From: Johannes Keßler Date: Wed, 16 Mar 2022 15:56:06 +0000 (+0100) Subject: working on the api X-Git-Tag: v1.0~7 X-Git-Url: http://91.132.146.200/gitweb/?a=commitdiff_plain;h=eb48018ed1de4cda5ae3b4c4c843561704cd0df8;p=scientia.git working on the api --- diff --git a/webroot/api.php b/webroot/api.php index d40cd4f..1279a0f 100644 --- a/webroot/api.php +++ b/webroot/api.php @@ -29,4 +29,56 @@ if(!empty($_urlToParse)) { } ## config -require_once('config/config.php'); \ No newline at end of file +require_once('config/config.php'); + +## set the error reporting +ini_set('log_errors',true); +ini_set('error_log',PATH_SYSTEMOUT.'/error.log'); +if(DEBUG === true) { + ini_set('display_errors',true); +} +else { + ini_set('display_errors',false); +} + +# time settings +date_default_timezone_set(TIMEZONE); + +# required libs +require_once('lib/summoner.class.php'); + + +## check if request is valid +$_create = false; +if(isset($_POST['asl']) && !empty($_POST['asl']) + && isset($_FILES['data']) && !empty($_FILES['data']) + && isset(SELFPASTE_UPLOAD_SECRET[$_POST['asl']])) { + $_create = true; +} + +## default response +$contentType = 'Content-Type: application/json; charset=utf-8'; +$httpResponseCode = 200; +$contentBody = array( + 'message' => '', + 'status' => $httpResponseCode +); + +## break here secret empty or false +if($_create === false) { + header('X-PROVIDED-BY: scientia'); + header($contentType); + http_response_code($httpResponseCode); + echo json_encode($data); +} + +# database object +$DB = false; + +## DB connection +$DB = new mysqli(DB_HOST, DB_USERNAME,DB_PASSWORD, DB_NAME); +if ($DB->connect_errno) exit('Can not connect to MySQL Server'); +$DB->set_charset("utf8mb4"); +$DB->query("SET collation_connection = 'utf8mb4_unicode_ci'"); +$driver = new mysqli_driver(); +$driver->report_mode = MYSQLI_REPORT_ERROR | MYSQLI_REPORT_STRICT; \ No newline at end of file diff --git a/webroot/config/config.php.default b/webroot/config/config.php.default index 7decd76..3cf972e 100644 --- a/webroot/config/config.php.default +++ b/webroot/config/config.php.default @@ -38,3 +38,14 @@ # username and password for authentication define('FRONTEND_USERNAME','user'); define('FRONTEND_PASSWORD','pass'); + +# API config +# this is your installation secret. Could be anything. +# Think of it as a key. Change it often to avoid any abuse. +# The description will be used in the log files +define('UPLOAD_SECRET', + array( + 'PLEASE CHANGE YOUR SECRET' => 'Your description for this secret #1', + 'PLEASE CHANGE YOUR SECRET' => 'Your description for this secret #2' + ) +); \ No newline at end of file