From: Banana Date: Sat, 26 Mar 2022 10:09:15 +0000 (+0100) Subject: first working version of the API X-Git-Tag: v1.0~6 X-Git-Url: http://91.132.146.200/gitweb/?a=commitdiff_plain;h=9ce36fea34dd79f38d941003d553a7fd5358d32c;p=scientia.git first working version of the API --- diff --git a/documentation/api.txt b/documentation/api.txt new file mode 100644 index 0000000..4675cfb --- /dev/null +++ b/documentation/api.txt @@ -0,0 +1,28 @@ +Example request: + +POST http://example.tld/api.php +Content-Type: application/json; charset=utf-8 +Accept: application/json + +{ + "asl": "YOUR-KEY", + "data": "TEXT DATA TO BE SAVED" +} + + +Example response (success): + +Content-Type: application/json +{ + "message": "http://example.tld/2022/03/26/DFzn", + "status": 200 +} + + +Example response (failure): + +Content-Type: application/json +{ + "message": "Something went wrong. HASHCODE", + "status": 500 +} diff --git a/webroot/api.php b/webroot/api.php index 1279a0f..419668f 100644 --- a/webroot/api.php +++ b/webroot/api.php @@ -48,12 +48,28 @@ date_default_timezone_set(TIMEZONE); require_once('lib/summoner.class.php'); +if(DEBUG) error_log("Dump SERVER ".var_export($_SERVER,true)); ## check if request is valid $_create = false; -if(isset($_POST['asl']) && !empty($_POST['asl']) - && isset($_FILES['data']) && !empty($_FILES['data']) - && isset(SELFPASTE_UPLOAD_SECRET[$_POST['asl']])) { - $_create = true; +$filteredData = ''; +if ($_SERVER['REQUEST_METHOD'] === 'POST' && $_SERVER['CONTENT_TYPE'] === 'application/json; charset=utf-8') { + $payload = json_decode(file_get_contents('php://input'), true); + if(DEBUG) error_log("[DEBUG] Dump payload ".var_export($payload,true)); + if(!empty($payload)) { + if(isset($payload['asl']) && !empty($payload['asl']) + && isset($payload['data']) && !empty($payload['data']) + && isset(UPLOAD_SECRET[$payload['asl']]) + ) { + if(DEBUG) error_log("[DEBUG] Valid payload so far"); + if(!empty($payload['data'])) { + $filteredData = filter_var($payload['data'],FILTER_SANITIZE_FULL_SPECIAL_CHARS); + if(!empty($filteredData)) { + if(DEBUG) error_log("[DEBUG] Validated payload"); + $_create = true; + } + } + } + } } ## default response @@ -69,7 +85,8 @@ if($_create === false) { header('X-PROVIDED-BY: scientia'); header($contentType); http_response_code($httpResponseCode); - echo json_encode($data); + echo json_encode($contentBody); + exit(); } # database object @@ -81,4 +98,23 @@ if ($DB->connect_errno) exit('Can not connect to MySQL Server'); $DB->set_charset("utf8mb4"); $DB->query("SET collation_connection = 'utf8mb4_unicode_ci'"); $driver = new mysqli_driver(); -$driver->report_mode = MYSQLI_REPORT_ERROR | MYSQLI_REPORT_STRICT; \ No newline at end of file +$driver->report_mode = MYSQLI_REPORT_ERROR | MYSQLI_REPORT_STRICT; + +require_once 'lib/entry.class.php'; +$Entry = new Entry($DB); +$do = $Entry->create($filteredData); +if($do !== false) { + $contentBody['message'] = date('/Y/m/d/').$do; +} +else { + $hash = md5($do.time()); + error_log("[ERROR] $hash Can not create. ". var_export($do,true)); + $contentBody['message'] = "Something went wrong. $hash"; + $contentBody['status'] = 500; +} + +# return +header('X-PROVIDED-BY: scientia'); +header($contentType); +http_response_code($httpResponseCode); +echo json_encode($contentBody); diff --git a/webroot/config/config.php.default b/webroot/config/config.php.default index 3cf972e..b8e8a60 100644 --- a/webroot/config/config.php.default +++ b/webroot/config/config.php.default @@ -15,29 +15,29 @@ * along with this program. If not, see http://www.sun.com/cddl/cddl.html */ - # set to true if you need debug messages in error log file - define('DEBUG',true); - # set to ture if you need query log messages in error log file. - define('QUERY_DEBUG',true); +# set to true if you need debug messages in error log file +define('DEBUG',true); +# set to ture if you need query log messages in error log file. +define('QUERY_DEBUG',true); - # timezone settings - define('TIMEZONE','Europe/Berlin'); +# timezone settings +define('TIMEZONE','Europe/Berlin'); - # path settings - define('PATH_ABSOLUTE','/absolute/path/scientia/webroot'); - define('PATH_SYSTEMOUT',PATH_ABSOLUTE.'/systemout'); - define('PATH_WEBROOT','/absolute/path'); +# path settings +define('PATH_ABSOLUTE','/absolute/path/scientia/webroot'); +define('PATH_SYSTEMOUT',PATH_ABSOLUTE.'/systemout'); +define('PATH_WEBROOT','/absolute/path'); - # database config - define('DB_HOST','127.0.0.1'); - define('DB_USERNAME','user'); - define('DB_PASSWORD','test'); - define('DB_NAME','scientia'); - define('DB_PREFIX','sc'); # a _ is added automatically as separation +# database config +define('DB_HOST','127.0.0.1'); +define('DB_USERNAME','user'); +define('DB_PASSWORD','test'); +define('DB_NAME','scientia'); +define('DB_PREFIX','sc'); # a _ is added automatically as separation - # username and password for authentication - define('FRONTEND_USERNAME','user'); - define('FRONTEND_PASSWORD','pass'); +# username and password for authentication +define('FRONTEND_USERNAME','user'); +define('FRONTEND_PASSWORD','pass'); # API config # this is your installation secret. Could be anything. @@ -48,4 +48,4 @@ define('UPLOAD_SECRET', 'PLEASE CHANGE YOUR SECRET' => 'Your description for this secret #1', 'PLEASE CHANGE YOUR SECRET' => 'Your description for this secret #2' ) -); \ No newline at end of file +); diff --git a/webroot/lib/summoner.class.php b/webroot/lib/summoner.class.php index ca3db79..d23dad9 100644 --- a/webroot/lib/summoner.class.php +++ b/webroot/lib/summoner.class.php @@ -158,7 +158,6 @@ class Summoner { * @return string */ static function b64sl_pack_id(int $id): string { - error_log($id); $id = intval($id); $ida = ($id > 0xFFFFFFFF ? $id >> 32 : 0); // 32 bit big endian, top $idb = ($id & 0xFFFFFFFF); // 32 bit big endian, bottom