api.php 7.9 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279
  1. <?php
  2. require_once('php/include.php');
  3. // TODO - Add API handling.
  4. $method = $_SERVER['REQUEST_METHOD'];
  5. $ret = Array();
  6. if(isset($_GET['type'])){
  7. if(isset($_GET['id'])){
  8. $id = $_GET['id'];
  9. switch($_GET['type']){
  10. case 'user':
  11. back(true);
  12. if(!isset($_GET['template'])){
  13. $ret['template'] = file_get_contents(PATH_DATA.'pages/user.template');
  14. }
  15. if($user = userObj($id)){
  16. $context = Array(
  17. 'name'=>$user['name'],
  18. 'email'=>$user['email']
  19. );
  20. if($LOGGEDIN){
  21. $context['key'] = true;
  22. $context['user'] = userObj($_SESSION['username']);
  23. };
  24. $ret['context'] = $context;
  25. }else{
  26. $ret['state'] = Array(
  27. 'url'=>isset($_GET['back'])?$_GET['back']:'page-index'
  28. );
  29. }
  30. retj($ret,'User - '.$context['name']);
  31. break;
  32. case 'group':
  33. back(true);
  34. // TODO - handle group requests
  35. if(false){
  36. // TODO
  37. }else{
  38. $ret['state'] = Array(
  39. 'url'=>isset($_GET['back'])?$_GET['back']:'page-index'
  40. );
  41. }
  42. retj($ret,'Project - '.$context['title']);
  43. break;
  44. case 'issue':
  45. back(true);
  46. // TODO - handle issue requests
  47. if(false){
  48. // TODO
  49. }else{
  50. $ret['state'] = Array(
  51. 'url'=>isset($_GET['back'])?$_GET['back']:'page-index'
  52. );
  53. }
  54. retj($ret,'Project - '.$context['title']);
  55. break;
  56. case 'scrum':
  57. back(true);
  58. // TODO - handle scrum requests
  59. if(false){
  60. // TODO
  61. }else{
  62. $ret['state'] = Array(
  63. 'url'=>isset($_GET['back'])?$_GET['back']:'page-index'
  64. );
  65. }
  66. retj($ret,'Project - '.$context['title']);
  67. break;
  68. case 'project':
  69. back(true);
  70. if(!isset($_GET['template'])){
  71. $ret['template'] = file_get_contents(PATH_DATA.'pages/project.template');
  72. }
  73. if($context = projectObj($id)){
  74. $context['user'] = userObj($context['user']);
  75. if($LOGGEDIN){
  76. $context['key'] = true;
  77. $context['user'] = userObj($_SESSION['username']);
  78. };
  79. $ret['context'] = $context;
  80. }else{
  81. $ret['state'] = Array(
  82. 'url'=>isset($_GET['back'])?$_GET['back']:'page-index'
  83. );
  84. }
  85. retj($ret,'Project - '.$context['title']);
  86. break;
  87. case 'message':
  88. // TODO - handle message requests
  89. if(false){
  90. // TODO
  91. }else{
  92. $ret['state'] = Array(
  93. 'url'=>isset($_GET['back'])?$_GET['back']:'page-index'
  94. );
  95. }
  96. retj($ret,'Project - '.$context['title']);
  97. break;
  98. case 'admin':
  99. back(true);
  100. // TODO - handle admin requests
  101. if(false){
  102. // TODO
  103. }else{
  104. $ret['state'] = Array(
  105. 'url'=>isset($_GET['back'])?$_GET['back']:'page-index'
  106. );
  107. }
  108. retj($ret,'Project - '.$context['title']);
  109. break;
  110. case 'page':
  111. $title = $id;
  112. if(file_exists(PATH_DATA.'pages/'.$id.'.template')){
  113. if(!isset($_GET['template'])||$_GET['template']=='true'){
  114. $ret['template'] = file_get_contents(PATH_DATA.'pages/'.$id.'.template');
  115. }
  116. $context = Array();
  117. if($LOGGEDIN){
  118. $context['key'] = true;
  119. $context['user'] = userObj($_SESSION['username']);
  120. };
  121. if(file_exists(PATH_DATA.'pages/'.$id.'.options')){
  122. $options = objectToArray(json_decode(file_get_contents(PATH_DATA.'pages/'.$id.'.options'),true));
  123. if(isset($options['secure'])&&$options['secure']&&!$LOGGEDIN){
  124. back(true);
  125. }
  126. if(isset($options['title'])){
  127. $title = $options['title'];
  128. }
  129. if(isset($options['context'])){
  130. foreach($options['context'] as $key){
  131. switch($key){
  132. case 'users':
  133. if($res = query("SELECT name FROM `users`;")){
  134. $context['users'] = fetch_all($res,MYSQLI_ASSOC);
  135. }
  136. break;
  137. case 'projects':
  138. if($res = query("SELECT p.title,p.id,p.description,u.name as user FROM `projects` p JOIN `users` u ON u.id = p.u_id")){
  139. $context['projects'] = fetch_all($res,MYSQLI_ASSOC);
  140. foreach($context['projects'] as $key => $project){
  141. $context['projects'][$key]['user'] = userObj($project['user']);
  142. }
  143. }
  144. break;
  145. case 'messages':
  146. if($LOGGEDIN){
  147. $context['messages'] = messages($context['user']['id'],'user');
  148. }else{
  149. $context['messages'] = Array();
  150. }
  151. break;
  152. }
  153. }
  154. }
  155. }
  156. $ret['context'] = $context;
  157. }else{
  158. $ret['error'] = 'That page does not exist';
  159. }
  160. retj($ret,$title);
  161. break;
  162. case 'action':
  163. switch($id){
  164. case 'login':
  165. $ret['state'] = Array(
  166. 'data'=>Array(
  167. 'type'=>'page',
  168. 'id'=>'login',
  169. )
  170. );
  171. if(isset($_GET['username'])&&isset($_GET['password'])){
  172. $key = login($_GET['username'],$_GET['password']);
  173. if($key){
  174. $_SESSION['username'] = $_GET['username'];
  175. }else{
  176. $ret['error'] = "Login failed. Username or Password didn't match.";
  177. }
  178. }else{
  179. $ret['error'] = "Please provide a valid username and password.";
  180. }
  181. retj($ret,$id);
  182. break;
  183. case 'register':
  184. $ret['state'] = Array(
  185. 'data'=>Array(
  186. 'type'=>'page',
  187. 'id'=>'register'
  188. )
  189. );
  190. if(is_valid('username')&&is_valid('password')&&is_valid('password1')&&is_valid('email')&&is_valid('captcha')){
  191. if($_GET['password']==$_GET['password1']){
  192. if(compare_captcha($_GET['captcha'])){
  193. if(addUser($_GET['username'],$_GET['password'],$_GET['email'])){
  194. $key = login($_GET['username'],$_GET['password']);
  195. $_SESSION['username'] = $_GET['username'];
  196. sendMail('welcome','Welcome!',$_GET['email'],get('email'),Array($_GET['username'],$_GET['password'],get('email')));
  197. }else{
  198. $ret['error'] = "Could not add user. ".$mysqli->error;
  199. }
  200. }else{
  201. $ret['error'] = "Captcha did not match.";
  202. }
  203. }else{
  204. $ret['error'] = "Passwords didn't match.";
  205. }
  206. }else{
  207. $ret['error'] = "Please fill in all the fields.";
  208. }
  209. retj($ret,$id);
  210. break;
  211. case 'project':
  212. back(true);
  213. $ret['state'] = Array(
  214. 'data'=>Array(
  215. 'type'=>'page',
  216. 'id'=>$id,
  217. )
  218. );
  219. if(isset($_GET['pid'])){
  220. $ret['error'] = 'Invalid Action';
  221. }elseif(is_valid('title')&&is_valid('description')){
  222. if(!newProject($_GET['title'],$_GET['description'])){
  223. $ret['error'] = 'Unable to create project.';
  224. }
  225. }else{
  226. $ret['error'] = 'Fill in all the details.';
  227. }
  228. retj($ret,$id);
  229. break;
  230. case 'comment':
  231. if(isset($_GET['comment_type'])&&isset($_GET['comment_id'])&&isset($_GET['message'])){
  232. $cid = $_GET['comment_id'];
  233. $ret = Array(
  234. 'state'=>stateObj($_GET['comment_type'],$cid)
  235. );
  236. switch($_GET['comment_type']){
  237. case 'project':
  238. if(!function_exists('project_comment')){
  239. $ret['error'] = "fn doesn't exist!";
  240. }
  241. if(!project_comment($cid,$_GET['message'])){
  242. $ret = Array(
  243. 'error'=>'Could not comment on project'
  244. );
  245. }
  246. break;
  247. default:
  248. $ret['error'] = 'Comment type not implemented';
  249. }
  250. }else{
  251. $ret['error'] = 'Missing comment paremeters';
  252. $ret['state'] = Array(
  253. 'title'=>'error'
  254. );
  255. }
  256. retj($ret,$ret['state']['title']);
  257. break;
  258. default:
  259. retj(Array(
  260. 'error'=>'Invalid action.'
  261. ));
  262. }
  263. break;
  264. default:
  265. retj(Array(
  266. 'error'=>'Invalid type.'
  267. ));
  268. }
  269. }else{
  270. retj(Array(
  271. 'error'=>'ID missing.'
  272. ));
  273. }
  274. }else{
  275. retj(Array(
  276. 'error'=>'Type missing.'
  277. ));
  278. }
  279. ?>