Changeset 1976311
- Timestamp:
- 11/18/2018 04:04:04 PM (7 years ago)
- File:
-
- 1 edited
-
easycoder/trunk/rest.php (modified) (11 diffs)
Legend:
- Unmodified
- Added
- Removed
-
easycoder/trunk/rest.php
r1965463 r1976311 1 1 <?php 2 // REST server 2 /* REST server 3 * 4 */ 3 5 4 6 $request = explode("/", substr($_SERVER['PATH_INFO'], 1)); 5 $command = $request[0]; 6 if ($command == 'plugins') { 7 $names = explode(',', str_replace('~', '/', $request[1])); 8 $response = ''; 9 for ($index = 0; $index < count($names); $index++) { 10 $name = $names[$index]; 11 if ($name != 'http' && strpos($name, 'http') === 0) { 12 $text = file_get_contents($name); 13 } else { 14 $text = file_get_contents("plugin-$name.js"); 15 } 16 $response .= str_replace("EasyCoder_Plugin", "EasyCoder_$index", $text); 17 } 18 print $response; 19 exit; 20 } 21 7 $table = $request[0]; 8 $method = $_SERVER['REQUEST_METHOD']; 9 10 // These headers needed used when debugging. 11 // They permit cross-domain access. If this is a problem, remove them. 12 header('Access-Control-Allow-Origin: *'); 13 header('Content-Type: application/json, text/html'); 14 header('Access-Control-Allow-Headers: Content-Type'); 15 header('Access-Control-Allow-Methods: GET, POST'); 16 17 // First do the commands that don't require a database connection. 18 if ($method == 'GET') { 19 switch ($table) { 20 case '_plugins': 21 /* 22 Special command for catenating all plugins into a single bundle. 23 Their names are rewritten to standard names known to the core package. 24 URLs must be supplied with slashes replaced by tildes. 25 If the plugin name starts with "http" then it's loaded from that URL. 26 Otherwise it has to be the name of one of the standard plugins; browser, json or svg. 27 Up to 10 plugins may be requested. 28 */ 29 $names = explode(',', str_replace('~', '/', $request[1])); 30 $response = ''; 31 for ($index = 0; $index < count($names); $index++) { 32 $name = $names[$index]; 33 if ($name != 'http' && strpos($name, 'http') === 0) { 34 $text = file_get_contents($name); 35 } else { 36 $text = file_get_contents("plugin-$name.js"); 37 } 38 $response .= str_replace("EasyCoder_Plugin", "EasyCoder_$index", $text); 39 } 40 print $response; 41 exit; 42 case '_list': 43 // List the contents of a directory 44 if (count($request) > 1) { 45 $path = str_replace('~', '/', $request[1]); 46 } else { 47 $path = '.'; 48 } 49 // Start at the root of this installation 50 $path = "../../../$path"; 51 $files = scandir($path); 52 print '['; 53 // First list all the directories 54 $flag = false; 55 foreach ($files as $file) { 56 if (strpos($file, '.') !== 0) { 57 if (is_dir("$path/$file")) { 58 if ($flag) { 59 print ','; 60 } else { 61 $flag = true; 62 } 63 print "{\"name\":\"$file\",\"type\":\"dir\"}"; 64 } 65 } 66 } 67 // Now do the ordinary files 68 foreach ($files as $file) { 69 if (strpos($file, '.') !== 0) { 70 if (!is_dir("$path/$file")) { 71 if ($flag) { 72 print ','; 73 } else { 74 $flag = true; 75 } 76 $ext = substr($file, strrpos($file, '.') + 1); 77 print "{\"name\":\"$file\",\"type\":\"$ext\"}"; 78 } 79 } 80 } 81 print ']'; 82 exit; 83 } 84 } 85 86 // All further commands require use of the database, hence a properties file. 87 // If possible keep this above the site root to prevent access by browsers. 22 88 $props = array(); 23 89 $file = fopen('../../../../ec-rest.txt', "r"); … … 55 121 } 56 122 57 header('Access-Control-Allow-Origin: *');58 header('Content-Type: application/json, text/html');59 header('Access-Control-Allow-Headers: Content-Type');60 header('Access-Control-Allow-Methods: GET, POST');61 62 switch ($command) {63 case 'data':64 $table = $props['sqldatatable'];65 break;66 case 'articles':67 $table = $props['sqlarticlestable'];68 break;69 default:70 http_response_code(404);71 print "{\"message\":\"Unknown identifier '$command'.\"}";72 exit;73 }74 $method = $_SERVER['REQUEST_METHOD'];75 123 switch ($method) { 76 124 77 125 case 'GET': 78 get($ props, $conn, $table, $request);126 get($conn, $table, $request); 79 127 break; 80 128 81 129 case 'POST': 82 post($ props, $conn, $table, $request);130 post($conn, $table, $request); 83 131 break; 84 132 … … 88 136 } 89 137 mysqli_close(); 90 exit ();138 exit; 91 139 92 140 ///////////////////////////////////////////////////////////////////////// 93 141 // GET 94 function get($ props, $conn, $table, $request) {142 function get($conn, $table, $request) { 95 143 $action = $request[1]; 96 144 switch ($action) { … … 127 175 print $response; 128 176 break; 177 case 'names': 178 switch (count($request)) { 179 case 3: 180 $offset = 0; 181 $count = $request[2]; 182 break; 183 case 4: 184 $offset = $request[2]; 185 $count = $request[3]; 186 break; 187 default: 188 $offset = 0; 189 $count = 10; 190 break; 191 } 192 $result = $conn->query("SELECT name FROM $table ORDER BY name LIMIT $offset, $count"); 193 $response = '['; 194 while ($row = mysqli_fetch_object($result)) { 195 if ($response != '[') { 196 $response .= ','; 197 } 198 $response .= "\"$row->name\""; 199 } 200 $response .= ']'; 201 print $response; 202 break; 129 203 case 'id': 204 // Get a record given its id 130 205 if (count($request) < 3) { 131 206 http_response_code(400); … … 143 218 break; 144 219 case 'name': 220 // Get a record given its name 145 221 if (count($request) < 3) { 146 222 http_response_code(400); … … 154 230 } else { 155 231 http_response_code(404); 156 print "{\"message\":\"Cannot get item name '$name' as it does not exist.\"}";157 } 158 break; 159 }232 print "{\"message\":\"Cannot get item named '$name' as it does not exist.\"}"; 233 } 234 break; 235 } 160 236 } 161 237 162 238 ///////////////////////////////////////////////////////////////////////// 163 239 // POST 164 function post($ props, $conn, $table, $request) {240 function post($conn, $table, $request) { 165 241 $ts = time(); 166 242 $action = $request[1]; 167 243 switch ($action) { 168 244 case 'set': 245 // Set the value of a record 169 246 if (count($request) > 3) { 170 247 switch ($request[2]) { 171 248 case 'id': 249 // Set by id. The record must already exist 172 250 $value = $_POST['value']; 173 251 $id = $request[3]; … … 184 262 break; 185 263 case 'name': 186 $value = urldecode($_POST['value']); 187 $name = urldecode($request[3]); 264 // Set by name. If the record does not exist, add it 265 $value = $_POST['value']; 266 $name = $request[3]; 188 267 // See if there's an item with this name 189 268 $result = $conn->query("SELECT id FROM $table WHERE name='$name'"); … … 208 287 break; 209 288 case 'delete': 289 // Delete a record, by id or by name 210 290 if (count($request) > 2) { 211 291 $item = $request[2]; … … 215 295 } else { 216 296 // Delete the named item 217 query($conn, "DELETE FROM $table WHERE name=' ".urldecode($item)."'");297 query($conn, "DELETE FROM $table WHERE name='$item'"); 218 298 } 219 299 } 220 300 break; 221 301 case 'rename': 222 $value = urldecode($_POST['value']); 302 // Rename a record 303 $value = $_POST['value']; 223 304 $id = $_POST['id']; 224 305 if (!$id && count($request) > 2) { … … 228 309 query($conn, "UPDATE $table SET name='$name',value='$value' WHERE id=$id"); 229 310 } else { 230 $name = urldecode($_POST['name']);231 $newname = urldecode($_POST['newname']);311 $name = $_POST['name']; 312 $newname = $_POST['newname']; 232 313 // See if there's a data item with the new name 233 314 $result = $conn->query("SELECT id FROM $table WHERE name='$newname'"); … … 251 332 } 252 333 break; 253 case 'truncate':254 query($conn, "TRUNCATE $table");255 break;256 334 default: 257 335 http_response_code(404);
Note: See TracChangeset
for help on using the changeset viewer.