api.php 3.6 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128
  1. <?php
  2. require_once('php/include.php');
  3. // TODO - Add API handling.
  4. $method = $_SERVER['REQUEST_METHOD'];
  5. $ret = Array();
  6. if(isset($_GET['type'])){
  7. if(isset($_GET['id'])){
  8. $id = $_GET['id'];
  9. switch($_GET['type']){
  10. case 'user':
  11. if(!isset($_GET['template'])){
  12. $ret['template'] = file_get_contents(PATH_DATA.'pages/user.template');
  13. }
  14. $user = userObj($id);
  15. $context = Array(
  16. 'name'=>$user['name'],
  17. 'email'=>$user['email']
  18. );
  19. if($LOGGEDIN){
  20. $context['key'] = true;
  21. $context['user'] = userObj($_SESSION['username']);
  22. };
  23. $ret['context'] = $context;
  24. retj($ret,$id);
  25. break;
  26. case 'group':
  27. // TODO - handle group requests
  28. break;
  29. case 'issue':
  30. // TODO - handle issue requests
  31. break;
  32. case 'scrum':
  33. // TODO - handle scrum requests
  34. break;
  35. case 'admin':
  36. // TODO - handle admin requests
  37. break;
  38. case 'page':
  39. if(file_exists(PATH_DATA.'pages/'.$id.'.template')){
  40. if(!isset($_GET['template'])){
  41. $ret['template'] = file_get_contents(PATH_DATA.'pages/'.$id.'.template');
  42. }
  43. $context = Array();
  44. if($LOGGEDIN){
  45. $context['key'] = true;
  46. $context['user'] = userObj($_SESSION['username']);
  47. };
  48. if(file_exists(PATH_DATA.'pages/'.$id.'.options')){
  49. $options = objectToArray(json_decode(file_get_contents(PATH_DATA.'pages/'.$id.'.options'),true));
  50. foreach($options as $key){
  51. switch($key){
  52. case 'users':
  53. $res = query("SELECT name FROM `users`;");
  54. $users = fetch_all($res,MYSQLI_ASSOC);
  55. $context['users'] = $users;
  56. break;
  57. }
  58. }
  59. }
  60. $ret['context'] = $context;
  61. }else{
  62. $ret['error'] = 'That page does not exist';
  63. }
  64. retj($ret,$id);
  65. break;
  66. case 'action':
  67. switch($id){
  68. case 'login':
  69. $ret['state'] = Array(
  70. 'data'=>Array(
  71. 'type'=>'page',
  72. 'id'=>'login',
  73. )
  74. );
  75. if(isset($_GET['username'])&&isset($_GET['password'])){
  76. $key = login($_GET['username'],$_GET['password']);
  77. if($key){
  78. $_SESSION['username'] = $_GET['username'];
  79. }else{
  80. $ret['error'] = "Login failed. Username or Password didn't match.";
  81. }
  82. }else{
  83. $ret['error'] = "Please provide a valid username and password.";
  84. }
  85. retj($ret,$id);
  86. break;
  87. case 'register':
  88. $ret['state'] = Array(
  89. 'data'=>Array(
  90. 'type'=>'page',
  91. 'id'=>'register'
  92. )
  93. );
  94. if(isvalid('username')&&isvalid('password')&&isvalid('password1')&&isvalid('email')&&isvalid('captcha')){
  95. if($_GET['password']==$_GET['password1']){
  96. if(compare_captcha($_GET['captcha'])){
  97. if(addUser($_GET['username'],$_GET['password'],$_GET['email'])){
  98. $key = login($_GET['username'],$_GET['password']);
  99. $_SESSION['username'] = $_GET['username'];
  100. sendMail('welcome','Welcome!',$_GET['email'],get('email'),Array($_GET['username'],$_GET['password'],get('email')));
  101. }else{
  102. $ret['error'] = "Could not add user. ".$mysqli->error;
  103. }
  104. }else{
  105. $ret['error'] = "Captcha did not match.";
  106. }
  107. }else{
  108. $ret['error'] = "Passwords didn't match.";
  109. }
  110. }else{
  111. $ret['error'] = "Please fill in all the fields.";
  112. }
  113. retj($ret,$id);
  114. break;
  115. default:
  116. die('invalid action');
  117. }
  118. break;
  119. default:
  120. die("invalid type");
  121. }
  122. }else{
  123. die("id missing");
  124. }
  125. }else{
  126. die("type missing");
  127. }
  128. ?>