api.php 4.4 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149
  1. <?php
  2. require_once('php/include.php');
  3. // TODO - Add API handling.
  4. $method = $_SERVER['REQUEST_METHOD'];
  5. $ret = Array();
  6. if(isset($_GET['type'])){
  7. if(isset($_GET['id'])){
  8. $id = $_GET['id'];
  9. switch($_GET['type']){
  10. case 'user':
  11. if(!isset($_GET['template'])){
  12. $ret['template'] = file_get_contents(PATH_DATA.'pages/user.template');
  13. }
  14. $user = userObj($id);
  15. $context = Array(
  16. 'name'=>$user['name'],
  17. 'email'=>$user['email']
  18. );
  19. if($LOGGEDIN){
  20. $context['key'] = true;
  21. $context['user'] = userObj($_SESSION['username']);
  22. };
  23. $ret['context'] = $context;
  24. retj($ret,'User - '.$context['name']);
  25. break;
  26. case 'group':
  27. // TODO - handle group requests
  28. break;
  29. case 'issue':
  30. // TODO - handle issue requests
  31. break;
  32. case 'scrum':
  33. // TODO - handle scrum requests
  34. break;
  35. case 'project':
  36. if(!isset($_GET['template'])){
  37. $ret['template'] = file_get_contents(PATH_DATA.'pages/project.template');
  38. }
  39. $context = projectObj($id);
  40. $context['user'] = userObj($context['user']);
  41. if($LOGGEDIN){
  42. $context['key'] = true;
  43. $context['user'] = userObj($_SESSION['username']);
  44. };
  45. $ret['context'] = $context;
  46. retj($ret,'Project - '.$context['title']);
  47. break;
  48. case 'admin':
  49. // TODO - handle admin requests
  50. break;
  51. case 'page':
  52. if(file_exists(PATH_DATA.'pages/'.$id.'.template')){
  53. if(!isset($_GET['template'])){
  54. $ret['template'] = file_get_contents(PATH_DATA.'pages/'.$id.'.template');
  55. }
  56. $context = Array();
  57. if($LOGGEDIN){
  58. $context['key'] = true;
  59. $context['user'] = userObj($_SESSION['username']);
  60. };
  61. if(file_exists(PATH_DATA.'pages/'.$id.'.options')){
  62. $options = objectToArray(json_decode(file_get_contents(PATH_DATA.'pages/'.$id.'.options'),true));
  63. foreach($options as $key){
  64. switch($key){
  65. case 'users':
  66. if($res = query("SELECT name FROM `users`;")){
  67. $context['users'] = fetch_all($res,MYSQLI_ASSOC);
  68. }
  69. break;
  70. case 'projects':
  71. if($res = query("SELECT p.title,p.id,p.description,u.name as user FROM `projects` p JOIN `users` u ON u.id = p.u_id")){
  72. $context['projects'] = fetch_all($res,MYSQLI_ASSOC);
  73. foreach($context['projects'] as $key => $project){
  74. $context['projects'][$key]['user'] = userObj($project['user']);
  75. }
  76. }
  77. break;
  78. }
  79. }
  80. }
  81. $ret['context'] = $context;
  82. }else{
  83. $ret['error'] = 'That page does not exist';
  84. }
  85. retj($ret,$id);
  86. break;
  87. case 'action':
  88. switch($id){
  89. case 'login':
  90. $ret['state'] = Array(
  91. 'data'=>Array(
  92. 'type'=>'page',
  93. 'id'=>'login',
  94. )
  95. );
  96. if(isset($_GET['username'])&&isset($_GET['password'])){
  97. $key = login($_GET['username'],$_GET['password']);
  98. if($key){
  99. $_SESSION['username'] = $_GET['username'];
  100. }else{
  101. $ret['error'] = "Login failed. Username or Password didn't match.";
  102. }
  103. }else{
  104. $ret['error'] = "Please provide a valid username and password.";
  105. }
  106. retj($ret,$id);
  107. break;
  108. case 'register':
  109. $ret['state'] = Array(
  110. 'data'=>Array(
  111. 'type'=>'page',
  112. 'id'=>'register'
  113. )
  114. );
  115. if(isvalid('username')&&isvalid('password')&&isvalid('password1')&&isvalid('email')&&isvalid('captcha')){
  116. if($_GET['password']==$_GET['password1']){
  117. if(compare_captcha($_GET['captcha'])){
  118. if(addUser($_GET['username'],$_GET['password'],$_GET['email'])){
  119. $key = login($_GET['username'],$_GET['password']);
  120. $_SESSION['username'] = $_GET['username'];
  121. sendMail('welcome','Welcome!',$_GET['email'],get('email'),Array($_GET['username'],$_GET['password'],get('email')));
  122. }else{
  123. $ret['error'] = "Could not add user. ".$mysqli->error;
  124. }
  125. }else{
  126. $ret['error'] = "Captcha did not match.";
  127. }
  128. }else{
  129. $ret['error'] = "Passwords didn't match.";
  130. }
  131. }else{
  132. $ret['error'] = "Please fill in all the fields.";
  133. }
  134. retj($ret,$id);
  135. break;
  136. default:
  137. die('invalid action');
  138. }
  139. break;
  140. default:
  141. die("invalid type");
  142. }
  143. }else{
  144. die("id missing");
  145. }
  146. }else{
  147. die("type missing");
  148. }
  149. ?>