Changeset 1849
- Timestamp:
- Feb 22, 2007, 2:12:32 AM (17 years ago)
- Location:
- trunk
- Files:
-
- 2 added
- 6 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/comments.php
r1814 r1849 110 110 if (isset($_GET['keyword']) and !empty($_GET['keyword'])) 111 111 { 112 // fors some odd reason comment content is htmlspecialchars in the database113 $keyword = addslashes(114 htmlspecialchars( stripslashes($_GET['keyword']), ENT_QUOTES)115 );116 112 $page['where_clauses'][] = 117 113 '('. -
trunk/include/common.inc.php
r1750 r1849 255 255 256 256 // default event handlers 257 add_event_handler('render_comment_content', 'htmlspecialchars'); 257 258 add_event_handler('render_comment_content', 'parse_comment_content'); 258 259 trigger_action('init'); -
trunk/include/picture_comment.inc.php
r1819 r1849 5 5 // | Copyright (C) 2003-2007 PhpWebGallery Team - http://phpwebgallery.net | 6 6 // +-----------------------------------------------------------------------+ 7 // | branch : BSF (Best So Far)8 7 // | file : $Id$ 9 8 // | last update : $Date$ … … 31 30 */ 32 31 33 //returns string action to perform on a new comment: validate, moderate, reject34 function user_comment_check($action, $comment, $picture)35 {36 global $conf,$user;37 38 if ($action=='reject')39 return $action;40 41 $my_action = $conf['comment_spam_reject'] ? 'reject':'moderate';42 if ($action==$my_action)43 return $action;44 45 // we do here only BASIC spam check (plugins can do more)46 if ( !$user['is_the_guest'] )47 return $action;48 49 $link_count = preg_match_all( '/https?:\/\//',50 $comment['content'], $matches);51 52 if ( $link_count>$conf['comment_spam_max_links'] )53 return $my_action;54 55 if ( isset($comment['ip']) and $conf['comment_spam_check_ip'] )56 {57 $rev_ip = implode( '.', array_reverse( explode('.',$comment['ip']) ) );58 $lookup = $rev_ip . '.sbl-xbl.spamhaus.org.';59 $res = gethostbyname( $lookup );60 if ( $lookup != $res )61 return $my_action;62 }63 64 return $action;65 }66 67 68 69 add_event_handler('user_comment_check', 'user_comment_check',70 EVENT_HANDLER_PRIORITY_NEUTRAL, 3);71 72 73 32 // the picture is commentable if it belongs at least to one category which 74 33 // is commentable … … 89 48 die ('Session expired'); 90 49 } 91 if (!$conf['comments_validation'] or is_admin()) 50 51 $comm = array( 52 'author' => trim( stripslashes(@$_POST['author']) ), 53 'content' => trim( stripslashes($_POST['content']) ), 54 'image_id' => $page['image_id'], 55 ); 56 57 include_once(PHPWG_ROOT_PATH.'include/functions_comment.inc.php'); 58 59 $comment_action = insert_user_comment( 60 $comm, @$_POST['key'], $page['image_id'], $infos 61 ); 62 63 switch ($comment_action) 92 64 { 93 $comment_action='validate'; //one of validate, moderate, reject 94 } 95 else 96 { 97 $comment_action='moderate'; //one of validate, moderate, reject 65 case 'moderate': 66 array_push( $infos, $lang['comment_to_validate'] ); 67 case 'validate': 68 array_push( $infos, $lang['comment_added']); 69 break; 70 case 'reject': 71 set_status_header(403); 72 array_push($infos, l10n('comment_not_added') ); 73 break; 74 default: 75 trigger_error('Invalid comment action '.$comment_action, E_USER_WARNING); 98 76 } 99 77 100 $_POST['content'] = trim( stripslashes($_POST['content']) ); 101 102 if ( $user['is_the_guest'] ) 78 foreach ($infos as $info) 103 79 { 104 $author = empty($_POST['author'])?'guest':$_POST['author']; 105 // if a guest try to use the name of an already existing user, he must be 106 // rejected 107 if ( $author != 'guest' ) 108 { 109 $query = 'SELECT COUNT(*) AS user_exists'; 110 $query.= ' FROM '.USERS_TABLE; 111 $query.= ' WHERE '.$conf['user_fields']['username']." = '".$author."'"; 112 $query.= ';'; 113 $row = mysql_fetch_assoc( pwg_query( $query ) ); 114 if ( $row['user_exists'] == 1 ) 115 { 116 $template->assign_block_vars( 117 'information', 118 array('INFORMATION'=>$lang['comment_user_exists'])); 119 $comment_action='reject'; 120 } 121 } 122 } 123 else 124 { 125 $author = $user['username']; 126 } 127 128 $comm = array( 129 'author' => $author, 130 'content' => $_POST['content'], 131 'image_id' => $page['image_id'], 132 'ip' => $_SERVER['REMOTE_ADDR'], 133 'agent' => $_SERVER['HTTP_USER_AGENT'] 134 ); 135 136 if ($comment_action!='reject' and empty($comm['content']) ) 137 { // empty comment content 138 $comment_action='reject'; 139 } 140 141 $key = explode(':', @$_POST['key']); 142 if ( count($key)!=2 143 or $key[0]>time()-2 // page must have been retrieved more than 2 sec ago 144 or $key[0]<time()-3600 // 60 minutes expiration 145 or hash_hmac('md5', $key[0], $conf['secret_key'])!=$key[1] 146 ) 147 { 148 $comment_action='reject'; 149 } 150 151 if ($comment_action!='reject' and $conf['anti-flood_time']>0 ) 152 { // anti-flood system 153 $reference_date = time() - $conf['anti-flood_time']; 154 $query = 'SELECT id FROM '.COMMENTS_TABLE; 155 $query.= ' WHERE date > FROM_UNIXTIME('.$reference_date.')'; 156 $query.= " AND author = '".$comm['author']."'"; 157 $query.= ';'; 158 if ( mysql_num_rows( pwg_query( $query ) ) > 0 ) 159 { 160 $template->assign_block_vars( 80 $template->assign_block_vars( 161 81 'information', 162 array('INFORMATION'=>$lang['comment_anti-flood'])); 163 $comment_action='reject'; 164 } 165 } 166 167 // perform more spam check 168 $comment_action = trigger_event('user_comment_check', 169 $comment_action, $comm, $picture['current'] 170 ); 171 172 if ( $comment_action!='reject' ) 173 { 174 list($dbnow) = mysql_fetch_row(pwg_query('SELECT NOW();')); 175 176 $data = $comm; 177 $data['date'] = $dbnow; 178 $data['content'] = addslashes( 179 // this htmlpsecialchars is not good here 180 htmlspecialchars($comm['content'],ENT_QUOTES) 82 array( 'INFORMATION'=>$info ) 181 83 ); 182 183 if ($comment_action=='validate')184 {185 $data['validated'] = 'true';186 $data['validation_date'] = $dbnow;187 }188 else189 {190 $data['validated'] = 'false';191 }192 193 include_once(PHPWG_ROOT_PATH.'admin/include/functions.php');194 $fields = array('author', 'date', 'image_id', 'content', 'validated',195 'validation_date');196 mass_inserts(COMMENTS_TABLE, $fields, array($data));197 $comm['id'] = mysql_insert_id();198 199 // information message200 $message = $lang['comment_added'];201 if ($comment_action!='validate')202 {203 $message.= '<br />'.$lang['comment_to_validate'];204 }205 $template->assign_block_vars('information',206 array('INFORMATION'=>$message));207 if ( ($comment_action=='validate' and $conf['email_admin_on_comment'])208 or $conf['email_admin_on_comment_validation'] )209 {210 include_once(PHPWG_ROOT_PATH.'include/functions_mail.inc.php');211 212 $del_url = get_absolute_root_url().'comments.php?delete='.$comm['id'];213 214 $content =215 'Author: '.$comm['author']."\n"216 .'Comment: '.$comm['content']."\n"217 .'IP: '.$comm['ip']."\n"218 .'Browser: '.$comm['agent']."\n\n"219 .'Delete: '.$del_url."\n";220 221 if ($comment_action!='validate')222 {223 $content .=224 'Validate: '.get_absolute_root_url()225 .'comments.php?validate='.$comm['id'];226 }227 228 pwg_mail229 (230 format_email('administrators', get_webmaster_mail_address()),231 array232 (233 'subject' => 'PWG comment by '.$comm['author'],234 'content' => $content,235 'Bcc' => get_administrators_email()236 )237 );238 }239 }240 else241 {242 set_status_header(403);243 $template->assign_block_vars('information',244 array('INFORMATION'=>l10n('comment_not_added') )245 );246 84 } 247 85 … … 336 174 or ($user['is_the_guest'] and $conf['comments_forall'])) 337 175 { 338 $key = time();339 $key .= ':'.hash_hmac('md5', $key, $conf['secret_key']);176 include_once(PHPWG_ROOT_PATH.'include/functions_comment.inc.php'); 177 $key = get_comment_post_key($page['image_id']); 340 178 $content = ''; 341 179 if ('reject'===@$comment_action) -
trunk/include/ws_functions.inc.php
r1845 r1849 33 33 { 34 34 global $conf, $calling_partner_id; 35 if ( !$conf['ws_access_control'] 36 or strpos($methodName,'reflection.')===0 ) 35 36 if ( strpos($methodName,'reflection.')===0 ) 37 { // OK for reflection 38 return $res; 39 } 40 41 if ( !is_autorize_status(ACCESS_GUEST) and 42 strpos($methodName,'pwg.session.')!==0 ) 43 { 44 return new PwgError(401, 'Access denied'); 45 } 46 47 if ( !$conf['ws_access_control'] ) 37 48 { 38 49 return $res; // No controls are requested … … 487 498 * returns detailed information for an element (web service method) 488 499 */ 500 function ws_images_addComment($params, &$service) 501 { 502 $params['image_id'] = (int)$params['image_id']; 503 $query = ' 504 SELECT DISTINCT image_id 505 FROM '.IMAGE_CATEGORY_TABLE.' INNER JOIN '.CATEGORIES_TABLE.' ON category_id=id 506 WHERE commentable="true" 507 AND image_id='.$params['image_id']. 508 get_sql_condition_FandF( 509 array( 510 'forbidden_categories' => 'id', 511 'visible_categories' => 'id', 512 'visible_images' => 'image_id' 513 ), 514 ' AND' 515 ); 516 if ( !mysql_num_rows( pwg_query( $query ) ) ) 517 { 518 return new PwgError(WS_ERR_INVALID_PARAM, "Invalid image_id"); 519 } 520 521 include_once(PHPWG_ROOT_PATH.'include/functions_comment.inc.php'); 522 523 $comm = array( 524 'author' => trim( stripslashes($params['author']) ), 525 'content' => trim( stripslashes($params['content']) ), 526 'image_id' => $params['image_id'], 527 ); 528 529 include_once(PHPWG_ROOT_PATH.'include/functions_comment.inc.php'); 530 531 $comment_action = insert_user_comment( 532 $comm, $params['key'], $infos 533 ); 534 535 switch ($comment_action) 536 { 537 case 'reject': 538 array_push($infos, l10n('comment_not_added') ); 539 return new PwgError(403, implode("\n", $infos) ); 540 case 'validate': 541 case 'moderate': 542 $ret = array( 543 'id' => $comm['id'], 544 'validation' => $comment_action=='validate', 545 ); 546 return new PwgNamedStruct( 547 'comment', 548 $ret, 549 null, array() 550 ); 551 default: 552 return new PwgError(500, "Unknown comment action ".$comment_action ); 553 } 554 } 555 556 /** 557 * returns detailed information for an element (web service method) 558 */ 489 559 function ws_images_getInfo($params, &$service) 490 560 { 491 561 @include_once(PHPWG_ROOT_PATH.'include/functions_picture.inc.php'); 492 global $user ;562 global $user, $conf; 493 563 $params['image_id'] = (int)$params['image_id']; 494 564 if ( $params['image_id']<=0 ) … … 516 586 //-------------------------------------------------------- related categories 517 587 $query = ' 518 SELECT c.id,c.name,c.uppercats,c.global_rank588 SELECT id,name,uppercats,global_rank,commentable 519 589 FROM '.IMAGE_CATEGORY_TABLE.' 520 INNER JOIN '.CATEGORIES_TABLE.' cON category_id = id590 INNER JOIN '.CATEGORIES_TABLE.' ON category_id = id 521 591 WHERE image_id = '.$image_row['id'].' 522 592 AND category_id NOT IN ('.$user['forbidden_categories'].') 523 593 ;'; 524 594 $result = pwg_query($query); 595 $is_commentable = false; 525 596 $related_categories = array(); 526 597 while ($row = mysql_fetch_assoc($result)) 527 598 { 599 if ($row['commentable']=='true') 600 { 601 $is_commentable = true; 602 } 603 unset($row['commentable']); 528 604 $row['url'] = make_index_url( 529 605 array( … … 541 617 ) 542 618 ); 619 $row['id']=(int)$row['id']; 543 620 array_push($related_categories, $row); 544 621 } … … 566 643 ); 567 644 unset($tag['counter']); 645 $tag['id']=(int)$tag['id']; 568 646 $related_tags[$i]=$tag; 569 647 } 570 //---------------------------------------------------------- related comments571 $query = '572 SELECT COUNT(id) nb_comments573 FROM '.COMMENTS_TABLE.'574 WHERE image_id = '.$image_row['id'];575 list($nb_comments) = array_from_query($query, 'nb_comments');576 577 $query = '578 SELECT id, date, author, content579 FROM '.COMMENTS_TABLE.'580 WHERE image_id = '.$image_row['id'].'581 AND validated="true"';582 $query .= '583 ORDER BY date DESC584 LIMIT 0, 5';585 586 $result = pwg_query($query);587 $related_comments = array();588 while ($row = mysql_fetch_assoc($result))589 {590 array_push($related_comments, $row);591 }592 593 648 //------------------------------------------------------------- related rates 594 649 $query = ' … … 599 654 WHERE element_id = '.$image_row['id'].' 600 655 ;'; 601 $row = mysql_fetch_assoc(pwg_query($query)); 656 $rating = mysql_fetch_assoc(pwg_query($query)); 657 $rating['count'] = (int)$rating['count']; 658 659 //---------------------------------------------------------- related comments 660 $related_comments = array(); 661 662 $where_comments = 'image_id = '.$image_row['id']; 663 if ( !is_admin() ) 664 { 665 $where_comments .= ' 666 AND validated="true"'; 667 } 668 669 $query = ' 670 SELECT COUNT(id) nb_comments 671 FROM '.COMMENTS_TABLE.' 672 WHERE '.$where_comments; 673 list($nb_comments) = array_from_query($query, 'nb_comments'); 674 $nb_comments = (int)$nb_comments; 675 676 if ( $nb_comments>0 and $params['comments_per_page']>0 ) 677 { 678 $query = ' 679 SELECT id, date, author, content 680 FROM '.COMMENTS_TABLE.' 681 WHERE '.$where_comments.' 682 ORDER BY date 683 LIMIT '.$params['comments_per_page']*(int)$params['comments_page']. 684 ','.$params['comments_per_page']; 685 686 $result = pwg_query($query); 687 while ($row = mysql_fetch_assoc($result)) 688 { 689 $row['id']=(int)$row['id']; 690 array_push($related_comments, $row); 691 } 692 } 693 694 $comment_post_data = null; 695 if ($is_commentable and 696 (!$user['is_the_guest'] 697 or ($user['is_the_guest'] and $conf['comments_forall'] ) 698 ) 699 ) 700 { 701 include_once(PHPWG_ROOT_PATH.'include/functions_comment.inc.php'); 702 $comment_post_data['author'] = $user['username']; 703 $comment_post_data['key'] = get_comment_post_key($params['image_id']); 704 } 602 705 603 706 $ret = $image_row; 604 $ret['rates'] = array( WS_XML_ATTRIBUTES => $row ); 707 foreach ( array('id','width','height','hit','filesize') as $k ) 708 { 709 if (isset($ret[$k])) 710 { 711 $ret[$k] = (int)$ret[$k]; 712 } 713 } 714 foreach ( array('path', 'storage_category_id') as $k ) 715 { 716 unset($ret[$k]); 717 } 718 719 $ret['rates'] = array( WS_XML_ATTRIBUTES => $rating ); 605 720 $ret['categories'] = new PwgNamedArray($related_categories, 'category', array('id','url', 'page_url') ); 606 721 $ret['tags'] = new PwgNamedArray($related_tags, 'tag', array('id','url_name','url','page_url') ); 722 if ( isset($comment_post_data) ) 723 { 724 $ret['comment_post'] = array( WS_XML_ATTRIBUTES => $comment_post_data ); 725 } 607 726 $ret['comments'] = array( 608 WS_XML_ATTRIBUTES => array('nb_comments' => $nb_comments), 609 WS_XML_CONTENT => new PwgNamedArray($related_comments, 'comment', array('id') ) 610 ); 611 unset($ret['path']); 612 unset($ret['storage_category_id']); 727 WS_XML_ATTRIBUTES => 728 array( 729 'page' => $params['comments_page'], 730 'per_page' => $params['comments_per_page'], 731 'count' => count($related_comments), 732 'nb_comments' => $nb_comments, 733 ), 734 WS_XML_CONTENT => new PwgNamedArray($related_comments, 'comment', array('id','date') ) 735 ); 613 736 614 737 return new PwgNamedStruct('image',$ret, null, array('name','comment') ); … … 769 892 function ws_session_getStatus($params, &$service) 770 893 { 771 global $user ;894 global $user, $lang_info; 772 895 $res = array(); 773 896 $res['username'] = $user['is_the_guest'] ? 'guest' : $user['username']; 774 $res['status'] = $user['status']; 897 foreach ( array('status', 'template', 'theme', 'language') as $k ) 898 { 899 $res[$k] = $user[$k]; 900 } 901 foreach ( array('charset') as $k ) 902 { 903 $res[$k] = $lang_info[$k]; 904 } 775 905 return $res; 776 906 } -
trunk/tools/ws.htm
r1698 r1849 1 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd"> 1 2 <html> 2 3 <head> … … 41 42 42 43 var gServiceUrl; 44 var gCurrentMethodParams; 43 45 44 46 Ajax.Responders.register({ … … 105 107 106 108 gServiceUrl = $F('ws_url'); 109 gCurrentMethodParams = null; 107 110 108 111 try { … … 138 141 setVisibility("methodDetailWrapper", "hidden"); 139 142 setVisibility("methodWrapper", "visible"); 143 gCurrentMethodParams = null; 140 144 141 145 try { … … 161 165 methodParamsElt.tBodies[0].deleteRow(methodParamsElt.tBodies[0].rows.length-1); 162 166 163 if (result.params && result.params.length>0) 164 { 165 for (var i=0; i<result.params.length; i++) 166 { 167 var row = methodParamsElt.tBodies[0].insertRow(-1); 168 var isOptional = result.params[i].optional; 169 var defaultValue = result.params[i].defaultValue == null ? '' : result.params[i].defaultValue; 170 171 row.insertCell(0).innerHTML = result.params[i].name; 172 row.insertCell(1).innerHTML = (isOptional ? 'optional':'required'); 173 row.insertCell(2).innerHTML = '<input id="methodParameterSend_'+i+'" type="checkbox" '+(isOptional ? '':'checked="checked"')+'/>'; 174 row.insertCell(3).innerHTML = '<input id="methodParameterName_'+i+'" type="hidden" value="'+result.params[i].name+'"/>' 175 +'<input id="methodParameterValue_'+i+'"" value="'+defaultValue+'" style="width:99%" onchange="$(\'methodParameterSend_'+i+'\').checked=true;"/>'; 176 } 167 if (result.params) 168 { 169 gCurrentMethodParams = result.params; 170 if (result.params.length>0) 171 { 172 for (var i=0; i<result.params.length; i++) 173 { 174 var row = methodParamsElt.tBodies[0].insertRow(-1); 175 var isOptional = result.params[i].optional; 176 var defaultValue = result.params[i].defaultValue == null ? '' : result.params[i].defaultValue; 177 178 row.insertCell(0).innerHTML = result.params[i].name; 179 row.insertCell(1).innerHTML = (isOptional ? 'optional':'required'); 180 row.insertCell(2).innerHTML = '<input id="methodParameterSend_'+i+'" type="checkbox" '+(isOptional ? '':'checked="checked"')+'/>'; 181 row.insertCell(3).innerHTML = '<input id="methodParameterValue_'+i+'"" value="'+defaultValue+'" style="width:99%" onchange="$(\'methodParameterSend_'+i+'\').checked=true;"/>'; 182 } 183 } 177 184 } 178 185 setElementText("methodDescription", result.description); … … 180 187 } 181 188 182 function pwgInvokeMethod( )189 function pwgInvokeMethod( newWindow ) 183 190 { 184 191 var method = document.getElementById('methodName').innerHTML; … … 190 197 { 191 198 reqUrl += "&method="+method; 192 var i=0; 193 do 199 for ( var i=0; i<gCurrentMethodParams.length; i++) 194 200 { 195 var elt = document.getElementById('methodParameterName_'+i);196 if (!elt) break;197 201 if (document.getElementById('methodParameterSend_'+i).checked) 198 reqUrl += '&'+elt.value+'='+$F('methodParameterValue_'+i); 199 i++; 202 reqUrl += '&'+gCurrentMethodParams[i].name+'='+$F('methodParameterValue_'+i); 200 203 } 201 while (1); 202 document.getElementById("invokeFrame").src = reqUrl; 204 if ( !newWindow ) 205 document.getElementById("invokeFrame").src = reqUrl; 206 else 207 window.open(reqUrl); 203 208 } 204 209 else … … 207 212 form.action = reqUrl; 208 213 var t = '<input type="hidden" name="'+'method'+'" value="'+method+'"/>'; 209 var i=0; 210 do 214 for ( var i=0; i<gCurrentMethodParams.length; i++) 211 215 { 212 var elt = document.getElementById('methodParameterName_'+i);213 if (!elt) break;214 216 if (document.getElementById('methodParameterSend_'+i).checked) 215 t += '<input type="hidden" name="'+elt.value+'" value="'+$F('methodParameterValue_'+i)+'"/>'; 216 i++; 217 t += '<input type="hidden" name="'+gCurrentMethodParams[i].name+'" value="'+$F('methodParameterValue_'+i)+'"/>'; 217 218 } 218 while (1);219 219 form.innerHTML = t; 220 if ( !newWindow ) 221 form.target = "invokeFrame"; 222 else 223 form.target = "_blank"; 220 224 form.submit(); 221 225 } … … 227 231 <style> 228 232 #methodListWrapper { 229 width: 1 6em;233 width: 13em; 230 234 float: left; 231 235 display: inline; … … 234 238 235 239 #methodList { 236 padding-left: 15px; 240 padding-left: 10px; 241 margin-left: 15px; 237 242 } 238 243 239 244 #methodWrapper { 240 margin-left: 1 6.5em;245 margin-left: 14em; 241 246 visibility: hidden; 242 247 } … … 256 261 #methodParams { 257 262 border-collapse: collapse; 258 } 263 font-size: small; 264 } 265 266 #methodParams input { 267 font-size: 90%; 268 border: 1px solid black; 269 text-indent: 2px; 270 } 271 272 273 a { 274 color: #02f; 275 background-color: white; 276 text-decoration: underline; 277 } 278 279 a:hover { 280 color: white; 281 background-color: #02f; 282 text-decoration: none; 283 cursor:pointer; 284 } 285 259 286 </style> 260 287 … … 280 307 <div> 281 308 282 <div id="methodListWrapper"> Methods309 <div id="methodListWrapper"><h2>Methods</h2> 283 310 <ul id="methodList"> 284 311 <li><a href="#" onclick="return pwgSelectMethod(this.innerHTML)">getVersion</a></li> … … 289 316 <h2 id="methodName"></h2> 290 317 <div id="methodDetailWrapper"> 291 <div id="methodDescription"></div> 318 292 319 <table> 293 <tr> 294 <td>Request format:</td> 295 <td> 296 <select id="requestFormat"> 297 <option value="get" selected="selected">GET</option> 298 <option value="post">POST</option> 299 </select> 300 </td> 301 </tr> 302 303 <tr> 304 <td>Response format:</td> 305 <td> 306 <select id="responseFormat"> 307 <option value="rest" selected="selected">REST (xml)</option> 308 <option value="json">JSON</option> 309 <option value="php">PHP serial</option> 310 <option value="xmlrpc">XML RPC</option> 311 </select> 312 </td> 313 </tr> 320 <tr style="vertical-align:top"> 321 322 <td> 323 <div id="methodDescription"></div> 324 <table> 325 <tr> 326 <td>Request format:</td> 327 <td> 328 <select id="requestFormat"> 329 <option value="get" selected="selected">GET</option> 330 <option value="post">POST</option> 331 </select> 332 </td> 333 </tr> 334 335 <tr> 336 <td>Response format:</td> 337 <td> 338 <select id="responseFormat"> 339 <option value="rest" selected="selected">REST (xml)</option> 340 <option value="json">JSON</option> 341 <option value="php">PHP serial</option> 342 <option value="xmlrpc">XML RPC</option> 343 </select> 344 </td> 345 </tr> 346 </table> 347 <p> 348 <a href="#" onclick="return pwgInvokeMethod(false)">Invoke</a> 349 <a href="#" onclick="return pwgInvokeMethod(true)">Invoke (new Window)</a> 350 </p> 351 </td> 352 353 354 <td> 355 <table id="methodParams" border="1" cellspacing="0" cellpadding="2px"> 356 <thead> 357 <tr> 358 <td style="width:150px">Parameter</td> 359 <td>Optional</td> 360 <td>Send</td> 361 <td style="width:160px">Value</td> 362 </tr> 363 </thead> 364 <tbody> 365 </tbody> 366 </table> 367 </td> 368 369 </tr> 314 370 </table> 315 316 <div id="methodParamsWrapper"> 317 <table id="methodParams" border="1" cellspacing="0" cellpadding="2px"> 318 <thead> 319 <tr> 320 <td style="width:150px">Parameter</td> 321 <td>Optional</td> 322 <td>Send</td> 323 <td style="width:160px">Value</td> 324 </tr> 325 </thead> 326 <tbody> 327 </tbody> 328 </table> 329 </div> 330 <a href="#" onclick="return pwgInvokeMethod()">Invoke</a> 331 332 <div style="display:none"> 371 372 <div style="display:none;"> 333 373 <!-- hiddenForm for POST --> 334 374 <form method="post" action="" target="invokeFrame" id="invokeForm"> … … 337 377 </div> 338 378 339 <iframe width="100%" height="400px" id="invokeFrame" name="invokeFrame" ></iframe>379 <iframe width="100%" height="400px" id="invokeFrame" name="invokeFrame" style="clear:both"></iframe> 340 380 </div> <!-- methodDetailWrapper --> 341 381 </div> <!-- methodWrapper --> -
trunk/ws.php
r1837 r1849 4 4 // | Copyright (C) 2003-2007 PhpWebGallery Team - http://phpwebgallery.net | 5 5 // +-----------------------------------------------------------------------+ 6 // | branch : BSF (Best So Far)7 6 // | file : $Id$ 8 7 // | last update : $Date$ … … 41 40 { 42 41 include_once(PHPWG_ROOT_PATH.'include/ws_functions.inc.php'); 43 global $conf ;42 global $conf, $user; 44 43 $service = &$arr[0]; 45 44 $service->addMethod('pwg.getVersion', 'ws_getVersion', null, … … 78 77 'retrieves a list of categories' ); 79 78 79 $service->addMethod('pwg.images.addComment', 'ws_images_addComment', 80 array( 81 'image_id' => array(), 82 'author' => array( 'default' => $user['is_the_guest']? 'guest':$user['username']), 83 'content' => array(), 84 'key' => array(), 85 ), 86 'add a comment to an image' ); 87 80 88 $service->addMethod('pwg.images.getInfo', 'ws_images_getInfo', 81 array('image_id'), 89 array( 90 'image_id' => array(), 91 'comments_page' => array('default'=>0 ), 92 'comments_per_page' => array( 93 'default' => $conf['nb_comment_page'], 94 'maxValue' => 2*$conf['nb_comment_page'], 95 ), 96 ), 82 97 'retrieves information about the given photo' ); 83 98
Note: See TracChangeset
for help on using the changeset viewer.