api.php 4.2 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145
  1. <?php
  2. require_once('php/include.php');
  3. // TODO - Add API handling.
  4. $method = $_SERVER['REQUEST_METHOD'];
  5. $ret = Array();
  6. if(isset($_GET['type'])){
  7. if(isset($_GET['id'])){
  8. $id = $_GET['id'];
  9. switch($_GET['type']){
  10. case 'user':
  11. if(!isset($_GET['template'])){
  12. $ret['template'] = file_get_contents(PATH_DATA.'pages/user.template');
  13. }
  14. $user = userObj($id);
  15. $context = Array(
  16. 'name'=>$user['name'],
  17. 'email'=>$user['email']
  18. );
  19. if($LOGGEDIN){
  20. $context['key'] = true;
  21. $context['user'] = userObj($_SESSION['username']);
  22. };
  23. $ret['context'] = $context;
  24. retj($ret,'User - '.$context['name']);
  25. break;
  26. case 'group':
  27. // TODO - handle group requests
  28. break;
  29. case 'issue':
  30. // TODO - handle issue requests
  31. break;
  32. case 'scrum':
  33. // TODO - handle scrum requests
  34. break;
  35. case 'project':
  36. if(!isset($_GET['template'])){
  37. $ret['template'] = file_get_contents(PATH_DATA.'pages/project.template');
  38. }
  39. $context = projectObj($id);
  40. if($LOGGEDIN){
  41. $context['key'] = true;
  42. $context['user'] = userObj($_SESSION['username']);
  43. };
  44. $ret['context'] = $context;
  45. retj($ret,'Project - '.$context['title']);
  46. break;
  47. case 'admin':
  48. // TODO - handle admin requests
  49. break;
  50. case 'page':
  51. if(file_exists(PATH_DATA.'pages/'.$id.'.template')){
  52. if(!isset($_GET['template'])){
  53. $ret['template'] = file_get_contents(PATH_DATA.'pages/'.$id.'.template');
  54. }
  55. $context = Array();
  56. if($LOGGEDIN){
  57. $context['key'] = true;
  58. $context['user'] = userObj($_SESSION['username']);
  59. };
  60. if(file_exists(PATH_DATA.'pages/'.$id.'.options')){
  61. $options = objectToArray(json_decode(file_get_contents(PATH_DATA.'pages/'.$id.'.options'),true));
  62. foreach($options as $key){
  63. switch($key){
  64. case 'users':
  65. if($res = query("SELECT name FROM `users`;")){
  66. $context['users'] = fetch_all($res,MYSQLI_ASSOC);
  67. }
  68. break;
  69. case 'projects':
  70. if($res = query("SELECT title,description,id FROM `projects`;")){
  71. $context['projects'] = fetch_all($res,MYSQLI_ASSOC);
  72. }
  73. break;
  74. }
  75. }
  76. }
  77. $ret['context'] = $context;
  78. }else{
  79. $ret['error'] = 'That page does not exist';
  80. }
  81. retj($ret,$id);
  82. break;
  83. case 'action':
  84. switch($id){
  85. case 'login':
  86. $ret['state'] = Array(
  87. 'data'=>Array(
  88. 'type'=>'page',
  89. 'id'=>'login',
  90. )
  91. );
  92. if(isset($_GET['username'])&&isset($_GET['password'])){
  93. $key = login($_GET['username'],$_GET['password']);
  94. if($key){
  95. $_SESSION['username'] = $_GET['username'];
  96. }else{
  97. $ret['error'] = "Login failed. Username or Password didn't match.";
  98. }
  99. }else{
  100. $ret['error'] = "Please provide a valid username and password.";
  101. }
  102. retj($ret,$id);
  103. break;
  104. case 'register':
  105. $ret['state'] = Array(
  106. 'data'=>Array(
  107. 'type'=>'page',
  108. 'id'=>'register'
  109. )
  110. );
  111. if(isvalid('username')&&isvalid('password')&&isvalid('password1')&&isvalid('email')&&isvalid('captcha')){
  112. if($_GET['password']==$_GET['password1']){
  113. if(compare_captcha($_GET['captcha'])){
  114. if(addUser($_GET['username'],$_GET['password'],$_GET['email'])){
  115. $key = login($_GET['username'],$_GET['password']);
  116. $_SESSION['username'] = $_GET['username'];
  117. sendMail('welcome','Welcome!',$_GET['email'],get('email'),Array($_GET['username'],$_GET['password'],get('email')));
  118. }else{
  119. $ret['error'] = "Could not add user. ".$mysqli->error;
  120. }
  121. }else{
  122. $ret['error'] = "Captcha did not match.";
  123. }
  124. }else{
  125. $ret['error'] = "Passwords didn't match.";
  126. }
  127. }else{
  128. $ret['error'] = "Please fill in all the fields.";
  129. }
  130. retj($ret,$id);
  131. break;
  132. default:
  133. die('invalid action');
  134. }
  135. break;
  136. default:
  137. die("invalid type");
  138. }
  139. }else{
  140. die("id missing");
  141. }
  142. }else{
  143. die("type missing");
  144. }
  145. ?>