Context Navigation

source: tags/build-Alligator02/admin/ws_checker.php @ 18245

Last change on this file since 18245 was 1781, checked in by rvelices, 17 years ago

web services:

respect confallow_web_services
added confws_max_images_per_page to limit the number of images returned per web call
fixes for Vincent's partners
added comments

Property svn:eol-style set to native
Property svn:keywords set to Author Date Id Revision

File size: 10.6 KB

Line
1	<?php
2	// +-----------------------------------------------------------------------+
3	// \| PhpWebGallery - a PHP based picture gallery \|
4	// \| Copyright (C) 2002-2003 Pierrick LE GALL - pierrick@phpwebgallery.net \|
5	// \| Copyright (C) 2003-2007 PhpWebGallery Team - http://phpwebgallery.net \|
6	// +-----------------------------------------------------------------------+
7	// \| branch : BSF (Best So Far)
8	// \| file : $RCSfile$
9	// \| last update : $Date: 2007-02-06 01:02:06 +0000 (Tue, 06 Feb 2007) $
10	// \| last modifier : $Author: rvelices $
11	// \| revision : $Revision: 1781 $
12	// +-----------------------------------------------------------------------+
13	// \| This program is free software; you can redistribute it and/or modify \|
14	// \| it under the terms of the GNU General Public License as published by \|
15	// \| the Free Software Foundation \|
16	// \| \|
17	// \| This program is distributed in the hope that it will be useful, but \|
18	// \| WITHOUT ANY WARRANTY; without even the implied warranty of \|
19	// \| MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU \|
20	// \| General Public License for more details. \|
21	// \| \|
22	// \| You should have received a copy of the GNU General Public License \|
23	// \| along with this program; if not, write to the Free Software \|
24	// \| Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, \|
25	// \| USA. \|
26	// +-----------------------------------------------------------------------+
27
28	// Next evolution...
29	// Out of parameter WS management
30	// The remainer objective is to check
31	// - Does Web Service working properly?
32	// - Does any access return something really?
33	// Give a way to check to the webmaster...
34	// These questions are one of module name explanations (checker).
35
36	if((!defined("PHPWG_ROOT_PATH")) or (!$conf['allow_web_services']))
37	{
38	die('Hacking attempt!');
39	}
40	include_once(PHPWG_ROOT_PATH.'admin/include/functions.php');
41	include_once(PHPWG_ROOT_PATH.'include/ws_functions.inc.php');
42
43	/**
44	* official_req returns the managed requests list in array format
45	* FIXME A New list need to be build for ws_checker.php
46	* returns array of authrorized request/methods
47	* */
48	function official_req()
49	{
50	$official = array( /* Requests are limited to */
51	'categories.' /* all categories. methods */
52	, 'categories.getImages' /* <= see */
53	, 'categories.getList' /* <= see */
54	, 'images.' /* all images. methods */
55	, 'images.getInfo' /* <= see */
56	, 'tags.' /* all tags. methods */
57	, 'tags.getImages' /* <= see */
58	, 'tags.getList' /* <= see */
59	);
60	if (function_exists('local_req')) {
61	$local = local_req();
62	return array_merge( $official, $local );
63	}
64	return $official;
65	}
66
67	/**
68	* check_target($string) verifies and corrects syntax of target parameter
69	* example : check_target(cat/23,24,24,24,25,27) returns cat/23-25,27
70	* */
71	function check_target($list)
72	{
73	if ( $list !== '' )
74	{
75	$type = explode('/',$list); // Find type list
76	if ( !in_array($type[0],array('list','cat','tag') ) )
77	{
78	$type[0] = 'list'; // Assume an id list
79	}
80	$ids = explode( ',',$type[1] );
81	$list = $type[0] . '/';
82
83	// 1,2,21,3,22,4,5,9-12,6,11,12,13,2,4,6,
84
85	$result = expand_id_list( $ids );
86
87	// 1,2,3,4,5,6,9,10,11,12,13,21,22,
88	// I would like
89	// 1-6,9-13,21-22
90	$serial[] = $result[0]; // To be shifted
91	foreach ($result as $k => $id)
92	{
93	$next_less_1 = (isset($result[$k + 1]))? $result[$k + 1] - 1:-1;
94	if ( $id == $next_less_1 and end($serial)=='-' )
95	{ // nothing to do
96	}
97	elseif ( $id == $next_less_1 )
98	{
99	$serial[]=$id;
100	$serial[]='-';
101	}
102	else
103	{
104	$serial[]=$id; // end serie or non serie
105	}
106	}
107	$null = array_shift($serial); // remove first value
108	$list .= array_shift($serial); // add the real first one
109	$separ = ',';
110	foreach ($serial as $id)
111	{
112	$list .= ($id=='-') ? '' : $separ . $id;
113	$separ = ($id=='-') ? '-':','; // add comma except if hyphen
114	}
115	}
116	return $list;
117	}
118
119	// +-----------------------------------------------------------------------+
120	// \| Check Access and exit when user status is not ok \|
121	// +-----------------------------------------------------------------------+
122	check_status(ACCESS_ADMINISTRATOR);
123
124	// accepted queries
125	$req_type_list = official_req();
126
127	//--------------------------------------------------------- update informations
128
129	// Is a new access required?
130
131	if (isset($_POST['wsa_submit']))
132	{
133	// Check $_post (Some values are commented - maybe a future use)
134	$add_partner = htmlspecialchars( $_POST['add_partner'], ENT_QUOTES);
135	$add_target = check_target( $_POST['add_target']) ;
136	$add_end = ( is_numeric($_POST['add_end']) ) ? $_POST['add_end']:0;
137	$add_request = htmlspecialchars( $_POST['add_request'], ENT_QUOTES);
138	$add_high = 'true'; // ( $_POST['add_high'] == 'true' ) ? 'true':'false';
139	$add_normal = 'true'; // ( $_POST['add_normal'] == 'true' ) ? 'true':'false';
140	$add_limit = ( is_numeric($_POST['add_limit']) ) ? $_POST['add_limit']:1;
141	$add_comment = htmlspecialchars( $_POST['add_comment'], ENT_QUOTES);
142	if ( strlen($add_partner) < 8 )
143	{ // TODO What? Complete with some MD5...
144	}
145	$query = '
146	INSERT INTO '.WEB_SERVICES_ACCESS_TABLE.'
147	( `name` , `access` , `start` , `end` , `request` ,
148	`high` , `normal` , `limit` , `comment` )
149	VALUES (' . "
150	'$add_partner', '$add_target',
151	NOW(),
152	ADDDATE( NOW(), INTERVAL $add_end DAY),
153	'$add_request', '$add_high', '$add_normal', '$add_limit', '$add_comment' );";
154
155	pwg_query($query);
156
157	$template->assign_block_vars(
158	'update_result',
159	array(
160	'UPD_ELEMENT'=> $lang['ws_adding_legend'].$lang['ws_success_upd'],
161	)
162	);
163	}
164
165	// Next, Update selected access
166	if (isset($_POST['wsu_submit']))
167	{
168	$upd_end = ( is_numeric($_POST['upd_end']) ) ? $_POST['upd_end']:0;
169	$settxt = ' end = ADDDATE(NOW(), INTERVAL '. $upd_end .' DAY)';
170
171	if ((isset($_POST['selection'])) and (trim($settxt) != ''))
172	{
173	$uid = (int) $_POST['selection'];
174	$query = '
175	UPDATE '.WEB_SERVICES_ACCESS_TABLE.'
176	SET '.$settxt.'
177	WHERE id = '.$uid.'; ';
178	pwg_query($query);
179	$template->assign_block_vars(
180	'update_result',
181	array(
182	'UPD_ELEMENT'=> $lang['ws_update_legend'].$lang['ws_success_upd'],
183	)
184	);
185	} else {
186	$template->assign_block_vars(
187	'update_result',
188	array(
189	'UPD_ELEMENT'=> $lang['ws_update_legend'].$lang['ws_failed_upd'],
190	)
191	);
192	}
193	}
194	// Next, Delete selected access
195
196	if (isset($_POST['wsX_submit']))
197	{
198	if ((isset($_POST['delete_confirmation']))
199	and (isset($_POST['selection'])))
200	{
201	$uid = (int) $_POST['selection'];
202	$query = 'DELETE FROM '.WEB_SERVICES_ACCESS_TABLE.'
203	WHERE id = '.$uid.'; ';
204	pwg_query($query);
205	$template->assign_block_vars(
206	'update_result',
207	array(
208	'UPD_ELEMENT'=> $lang['ws_delete_legend'].$lang['ws_success_upd'],
209	)
210	);
211	} else {
212	$template->assign_block_vars(
213	'update_result',
214	array(
215	'UPD_ELEMENT'=> $lang['Not selected / Not confirmed']
216	.$lang['ws_failed_upd'],
217	)
218	);
219	}
220	}
221
222
223
224	$template->assign_vars(
225	array(
226	'DEFLT_HIGH_YES' => '',
227	'DEFLT_HIGH_NO' => 'checked',
228	'DEFLT_NORMAL_YES' => '',
229	'DEFLT_NORMAL_NO' => 'checked',
230	'U_HELP' => PHPWG_ROOT_PATH.'popuphelp.php?page=web_service',
231	)
232	);
233
234	// Build where
235	$where = '';
236	$order = ' ORDER BY `id` DESC' ;
237
238	$query = '
239	SELECT *
240	FROM '.WEB_SERVICES_ACCESS_TABLE.'
241	WHERE 1=1 '
242	.$where.
243	' '
244	.$order.
245	';';
246	$result = pwg_query($query);
247	$acc_list = mysql_num_rows($result);
248	$result = pwg_query($query);
249	// +-----------------------------------------------------------------------+
250	// \| template init \|
251	// +-----------------------------------------------------------------------+
252
253	$template->set_filenames(
254	array(
255	'ws_checker' => 'admin/ws_checker.tpl'
256	)
257	);
258
259	$selected = 'selected="selected"';
260	$num=0;
261	if ( $acc_list > 0 )
262	{
263	$template->assign_block_vars(
264	'acc_list', array() );
265	}
266
267	// Access List
268	while ($row = mysql_fetch_array($result))
269	{
270	$num++;
271	$template->assign_block_vars(
272	'acc_list.access',
273	array(
274	'CLASS' => ($num % 2 == 1) ? 'row1' : 'row2',
275	'ID' => $row['id'],
276	'NAME' =>
277	(is_adviser()) ? '*********' : $row['name'],
278	'TARGET' => $row['access'],
279	'END' => $row['end'],
280	'REQUEST' => $row['request'],
281	'LIMIT' => $row['limit'],
282	'COMMENT' => $row['comment'],
283	'SELECTED' => '',
284	)
285	);
286	}
287
288	$template->assign_block_vars(
289	'add_request',
290	array(
291	'VALUE'=> '',
292	'CONTENT' => '',
293	'SELECTED' => $selected,
294	)
295	);
296	foreach ($req_type_list as $value) {
297
298	$template->assign_block_vars(
299	'add_request',
300	array(
301	'VALUE'=> $value,
302	'CONTENT' => $value,
303	'SELECTED' => '',
304	)
305	);
306	}
307
308	foreach ($conf['ws_allowed_limit'] as $value) {
309	$template->assign_block_vars(
310	'add_limit',
311	array(
312	'VALUE'=> $value,
313	'CONTENT' => $value,
314	'SELECTED' => ($conf['ws_allowed_limit'][0] == $value) ? $selected:'',
315	)
316	);
317	}
318
319	// Postponed Start Date
320	// By default 0, 1, 2, 3, 5, 7, 14 or 30 days
321	foreach ($conf['ws_postponed_start'] as $value) {
322	$template->assign_block_vars(
323	'add_start',
324	array(
325	'VALUE'=> $value,
326	'CONTENT' => $value,
327	'SELECTED' => ($conf['ws_postponed_start'][0] == $value) ? $selected:'',
328	)
329	);
330	}
331
332	// Durations (Allowed Web Services Period)
333	// By default 10, 5, 2, 1 year(s) or 6, 3, 1 month(s) or 15, 10, 7, 5, 1, 0 day(s)
334	foreach ($conf['ws_durations'] as $value) {
335	$template->assign_block_vars(
336	'add_end',
337	array(
338	'VALUE'=> $value,
339	'CONTENT' => $value,
340	'SELECTED' => ($conf['ws_durations'][3] == $value) ? $selected:'',
341	)
342	);
343	if ( $acc_list > 0 )
344	{
345	$template->assign_block_vars(
346	'acc_list.upd_end',
347	array(
348	'VALUE'=> $value,
349	'CONTENT' => $value,
350	'SELECTED' => ($conf['ws_durations'][3] == $value) ? $selected:'',
351	)
352	);
353	}
354	}
355
356	//----------------------------------------------------------- sending html code
357
358	$template->assign_var_from_handle('ADMIN_CONTENT', 'ws_checker');
359	?>

Note: See TracBrowser for help on using the repository browser.

Download in other formats: