 560 563 } -
Property
svn:keywords
set to
-
trunk/include/ws_functions.inc.php
-
Property
svn:keywords
changed from
Author Date Id Rev URL
toAuthor Date Id Revision URL
r1777 r1781 8 8 // | last update : $Date$ 9 9 // | last modifier : $Author$ 10 // | revision : $Rev $10 // | revision : $Revision$ 11 11 // +-----------------------------------------------------------------------+ 12 12 // | This program is free software; you can redistribute it and/or modify | … … 34 34 { 35 35 global $conf, $calling_partner_id; 36 if ( !$conf['ws_access_control']) 36 if ( !$conf['ws_access_control'] 37 or strpos($methodName,'reflection.')===0 ) 37 38 { 38 39 return $res; // No controls are requested … … 46 47 if ( empty($row) ) 47 48 { 48 return new PwgError(403, 'Partner id does not exist'); 49 } 49 return new PwgError(403, 'Partner id does not exist or is expired'); 50 } 51 if ( !empty($row['request']) 52 and strpos($methodName, $row['request'])==false ) 53 { 54 return new PwgError(403, 'Method not allowed'); 55 } 56 50 57 return $res; 51 58 } … … 54 61 * ws_addControls 55 62 * returns additionnal controls if requested 56 * usable for 99% of Web Service methods 57 * 58 * - Args 63 * usable for 99% of Web Service methods 64 * 65 * - Args 59 66 * $methodName: is the requested method 60 67 * $partner: is the key 61 68 * $tbl_name: is the alias_name in the query (sometimes called correlation name) 62 * null if !getting picture informations 69 * null if !getting picture informations 63 70 * - Logic 64 * Access_control is not active: Return 65 * Key is incorrect: Return 0 = 1 (False condition for MySQL) 66 * One of Params doesn't match with type of request: return 0 = 1 again 71 * Access_control is not active: Return 72 * Key is incorrect: Return 0 = 1 (False condition for MySQL) 73 * One of Params doesn't match with type of request: return 0 = 1 again 67 74 * Access list(id/cat/tag) is converted in expended image-id list 68 75 * image-id list: converted to an in-where-clause 69 * 76 * 70 77 * The additionnal in-where-clause is return 71 */ 72 function ws_addControls( $methodName, $tbl_name )73 { 74 global $conf, $calling_partner_id , $params;75 if ( !$conf['ws_access_control'] )76 { 77 return ' 1 = 1 '; // No controls are requested78 } 79 80 // Is it an active Partner? 78 */ 79 function ws_addControls( $methodName, &$params, $tbl_name ) 80 { 81 global $conf, $calling_partner_id; 82 if ( !$conf['ws_access_control'] or !isset($calling_partner_id) ) 83 { 84 return '1=1'; // No controls are requested 85 } 86 87 // Is it an active Partner? 81 88 $query = ' 82 89 SELECT * FROM '.WEB_SERVICES_ACCESS_TABLE." … … 85 92 $result = pwg_query($query); 86 93 if ( mysql_num_rows( $result ) == 0 ) 87 { 88 return ' 0 = 1'; // Unknown partner or Obsolate agreement89 } 90 94 { 95 return '0=1'; // Unknown partner or Obsolate agreement 96 } 97 91 98 $row = mysql_fetch_array($result); 92 99 93 // Method / Request matching 94 // Generic is not ready 95 // For generic you can say... tags. or categories. or images. maybe? 96 $filter = $row['request']; 97 $request_method = substr($methodName, 0, strlen($filter)) ; 98 if ( $filter !== $filter_method ) 99 { 100 return ' 0 = 1'; // Unauthorized method request 101 } 102 // Overide general object limit 100 // Overide general object limit 103 101 $params['per_page'] = $row['limit']; 104 102 105 103 // Target restrict 106 104 // 3 cases: list, cat or tag … … 109 107 list($type, $str_ids) = explode('/',$target); // Find type list 110 108 111 $ids = explode( ',',$str_ids );112 109 // (array) 1,2,21,3,22,4,5,9-12,6,11,12,13,2,4,6, 113 $arr_ids = expand_id_list( $ids);114 $addings = implode(',', $arr_ids); 115 // (string) 1,2,3,4,5,6,9,10,11,12,13,21,22, 116 if ( $type = 'list')110 $arr_ids = expand_id_list( explode( ',',$str_ids ) ); 111 $addings = implode(',', $arr_ids); 112 // (string) 1,2,3,4,5,6,9,10,11,12,13,21,22, 113 if ( $type == 'list') 117 114 { 118 115 return $tbl_name . 'id IN ( ' . $addings . ' ) '; 119 116 } 120 121 if ( $type = 'cat' )117 118 if ( $type == 'cat' ) 122 119 { 123 120 $addings = implode(',', get_image_ids_for_cats($arr_ids)); 124 121 return $tbl_name . 'id IN ( ' . $addings . ' ) '; 125 122 } 126 127 if ( $type = 'tag' )128 { 123 124 if ( $type == 'tag' ) 125 { 129 126 $addings = implode(',', get_image_ids_for_tags($arr_ids, 'OR')); 130 127 return $tbl_name . 'id IN ( ' . $addings . ' ) '; 131 128 } 132 129 // Unmanaged new type? 133 return ' 0 = 1 '; // ??? 130 return ' 0 = 1 '; // ??? 134 131 } 135 132 … … 248 245 249 246 247 /** 248 * returns PWG version (web service method) 249 */ 250 250 function ws_getVersion($params, &$service) 251 251 { … … 254 254 } 255 255 256 /** 257 * returns images per category (wb service method) 256 257 /** 258 * returns images per category (web service method) 258 259 */ 259 260 function ws_categories_getImages($params, &$service) … … 309 310 .implode(',', array_keys($cats) ) 310 311 .')'; 311 312 $where_clause[] = 313 ws_addControls( 'categories.getImages', 'i.' ); 314 312 $where_clauses[] = get_sql_condition_FandF( array( 313 'visible_images' => 'i.id' 314 ), null, true 315 ); 316 $where_clauses[] = ws_addControls( 'categories.getImages', $params, 'i.' ); 317 315 318 $order_by = ws_std_image_sql_order($params, 'i.'); 316 319 if (empty($order_by)) … … 397 400 } 398 401 399 /** 400 * returns a list of categories 402 403 /** 404 * returns a list of categories (web service method) 401 405 */ 402 406 function ws_categories_getList($params, &$service) … … 467 471 } 468 472 473 474 /** 475 * returns detailed information for an element (web service method) 476 */ 469 477 function ws_images_getInfo($params, &$service) 470 478 { … … 476 484 return new PwgError(WS_ERR_INVALID_PARAM, "Invalid image_id"); 477 485 } 478 486 479 487 $query=' 480 488 SELECT * FROM '.IMAGES_TABLE.' … … 484 492 ' AND' 485 493 ).' AND '. 486 ws_addControls( 'images.getInfo', '' ).'494 ws_addControls( 'images.getInfo', $params, '' ).' 487 495 LIMIT 1;'; 488 496 … … 601 609 602 610 611 /** 612 * perform a login (web service method) 613 */ 603 614 function ws_session_login($params, &$service) 604 615 { … … 616 627 } 617 628 629 630 /** 631 * performs a logout (web service method) 632 */ 618 633 function ws_session_logout($params, &$service) 619 634 { … … 643 658 644 659 660 /** 661 * returns a list of tags (web service method) 662 */ 645 663 function ws_tags_getList($params, &$service) 646 664 { … … 670 688 } 671 689 690 691 /** 692 * returns a list of images for tags (web service method) 693 */ 672 694 function ws_tags_getImages($params, &$service) 673 695 { … … 710 732 $image_ids = array(); 711 733 $image_tag_map = array(); 712 734 713 735 if ( !empty($tag_ids) ) 714 736 { // build list of image ids with associated tags per image … … 748 770 ); 749 771 $where_clauses[] = 'id IN ('.implode(',',$image_ids).')'; 750 $where_clause[] = 751 ws_addControls( 'tags.getImages', 'i.' ); 772 $where_clauses[] = ws_addControls( 'tags.getImages', $params, 'i.' ); 752 773 753 774 $order_by = ws_std_image_sql_order($params); … … 831 852 } 832 853 833 /**834 * official_req returns the managed requests list in array format835 * FIXME A New list need to be build for ws_checker.php836 * returns array of authrorized request/methods837 * */838 function official_req()839 {840 $official = array( /* Requests are limited to */841 'categories.' /* all categories. methods */842 , 'categories.getImages' /* <= see */843 , 'categories.getList' /* <= see */844 , 'images.' /* all images. methods */845 , 'images.getInfo' /* <= see */846 , 'tags.' /* all tags. methods */847 , 'tags.getImages' /* <= see */848 , 'tags.getList' /* <= see */849 );850 if (function_exists('local_req')) {851 $local = local_req();852 return array_merge( $official, $local );853 }854 return $official;855 }856 854 857 855 /** 858 856 * expand_id_list($ids) convert a human list expression to a full ordered list 859 857 * example : expand_id_list( array(5,2-3,2) ) returns array( 2, 3, 5) 860 * */ 858 * */ 861 859 function expand_id_list($ids) 862 860 { 863 $tid = array(); 864 foreach ( $ids as $id ) 865 { 866 if ( is_numeric($id) ) 861 $tid = array(); 862 foreach ( $ids as $id ) 863 { 864 if ( is_numeric($id) ) 865 { 866 $tid[] = (int) $id; 867 } 868 else 869 { 870 $range = explode( '-', $id ); 871 if ( is_numeric($range[0]) and is_numeric($range[1]) ) 867 872 { 868 $tid[] = (int) $id; 869 } 870 else 871 { 872 $range = explode( '-', $id ); 873 if ( is_numeric($range[0]) and is_numeric($range[1]) ) 873 $from = min($range[0],$range[1]); 874 $to = max($range[0],$range[1]); 875 for ($i = $from; $i <= $to; $i++) 874 876 { 875 $from = min($range[0],$range[1]); 876 $to = max($range[0],$range[1]); 877 for ($i = $from; $i <= $to; $i++) 878 { 879 $tid[] = (int) $i; 880 } 877 $tid[] = (int) $i; 881 878 } 882 879 } 883 880 } 884 $result = array_unique ($tid); // remove duplicates... 885 sort ($result); 886 return $result; 887 } 888 889 /** 890 * check_target($string) verifies and corrects syntax of target parameter 891 * example : check_target(cat/23,24,24,24,25,27) returns cat/23-25,27 892 * */ 893 function check_target($list) 894 { 895 if ( $list !== '' ) 896 { 897 $type = explode('/',$list); // Find type list 898 if ( !in_array($type[0],array('list','cat','tag') ) ) 899 { 900 $type[0] = 'list'; // Assume an id list 901 } 902 $ids = explode( ',',$type[1] ); 903 $list = $type[0] . '/'; 904 905 // 1,2,21,3,22,4,5,9-12,6,11,12,13,2,4,6, 906 907 $result = expand_id_list( $ids ); 908 909 // 1,2,3,4,5,6,9,10,11,12,13,21,22, 910 // I would like 911 // 1-6,9-13,21-22 912 $serial[] = $result[0]; // To be shifted 913 foreach ($result as $k => $id) 914 { 915 $next_less_1 = (isset($result[$k + 1]))? $result[$k + 1] - 1:-1; 916 if ( $id == $next_less_1 and end($serial)=='-' ) 917 { // nothing to do 918 } 919 elseif ( $id == $next_less_1 ) 920 { 921 $serial[]=$id; 922 $serial[]='-'; 923 } 924 else 925 { 926 $serial[]=$id; // end serie or non serie 927 } 928 } 929 $null = array_shift($serial); // remove first value 930 $list .= array_shift($serial); // add the real first one 931 $separ = ','; 932 foreach ($serial as $id) 933 { 934 $list .= ($id=='-') ? '' : $separ . $id; 935 $separ = ($id=='-') ? '-':','; // add comma except if hyphen 936 } 937 } 938 return $list; 939 } 881 } 882 $result = array_unique ($tid); // remove duplicates... 883 sort ($result); 884 return $result; 885 } 886 940 887 941 888 /** 942 889 * converts a cat-ids array in image-ids array 943 890 * FIXME Function which should already exist somewhere else 944 * */ 891 * */ 945 892 function get_image_ids_for_cats($cat_ids) 946 893 { … … 948 895 $ret_ids = array(); 949 896 $query = ' 950 SELECT DISTINCT image_id 897 SELECT DISTINCT image_id 951 898 FROM '.IMAGE_CATEGORY_TABLE.' 952 899 WHERE category_id in ('.$cat_list.') 953 900 ;'; 954 return $array_from_query($query, 'image_id');901 return array_from_query($query, 'image_id'); 955 902 } 956 903 -
Property
svn:keywords
changed from
-
trunk/ws.php
r1768 r1781 30 30 include_once(PHPWG_ROOT_PATH.'include/ws_core.inc.php'); 31 31 32 if ( !$conf['allow_web_services'] ) 33 { 34 page_forbidden('Web services are disabled'); 35 } 36 32 37 /** 33 38 * event handler that registers standard methods with the web service … … 36 41 { 37 42 include_once(PHPWG_ROOT_PATH.'include/ws_functions.inc.php'); 43 global $conf; 38 44 $service = &$arr[0]; 39 45 $service->addMethod('pwg.getVersion', 'ws_getVersion', null, … … 44 50 'cat_id'=>array('default'=>0, 'flags'=>WS_PARAM_FORCE_ARRAY), 45 51 'recursive'=>array('default'=>false), 46 'per_page' => array('default'=>100 ),52 'per_page' => array('default'=>100, 'maxValue'=>$conf['ws_max_images_per_page']), 47 53 'page' => array('default'=>0), 48 54 'order' => array('default'=>null), … … 91 97 'tag_name'=>array('default'=>null, 'flags'=>WS_PARAM_FORCE_ARRAY ), 92 98 'tag_mode_and'=>array('default'=>false), 93 'per_page' => array('default'=>100 ),99 'per_page' => array('default'=>100, 'maxValue'=>$conf['ws_max_images_per_page']), 94 100 'page' => array('default'=>0), 95 101 'order' => array('default'=>null),
Note: See TracChangeset
for help on using the changeset viewer.