Changeset 329903
- Timestamp:
- 01/07/2011 09:24:36 PM (15 years ago)
- Location:
- flash-api
- Files:
-
- 14 added
- 5 edited
-
tags/1.0.4/flash_api.php (added)
-
tags/1.0.4/flash_api_admin_form.html (added)
-
tags/1.0.4/flash_example (added)
-
tags/1.0.4/flash_example/flash_api_example.fla (added)
-
tags/1.0.4/flash_example/flash_api_example.swf (added)
-
tags/1.0.4/js (added)
-
tags/1.0.4/js/MD5.js (added)
-
tags/1.0.4/js/flash_api.js (added)
-
tags/1.0.4/readme.txt (added)
-
tags/1.0.4/screenshot-1.png (added)
-
tags/1.0.4/screenshot-2.png (added)
-
tags/1.0.4/services.php (added)
-
tags/1.0.4/style.css (added)
-
tags/1.0.4/wsrv.php (added)
-
trunk/flash_api.php (modified) (4 diffs)
-
trunk/js/flash_api.js (modified) (2 diffs)
-
trunk/readme.txt (modified) (3 diffs)
-
trunk/services.php (modified) (2 diffs)
-
trunk/wsrv.php (modified) (3 diffs)
Legend:
- Unmodified
- Added
- Removed
-
flash-api/trunk/flash_api.php
r290063 r329903 3 3 Plugin Name: Flash API 4 4 Description: This plugin serves as a faux webservice that outputs data from the WP Database to a flash application 5 Version: 1.0. 35 Version: 1.0.4 6 6 Author: Cameron Tullos - Illumifi Interactive 7 7 Author URI: http://illumifi.net/ … … 201 201 function fapi_user_profile_hook($user) { 202 202 $apiKey = get_user_meta($user->ID, 'apiKey', true); 203 $apiUrl = get_user_meta($user->ID, 'apiUrl', true); 203 204 $perm = current_user_can('add_users'); 204 205 $readOnly = (!$perm) ? 'readonly="readonly"' : ''; … … 209 210 <table class="form-table"> 210 211 <tr> 211 <th><label for="apilabel">API Key</label></th> 212 <th><label>API Domain</label></th> 213 <td><input type="text" name="flash_api_url" id="flash_api_url" value="'.$apiUrl.'" class="regular-text" '.$readOnly.' /><i>Example: '.$_SERVER['HTTP_HOST'].'</td> 214 </tr> 215 <tr> 216 <th><label>API Key</label></th> 212 217 <td><input type="text" name="flash_api_key" id="flash_api_key" value="'.$apiKey.'" class="regular-text" '.$readOnly.' />'; 213 218 if ($perm) { echo '<input type="button" class="button-secondary" name="generate" id="generate" value="'.__("Generate").'" /></td>'; } … … 221 226 222 227 function fapi_apiKey_save($user_id) { 223 if (!current_user_can('edit_user', $user_id )) { return false; } 224 update_usermeta($user_id, 'apiKey', $_POST['flash_api_key']); 228 if (!current_user_can('edit_user', $user_id )) { return false; } 229 230 $apiKey = $_POST['flash_api_key']; 231 $apiUrl = $_POST['flash_api_url']; 232 $apiUrl = str_replace('https://', '', $apiUrl); 233 $apiUrl = str_replace('http://', '', $apiUrl); 234 $apiUrlARR = explode('/', $apiUrl); 235 $apiUrl = $apiUrlARR[0]; 236 237 update_usermeta($user_id, 'apiUrl', $apiUrl); 238 update_usermeta($user_id, 'apiKey', $apiKey); 225 239 } 226 240 ?> -
flash-api/trunk/js/flash_api.js
r266138 r329903 6 6 7 7 var chars = "0123456789ABCDEFGHIJKLMNOPQRSTUVWXTZabcdefghiklmnopqrstuvwxyz"; 8 var http = $('flash_api_url').val(); 8 9 9 10 var string_length = 8; … … 19 20 } 20 21 21 return MD5( randomstring);22 return MD5(http + randomstring); 22 23 23 24 } -
flash-api/trunk/readme.txt
r290063 r329903 4 4 Requires at least: 2.0.2 5 5 Tested up to: 3.0 6 Stable tag: 1.0. 36 Stable tag: 1.0.4 7 7 8 8 This plugin serves as a faux web service that outputs data from the WP Database to a Flash application in any way you wish. … … 15 15 This plugin insures that the connecting party is a valid user of the API before outputing any data or executing a function. 16 16 <br><br> 17 <i>* Note: PHP and WordPress knowledge is required to create your own functions and data outputs.</i> 17 <i>* PHP and WordPress knowledge is required to create your own functions and data outputs.</i><br> 18 <i> ** Be sure to backup your services.php file when updating to newer versions of the plugin.</i> 18 19 19 20 … … 55 56 * Fixed User profile ability to change own API Key if non-admin. Only 'add_user' level users can edit individual API Keys. 56 57 57 58 = 1.0.4 = 59 + Added functionality to restrict API usage to specific domains. -
flash-api/trunk/services.php
r272739 r329903 118 118 $limit = ($_REQUEST['limit']) ? $_REQUEST['limit'] : 20; 119 119 120 $sql = "SELECT post. post_content, post.post_excerpt, post.post_title, post.post_date, post.guid, user.user_nicename120 $sql = "SELECT post.ID, post.post_content, post.post_excerpt, post.post_title, post.post_date, post.guid, user.user_nicename 121 121 FROM ".$wpdb->posts." AS post 122 122 JOIN ".$wpdb->users." AS user … … 130 130 $rows = $wpdb->get_results($sql); 131 131 foreach($rows as $row) { 132 $xml .= nodeWrap("<node title='".$row->post_title."' date='".$row->post_date."' link='".$row->guid."' author='".$row->user_nicename."' thumbnail=''>\r\t\t<![CDATA[".$row->post_content."]]>\r\t</node>");132 $xml .= nodeWrap("<node id='".$row->ID."' title='".$row->post_title."' date='".$row->post_date."' link='".get_permalink($row->ID)."' author='".$row->user_nicename."'>\r\t\t<![CDATA[".$row->post_content."]]>\r\t</node>"); 133 133 } 134 134 return xmlWrap($xml); -
flash-api/trunk/wsrv.php
r266138 r329903 2 2 3 3 error_reporting(E_ERROR | E_PARSE); 4 5 6 7 4 define('SITEROOT', '../../../'); 8 5 9 10 11 6 require_once(SITEROOT . 'wp-config.php'); 12 13 7 require_once(SITEROOT . 'wp-load.php'); 14 15 8 require_once(SITEROOT . 'wp-includes/wp-db.php'); 16 17 18 9 19 10 // Initiate … … 21 12 do_service(); 22 13 23 24 25 26 27 14 function xmlWrap($nodes) { 28 29 15 header("Content-type: text/xml"); 30 31 16 $xml = "<?xml version='1.0' encoding='utf-8'?>\r"; 32 33 17 $xml .= "<data>\r"; 34 35 18 $xml .= $nodes; 36 37 19 $xml .= "</data>"; 38 39 20 return $xml; 40 41 21 } 42 43 44 22 45 23 function nodeWrap($node) { … … 54 32 55 33 function do_service() { 56 57 34 include('services.php'); 58 35 59 60 61 36 /** 62 63 37 * API KEY CHECK 64 65 38 */ 66 67 68 69 39 global $wpdb; 70 40 71 41 $sql = $wpdb->prepare("SELECT option_value from ".$wpdb->options." WHERE option_name = 'flash_api_key'"); 72 73 42 $apiKey = $wpdb->get_var($sql); 74 43 $key = $_REQUEST['apiKey']; 75 44 $service = $_REQUEST['service']; 76 45 77 78 79 if ($_REQUEST['apiKey'] != $apiKey) { 80 81 echo xmlWrap('<node error="true" param="apiKey" msg="INVALID API KEY" />'); 82 83 return; 84 46 if ($key != $apiKey) {// key isn't global 47 48 if (is_ApiUser($key) != true) { // key isn't user based 49 echo xmlWrap('<node error="true" param="apiKey" msg="INVALID API KEY" />'); 50 return; 51 } 52 else { // key was user based 53 if (function_exists($service)) { echo $service(); } 54 else { echo xmlWrap('<node error="true" param="service" msg="INVALID SERVICE" />'); } 55 } 85 56 } 86 57 87 88 89 90 91 58 /** 92 93 59 * FUNCTION EXECUTION 94 95 60 */ 96 97 else { 98 99 $func = $_REQUEST['service']; 100 101 if (function_exists($func)) { echo $func(); } 102 61 else { // key was global 62 if (function_exists($service)) { echo $service(); } 103 63 else { echo xmlWrap('<node error="true" param="service" msg="INVALID SERVICE" />'); } 104 105 64 } 106 107 65 } 108 66 109 110 111 112 113 114 67 function is_ApiUser($key) { 68 global $wpdb; 69 70 $domain = $_REQUEST['domain']; 71 if (!$domain) { $domain = $_SERVER['HTTP_HOST']; } 72 73 $users = $wpdb->get_results("SELECT ID FROM $wpdb->users"); // query users 74 foreach($users as $user) { 75 $ukey = get_user_meta($user->ID, 'apiKey', true); 76 $http = get_user_meta($user->ID, 'apiUrl', true); 77 78 if ($http == $domain && $ukey == $key) { return true; } 79 } 80 81 return false; 82 } 115 83 ?>
Note: See TracChangeset
for help on using the changeset viewer.