PrivateCoffee/wishthis
4
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Refactor API

Browse source
This commit is contained in:
grandeljay 2022-11-11 13:34:40 +01:00
parent c5c2893201
commit 29c9c3c472
20 changed files with 349 additions and 151 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

14
index.php
View file

@ -144,25 +144,11 @@ $locale = isset($_REQUEST['locale']) ? $_REQUEST['locale'] : \Locale::lookup($lo
*/
Wish::initialize();
/**
* API
*/
if (isset($api)) {
return;
}
/**
* Pretty URLs
*/
$url = new URL($_SERVER['REQUEST_URI']);
/**
* Install
*/
if (!$options || !$options->getOption('isInstalled')) {
$page = 'install';
}
/**
* Database Update
*/

16
src/api/blog.php
View file

@ -8,13 +8,13 @@
namespace wishthis;
ob_start();
global $page;
$api = true;
if (!isset($page)) {
http_response_code(403);
die('Direct access to this location is not allowed.');
}
require '../../index.php';
$response = array();
$dateFormatter = new \IntlDateFormatter(
$_SESSION['user']->getLocale(),
\IntlDateFormatter::MEDIUM,
@ -43,9 +43,3 @@ switch ($_SERVER['REQUEST_METHOD']) {
$response['html'] = $html;
break;
}
$response['warning'] = ob_get_clean();
header('Content-type: application/json; charset=utf-8');
echo json_encode($response);
die();

17
src/api/database-test.php
View file

@ -8,13 +8,12 @@
namespace wishthis;
ob_start();
global $page, $database;
$api = true;
require '../../index.php';
$response = array();
if (!isset($page)) {
http_response_code(403);
die('Direct access to this location is not allowed.');
}
switch ($_SERVER['REQUEST_METHOD']) {
case 'POST':
@ -36,9 +35,3 @@ switch ($_SERVER['REQUEST_METHOD']) {
$response['success'] = $success;
break;
}
$response['warning'] = ob_get_clean();
header('Content-type: application/json; charset=utf-8');
echo json_encode($response);
die();

16
src/api/statistics.php
View file

@ -8,12 +8,12 @@
namespace wishthis;
$api = true;
$response = array();
global $page, $database;
ob_start();
require '../../index.php';
if (!isset($page)) {
http_response_code(403);
die('Direct access to this location is not allowed.');
}
switch ($_SERVER['REQUEST_METHOD']) {
case 'GET':
@ -51,9 +51,3 @@ switch ($_SERVER['REQUEST_METHOD']) {
}
break;
}
$response['warning'] = ob_get_clean();
header('Content-type: application/json; charset=utf-8');
echo json_encode($response);
die();

16
src/api/url.php
View file

@ -8,12 +8,12 @@
namespace wishthis;
$api = true;
$response = array();
global $page;
ob_start();
require '../../index.php';
if (!isset($page)) {
http_response_code(403);
die('Direct access to this location is not allowed.');
}
switch ($_SERVER['REQUEST_METHOD']) {
case 'GET':
@ -28,9 +28,3 @@ switch ($_SERVER['REQUEST_METHOD']) {
}
break;
}
$response['warning'] = ob_get_clean();
header('Content-type: application/json; charset=utf-8');
echo json_encode($response);
die();

18
src/api/wishes.php
View file

@ -8,14 +8,12 @@
namespace wishthis;
$api = true;
$response = array(
'success' => false,
);
global $page, $database;
ob_start();
require '../../index.php';
if (!isset($page)) {
http_response_code(403);
die('Direct access to this location is not allowed.');
}
switch ($_SERVER['REQUEST_METHOD']) {
case 'GET':
@ -276,9 +274,3 @@ switch ($_SERVER['REQUEST_METHOD']) {
$response['success'] = true;
break;
}
$response['warning'] = ob_get_clean();
header('Content-type: application/json; charset=utf-8');
echo json_encode($response);
die();

16
src/api/wishlists-saved.php
View file

@ -8,12 +8,12 @@
namespace wishthis;
$api = true;
$response = array();
global $page, $database;
ob_start();
require '../../index.php';
if (!isset($page)) {
http_response_code(403);
die('Direct access to this location is not allowed.');
}
switch ($_SERVER['REQUEST_METHOD']) {
case 'GET':
@ -57,9 +57,3 @@ switch ($_SERVER['REQUEST_METHOD']) {
}
break;
}
$response['warning'] = ob_get_clean();
header('Content-type: application/json; charset=utf-8');
echo json_encode($response);
die();

16
src/api/wishlists.php
View file

@ -8,12 +8,12 @@
namespace wishthis;
$api = true;
$response = array();
global $page, $database;
ob_start();
require '../../index.php';
if (!isset($page)) {
http_response_code(403);
die('Direct access to this location is not allowed.');
}
switch ($_SERVER['REQUEST_METHOD']) {
case 'POST':
@ -170,9 +170,3 @@ switch ($_SERVER['REQUEST_METHOD']) {
$response['success'] = true;
break;
}
$response['warning'] = ob_get_clean();
header('Content-type: application/json; charset=utf-8');
echo json_encode($response);
die();

8
src/assets/js/default.js
View file

@ -18,10 +18,10 @@ $(function() {
*/
/** API */
$.fn.api.settings.api = {
'get wishlists' : '/src/api/wishlists.php',
'delete wishlist' : '/src/api/wishlists.php',
'update wish status' : '/src/api/wishes.php',
'delete wish' : '/src/api/wishes.php',
'get wishlists' : '/?page=api&module=wishlists',
'delete wishlist' : '/?page=api&module=wishlists',
'update wish status' : '/?page=api&module=wishes',
'delete wish' : '/?page=api&module=wishes',
};
/** Default callbacks */

22
src/assets/js/home.js
View file

@ -2,7 +2,17 @@ $(function() {
/**
* Statistics
*/
fetch('/src/api/statistics.php?table=all', {
const params_statistics = new URLSearchParams(
{
'api_token' : api.token,
'module' : 'statistics',
'page' : 'api',
'table' : 'all',
}
);
fetch('/?' + params_statistics, {
method: 'GET'
})
.then(handleFetchError)
@ -56,7 +66,15 @@ $(function() {
/**
* News
*/
fetch('/src/api/blog.php', {
const params_news = new URLSearchParams(
{
'api_token' : api.token,
'module' : 'blog',
'page' : 'api',
}
);
fetch('/?' + params_news, {
method: 'GET'
})
.then(handleFetchError)

2
src/assets/js/install.js
View file

@ -9,7 +9,7 @@ $(function() {
form.addClass('loading');
fetch('/src/api/database-test.php', {
fetch('/?page=api&module=database-test', {
method : 'POST',
body : formDatabase
})

16
src/assets/js/parts/wishlist-filter.js
View file

@ -28,12 +28,18 @@ $(function () {
return false;
}
var paramater = new URLSearchParams({
wishlist : wishlist_id,
priority : $(this).dropdown('get value'),
});
const parameter = new URLSearchParams(
{
'api_token' : api.token,
'module' : 'wishlists',
'page' : 'api',
fetch('/src/api/wishlists.php?' + paramater, {
'priority' : $(this).dropdown('get value'),
'wishlist' : wishlist_id,
}
);
fetch('/?' + parameter, {
method : 'GET',
})
.then(handleFetchError)

47
src/assets/js/wishlist.js
View file

@ -47,8 +47,10 @@ $(function() {
action : 'update wish status',
method : 'PUT',
data : {
wish_id : card.attr('data-id'),
wish_status : wish_status_temporary,
'api_token' : api.token,
'wish_id' : card.attr('data-id'),
'wish_status' : wish_status_temporary,
},
on : 'now',
onSuccess : function(response, element, xhr) {
@ -66,8 +68,10 @@ $(function() {
action : 'update wish status',
method : 'PUT',
data : {
wish_id : card.attr('data-id'),
wish_status : wish_status_unavailable,
'api_token' : api.token,
'wish_id' : card.attr('data-id'),
'wish_status' : wish_status_unavailable,
},
on : 'now',
onSuccess : function(response, element, xhr) {
@ -84,10 +88,15 @@ $(function() {
buttonSave.addClass('disabled loading');
var formData = new URLSearchParams();
formData.append('wishlist', $('[data-wishlist]').attr('data-wishlist'));
var formData = new URLSearchParams(
{
'api_token' : api.token,
fetch('/src/api/wishlists-saved.php', {
'wishlist' : $('[data-wishlist]').attr('data-wishlist'),
}
);
fetch('/?page=api&module=wishlists-saved', {
method : 'POST',
body : formData
})
@ -110,7 +119,15 @@ $(function() {
});
/** Determine if list is saved */
fetch('/src/api/wishlists-saved.php', {
const params_ws_saved = new URLSearchParams(
{
'api_token' : api.token,
'module' : 'wishlists-saved',
'page' : 'api',
}
);
fetch('/?' + params_ws_saved, {
method : 'GET',
})
.then(handleFetchError)
@ -149,14 +166,18 @@ $(function() {
var wishlist_id = $('.wishlist-cards[data-wishlist]').attr('data-wishlist');
var wishlist_locale = buttonRequest.attr('data-locale');
var formData = new URLSearchParams({
'wishlist-id' : wishlist_id,
'locale' : wishlist_locale
});
var formData = new URLSearchParams(
{
'api_token' : api.token,
'locale' : wishlist_locale,
'wishlist-id' : wishlist_id,
}
);
buttonRequest.addClass('disabled loading');
fetch('/src/api/wishlists.php', {
fetch('/?page=api&module=wishlists', {
method : 'POST',
body : formData
})

107
src/assets/js/wishlists.js
View file

@ -21,6 +21,9 @@ $(function () {
action : 'get wishlists',
method : 'GET',
on : 'now',
data : {
'api_token' : api.token,
},
onSuccess : function (response, element, xhr) {
wishlists = response.results;
@ -63,7 +66,16 @@ $(function () {
/** Update URL */
urlParams.set('id', wishlistValue);
fetch('/src/api/url.php?url=' + window.btoa(urlParams.toString()), {
const params_url = new URLSearchParams(
{
'api_token' : api.token,
'module' : 'url',
'page' : 'api',
'url' : window.btoa(urlParams.toString()),
}
);
fetch('/?' + params_url, {
method: 'GET'
})
.then(handleFetchError)
@ -146,7 +158,18 @@ $(function () {
card.addClass('loading');
card.attr('data-cache', 'false');
fetch('/src/api/wishes.php?wish_id=' + card.attr('data-id') + '&wishlist_user=' + wishlist_user, {
const params_cache = new URLSearchParams(
{
'api_token' : api.token,
'module' : 'wishes',
'page' : 'api',
'wish_id' : card.attr('data-id'),
'wishlist_user' : wishlist_user,
}
);
fetch('/?' + params_cache, {
method: 'GET'
})
.then(handleFetchError)
@ -198,10 +221,11 @@ $(function () {
var formRename = modalRename.find('.form.wishlist-rename');
var formData = new URLSearchParams(new FormData(formRename[0]));
formData.append('api_token', api.token);
fetch('/src/api/wishlists.php', {
method: 'PUT',
body: formData
fetch('/?page=api&module=wishlists', {
method : 'PUT',
body : formData,
})
.then(handleFetchError)
.then(handleFetchResponse)
@ -280,7 +304,9 @@ $(function () {
action: 'delete wishlist',
method: 'DELETE',
data: {
wishlistID: wishlistValue
'api_token' : api.token,
'wishlistID' : wishlistValue
},
on: 'now',
onSuccess: function (response, wishlists) {
@ -323,8 +349,10 @@ $(function () {
action : 'update wish status',
method : 'PUT',
data : {
wish_id : card.attr('data-id'),
wish_status : wish_status_fulfilled,
'api_token' : api.token,
'wish_id' : card.attr('data-id'),
'wish_status' : wish_status_fulfilled,
},
on : 'now',
onSuccess : function(response, element, xhr) {
@ -362,11 +390,17 @@ $(function () {
/** Get Wish */
var wishID = $(this).attr('data-id');
var wishFormData = new URLSearchParams({
'wish_id' : wishID
});
var wishFormData = new URLSearchParams(
{
'api_token' : api.token,
'module' : 'wishes',
'page' : 'api',
fetch('/src/api/wishes.php?' + wishFormData, {
'wish_id' : wishID
}
);
fetch('/?' + wishFormData, {
method: 'GET'
})
.then(handleFetchError)
@ -447,7 +481,9 @@ $(function () {
action : 'delete wish',
method : 'DELETE',
data : {
wish_id: card.attr('data-id'),
'api_token' : api.token,
'wish_id': card.attr('data-id'),
},
on : 'now',
onSuccess : function () {
@ -545,14 +581,15 @@ $(function () {
.modal({
autoShow: true,
onApprove: function (buttonCreate) {
const formData = new URLSearchParams(new FormData(formWishlistCreate[0]));
formWishlistCreate.addClass('loading');
buttonCreate.addClass('loading');
fetch('/src/api/wishlists.php', {
method: 'POST',
body: formData
var formData = new URLSearchParams(new FormData(formWishlistCreate[0]));
formData.append('api_token', api.token);
fetch('/?page=api&module=wishlists', {
method : 'POST',
body : formData
})
.then(handleFetchError)
.then(handleFetchResponse)
@ -603,7 +640,17 @@ $(function () {
buttonAddOrSave.addClass('disabled');
if (wishURLCurrent) {
fetch('/src/api/wishes.php?wish_url=' + wishURLCurrent, {
const params_url = new URLSearchParams(
{
'api_token' : api.token,
'module' : 'wishes',
'page' : 'api',
'wish_url' : wishURLCurrent
}
);
fetch('/?=' + params_url, {
method: 'GET'
})
.then(handleFetchError)
@ -631,14 +678,18 @@ $(function () {
onApprove : function (buttonUpdate) {
inputURL.val(modalValidate.find('input.proposed').val());
var formData = new URLSearchParams({
'wish_url_current' : modalValidate.find('input.current').val(),
'wish_url_proposed' : modalValidate.find('input.proposed').val()
});
buttonUpdate.addClass('loading');
fetch('/src/api/wishes.php', {
const formData = new URLSearchParams(
{
'api_token' : api.token,
'wish_url_current' : modalValidate.find('input.current').val(),
'wish_url_proposed' : modalValidate.find('input.proposed').val(),
}
);
fetch('/?page=api&module=wishes', {
method : 'PUT',
body : formData
})
@ -661,8 +712,9 @@ $(function () {
/** Save form edit fields */
/** This code block is a duplicate, please refactor */
var formData = new URLSearchParams(new FormData(formAddOrEdit[0]));
formData.append('api_token', api.token);
fetch('/src/api/wishes.php', {
fetch('/?page=api&module=wishes', {
method : 'POST',
body : formData
})
@ -692,8 +744,9 @@ $(function () {
/** Save form edit fields */
/** This code block is a duplicate, please refactor */
var formData = new URLSearchParams(new FormData(formAddOrEdit[0]));
formData.append('api_token', api.token);
fetch('/src/api/wishes.php', {
fetch('/?page=api&module=wishes', {
method : 'POST',
body : formData
})

96
src/classes/api.php Normal file
View file

@ -0,0 +1,96 @@
<?php
/**
* API
*
* @author Jay Trees <github.jay@grandel.anonaddy.me>
*/
namespace wishthis;
class API
{
/**
* Non-Static
*/
private string $module;
private string $module_path;
private array $input;
public string $token;
public function __construct()
{
global $options;
$this->input = $this->getRequestVariables();
$this->module = $this->input['module'] ?? '';
$this->module_path = ROOT . '/src/api/' . $this->module . '.php';
$this->token = $options->getOption('api_token');
/** For installer */
if (empty($this->token)) {
$this->token = sha1(ROOT);
}
}
public function do()
{
if (file_exists($this->module_path)) {
if (!empty(trim($this->input['api_token']))) {
if ($this->input['api_token'] === $this->token) {
ob_start();
$response = array();
require $this->module_path;
$response['warning'] = ob_get_clean();
header('Content-type: application/json; charset=utf-8');
echo json_encode($response);
} else {
http_response_code(403);
?>
<h1>Forbidden</h1>
<p>The specified API token "<?= $this->input['api_token'] ?>" is invalid.</p>
<?php
}
} else {
http_response_code(403);
?>
<h1>Forbidden</h1>
<p>Please specify an API token.</p>
<?php
}
} else {
http_response_code(404);
?>
<h1>Not found</h1>
<p>The API module "<?= $this->module ?>" was not found.</p>
<?php
}
die();
}
private function getRequestVariables(): array
{
$request_variables = $_GET;
switch ($_SERVER['REQUEST_METHOD']) {
case 'POST':
$request_variables = array_merge($request_variables, $_POST);
break;
default:
parse_str(file_get_contents("php://input"), $_INPUT);
$request_variables = array_merge($request_variables, $_INPUT);
break;
}
return $request_variables;
}
}

19
src/classes/page.php
View file

@ -22,6 +22,7 @@ class Page
/**
* Static
*/
public const PAGE_API = '/?page=api';
public const PAGE_BLOG = '/?page=blog';
public const PAGE_CHANGELOG = '/?page=changelog';
public const PAGE_HOME = '/?page=home';
@ -128,14 +129,26 @@ class Page
*/
public function __construct(string $filepath, public string $title = 'wishthis', public int $power = 0)
{
global $options;
$this->name = pathinfo($filepath, PATHINFO_FILENAME);
$this->description = __('wishthis is a simple, intuitive and modern wishlist platform to create, manage and view your wishes for any kind of occasion.');
$this->link_preview = 'https://' . $_SERVER['HTTP_HOST'] . '/src/assets/img/link-previews/default.png';
/**
* Install
*/
if (!isset($options) || !$options || !$options->getOption('isInstalled')) {
global $page;
if ('api' !== $page) {
redirect(Page::PAGE_INSTALL);
}
}
/**
* Session
*/
global $options;
$user = isset($_SESSION['user']->id) ? $_SESSION['user'] : new User();
$ignorePower = array(
@ -336,10 +349,14 @@ class Page
/**
* Scripts
*/
global $options;
?>
<script type="text/javascript">
var locale = '<?= str_replace('_', '-', $this->language) ?>';
var $_GET = JSON.parse('<?= isset($_GET) ? json_encode($_GET) : json_encode(array()) ?>');
var api = {
'token' : "<?= $options->getOption('api_token'); ?>",
};
var wish_status_temporary = '<?= Wish::STATUS_TEMPORARY ?>';
var wish_status_unavailable = '<?= Wish::STATUS_UNAVAILABLE ?>';
var wish_status_fulfilled = '<?= Wish::STATUS_FULFILLED ?>';

13
src/pages/api.php Normal file
View file

@ -0,0 +1,13 @@
<?php
/**
* API
*
* @author Jay Trees <github.jay@grandel.anonaddy.me>
*/
namespace wishthis;
$page = new Page(__FILE__, __('API'));
$api = new API();
$api->do();

23
src/pages/changelog.php
View file

@ -30,6 +30,29 @@ $page->navigation();
<div class="twelve wide stretched column">
<div class="ui tab" data-tab="0-7-1">
<div class="ui tab" data-tab="1-7-1">
<div class="ui segments">
<div class="ui segment">
<h2 class="ui header"><?= __('1.7.1') ?></h2>
</div>
<div class="ui segment">
<h3 class="ui header"><?= __('Improved') ?></h3>
<ul>
<li>
<?php
/** TRANSLATORS: Changelog: Improved */
echo __('Completely reworked the API');
?>
</li>
</ul>
</div>
</div>
</div>
<div class="ui tab" data-tab="0-7-1">
<div class="ui segments">
<div class="ui segment">

11
src/pages/install.php
View file

@ -43,6 +43,7 @@ switch ($step) {
<form class="ui form" action="<?= Page::PAGE_INSTALL ?>" method="POST">
<input type="hidden" name="step" value="<?= $step + 1; ?>" />
<input type="hidden" name="api_token" value="<?= sha1(ROOT) ?>">
<div class="ui error message"></div>
@ -246,11 +247,13 @@ switch ($step) {
);
$database->query(
'INSERT INTO `options`
(`key`, `value`)
'INSERT INTO
`options` (`key`, `value`)
VALUES
("isInstalled", true),
("version", "' . VERSION . '");'
("isInstalled", true),
("version", "' . VERSION . '"),
("api_token", UUID())
;'
);
/**

7
src/update/1-7-1.sql Normal file
View file

@ -0,0 +1,7 @@
/**
* Options
*/
INSERT INTO
`options` (`key`, `value`)
VALUES
('api_token', UUID());