cookie-0006-API-add-cmd-sendMessage.patch

author: Philip Häusler <msquare@notrademark.de> 2014-01-05 19:34:17 +0100
committer: Philip Häusler <msquare@notrademark.de> 2014-01-05 19:34:17 +0100
commit: 6664433fabc8d2173c74c74bc30f569e68228fa2 (patch)
tree: 65c6d2d026a6b2f67539083de6656177cb98d3e7 /includes
parent: 9dc5dbe3b6eacae5ea8dc335304edf7007d2ab57 (diff)
3 files changed, 90 insertions, 32 deletions
diff --git a/includes/controller/api.php b/includes/controller/api.php
index 0e77f5a0..35c23cb5 100644
--- a/includes/controller/api.php
+++ b/includes/controller/api.php
@@ -13,14 +13,16 @@ Every API Request must be contained the Api Key (using JSON parameter 'key') and
 
 Testing API calls (using curl):
 -------------------------------
-$ curl -d '{"key":"<key>","cmd":"getVersion"}' '<Address>/?p=api'
-
+$ curl -d '{"cmd":"getVersion"}' '<Address>/?p=api'
+$ curl -d '{"cmd":"getApiKey","user":"admin","pw":"admin"}' '<Address>/?p=api'
+$ curl -d '{"key":"<key>","cmd":"getRoom"}' '<Address>/?p=api'
+$ curl -d '{"key":"<key>","cmd":"sendmessage","uid":"23","text":"test message"}' '<Address>/?p=api'
 
 Methods without key:
 --------------------
 getVersion
   Description:
-    Returns API version. 
+    Returns API version.
   Parameters:
     nothing
   Return Example:
@@ -28,7 +30,7 @@ getVersion
 
 getApiKey
   Description:
-    Returns API Key version. 
+    Returns API Key version.
   Parameters:
     user (string)
     pw (string)
@@ -39,36 +41,36 @@ Methods with Key:
 -----------------
 getRoom
   Description:
-    Returns a list of all Rooms (no id set) or details of a single Room (requested id) 
+    Returns a list of all Rooms (no id set) or details of a single Room (requested id)
   Parameters:
-    id (integer) - Room ID 
+    id (integer) - Room ID
   Return Example:
     [{"RID":"1"},{"RID":"2"},{"RID":"3"},{"RID":"4"}]
     {"RID":"1","Name":"Room Name","Man":null,"FromPentabarf":"","show":"Y","Number":"0"}
 
 getAngelType
   Description:
-    Returns a list of all Angel Types (no id set) or details of a single Angel Type (requested id) 
+    Returns a list of all Angel Types (no id set) or details of a single Angel Type (requested id)
   Parameters:
-    id (integer) - Type ID 
+    id (integer) - Type ID
   Return Example:
     [{"id":"8"},{"id":"9"}]
     {"id":"9","name":"Angeltypes 2","restricted":"0"}
 
 getUser
   Description:
-    Returns a list of all Users (no id set) or details of a single User (requested id) 
+    Returns a list of all Users (no id set) or details of a single User (requested id)
   Parameters:
-    id (integer) - User ID 
+    id (integer) - User ID
   Return Example:
     [{"UID":"1"},{"UID":"23"},{"UID":"42"}]
     {"UID":"1","Nick":"admin","Name":"Gates","Vorname":"Bill","Telefon":"","DECT":"","Handy":"","email":"","ICQ":"","jabber":"","Avatar":"115"}
 
 getShift
   Description:
-    Returns a list of all Shifte (no id set, filter is optional) or details of a single Shift (requested id) 
+    Returns a list of all Shifte (no id set, filter is optional) or details of a single Shift (requested id)
   Parameters:
-    id (integer) - Shift ID 
+    id (integer) - Shift ID
     filterRoom (Array of integer) - Array of Room IDs (optional, for list request)
     filterTask (Array of integer) - Array if Task (optional, for list request)
     filterOccupancy (integer) - Occupancy state: (optional, for list request)
@@ -83,13 +85,21 @@ getShift
 
 getMessage
   Description:
-    Returns a list of all Messages (no id set) or details of a single Message (requested id) 
+    Returns a list of all Messages (no id set) or details of a single Message (requested id)
   Parameters:
-    id (integer) - Message ID 
+    id (integer) - Message ID
   Return Example:
     [{"id":"1"},{"id":"2"},{"id":"3"}]
     {"id":"3","Datum":"1388247583","SUID":"23","RUID":"42","isRead":"N","Text":"message text"}
 
+sendMessage
+  Description:
+    send a Message to an other angel
+  Parameters:
+    uid (integer) - User ID of the reciever
+    text (string) - Message Text
+  Return Example:
+    {"status":"success"}
 
 ************************************************************************************************/
 
@@ -98,8 +108,8 @@ getMessage
  * General API Controller
  */
 function api_controller() {
-  global $DataJson, $_REQUEST;
- 
+  global $user, $DataJson, $_REQUEST;
+
   header("Content-Type: application/json; charset=utf-8");
 
   // decode JSON request
@@ -160,19 +170,22 @@ function api_controller() {
     case 'getmessage':
       getMessage();
       break;
+    case 'sendmessage':
+      sendMessage();
+      break;
     default:
       $DataJson = array (
           'status' => 'failed',
           'error' => 'Unknown Command "'. $cmd. '"' );
   }
-  
-  // check 
+
+  // check
   if( $DataJson === false) {
     $DataJson = array (
       'status' => 'failed',
       'error' => 'DataJson === false' );
   }
-  
+
   echo json_encode($DataJson);
   die();
 }
@@ -182,8 +195,8 @@ function api_controller() {
  */
 function getVersion(){
   global $DataJson;
-  
-  $DataJson = array( 
+
+  $DataJson = array(
     'status' => 'success',
     'Version' => 1);
 }
@@ -195,7 +208,7 @@ function getVersion(){
 function getApiKey(){
   global $DataJson, $_REQUEST;
 
-  if (!isset($_REQUEST['user']) ) { 
+  if (!isset($_REQUEST['user']) ) {
     $DataJson = array (
       'status' => 'failed',
       'error' => 'Missing parameter "user".' );
@@ -206,12 +219,12 @@ function getApiKey(){
       'error' => 'Missing parameter "pw".' );
   } else {
     $Erg = sql_select( "SELECT `UID`, `Passwort`, `api_key` FROM `User` WHERE `Nick`='" . sql_escape($_REQUEST['user']) . "'");
-    
+
     if (count($Erg) == 1) {
       $Erg = $Erg[0];
       if (verify_password( $_REQUEST['pw'], $Erg["Passwort"], $Erg["UID"])) {
         $key = $Erg["api_key"];
-        $DataJson = array( 
+        $DataJson = array(
           'status' => 'success',
           'Key' => $key);
       } else {
@@ -225,17 +238,17 @@ function getApiKey(){
         'error' => 'User not found.' );
     }
   }
-  
+
   sleep(1);
 }
 
 
 /**
- * Get Room 
+ * Get Room
  */
 function getRoom(){
   global $DataJson, $_REQUEST;
-  
+
   if (isset($_REQUEST['id']) ) {
     $DataJson = mRoom( $_REQUEST['id']);
   } else {
@@ -261,7 +274,7 @@ function getAngelType(){
  */
 function getUser(){
   global $DataJson, $_REQUEST;
-  
+
   if (isset($_REQUEST['id']) ) {
     $DataJson = mUser_Limit( $_REQUEST['id']);
   } else {
@@ -295,4 +308,30 @@ function getMessage(){
   }
 }
 
+/**
+ * Send Message
+ */
+function sendMessage(){
+  global $DataJson, $_REQUEST;
+
+  if (!isset($_REQUEST['uid']) ) {
+  	$DataJson = array (
+  			'status' => 'failed',
+  			'error' => 'Missing parameter "uid".' );
+  }
+  elseif (!isset($_REQUEST['text']) ) {
+    $DataJson = array (
+      'status' => 'failed',
+      'error' => 'Missing parameter "text".' );
+  } else {
+    if( mMessage_Send( $_REQUEST['uid'], $_REQUEST['text']) === true) {
+    	$DataJson = array( 'status' => 'success');
+    } else {
+      $DataJson = array(
+        'status' => 'failed',
+        'error' => 'Transmitting was terminated with an Error.');
+    }
+  }
+}
+
 ?>
 \ No newline at end of file
diff --git a/includes/model/Message_model.php b/includes/model/Message_model.php
index 0141208b..d42dca5f 100644
--- a/includes/model/Message_model.php
+++ b/includes/model/Message_model.php
@@ -26,4 +26,26 @@ function mMessage($id) {
 	return null;
 }
 
+
+/**
+ * send message
+ *
+ * @param $id User ID of Reciever
+ * @param $text Text of Message
+ */
+function mMessage_Send($id, $text) {
+	global $user;
+	
+  $text = preg_replace("/([^\p{L}\p{P}\p{Z}\p{N}\n]{1,})/ui", '', strip_tags($text));
+  $to = preg_replace("/([^0-9]{1,})/ui", '', strip_tags( $id));
+
+  if (($text != "" && is_numeric($to)) && 
+      (sql_num_query("SELECT * FROM `User` WHERE `UID`=" . sql_escape($to) . " AND NOT `UID`=" . sql_escape($user['UID']) . " LIMIT 1") > 0) ) {
+    sql_query("INSERT INTO `Messages` SET `Datum`=" . sql_escape(time()) . ", `SUID`=" . sql_escape($user['UID']) . ", `RUID`=" . sql_escape($to) . ", `Text`='" . sql_escape($text) . "'");
+    return true;
+  } else {
+    return false;
+  }
+ }
+
 ?>
 \ No newline at end of file
diff --git a/includes/pages/user_messages.php b/includes/pages/user_messages.php
index f4928333..f7647e78 100644
--- a/includes/pages/user_messages.php
+++ b/includes/pages/user_messages.php
@@ -98,10 +98,7 @@ function user_messages() {
         break;
       
       case "send":
-        $text = preg_replace("/([^\p{L}\p{P}\p{Z}\p{N}\n]{1,})/ui", '', strip_tags($_REQUEST['text']));
-        $to = preg_replace("/([^0-9]{1,})/ui", '', strip_tags($_REQUEST['to']));
-        if ($text != "" && is_numeric($to) && sql_num_query("SELECT * FROM `User` WHERE `UID`=" . sql_escape($to) . " AND NOT `UID`=" . sql_escape($user['UID']) . " LIMIT 1") > 0) {
-          sql_query("INSERT INTO `Messages` SET `Datum`=" . sql_escape(time()) . ", `SUID`=" . sql_escape($user['UID']) . ", `RUID`=" . sql_escape($to) . ", `Text`='" . sql_escape($text) . "'");
+        if( mMessage_Send( $_REQUEST['to'], $_REQUEST['text']) === true) {
           redirect(page_link_to("user_messages"));
         } else {
           return error(_("Transmitting was terminated with an Error."), true);
author	Philip Häusler <msquare@notrademark.de>	2014-01-05 19:34:17 +0100
committer	Philip Häusler <msquare@notrademark.de>	2014-01-05 19:34:17 +0100
commit	6664433fabc8d2173c74c74bc30f569e68228fa2 (patch)
tree	65c6d2d026a6b2f67539083de6656177cb98d3e7 /includes
parent	9dc5dbe3b6eacae5ea8dc335304edf7007d2ab57 (diff)