mirrors/Piwigo
1
0
Fork 0
mirror of https://github.com/Piwigo/Piwigo.git synced 2025-04-29 12:49:57 +03:00
Code Issues Projects Releases Packages Wiki Activity Actions

Web Service:

Browse source 
- Delete functions_webserv.inc.php 
- Activate $colling_partner_id in ws.php


git-svn-id: http://piwigo.org/svn/trunk@1777 68402e56-0260-453c-a942-63ccdbb3a9ee
This commit is contained in:
vdigital 2007-02-03 15:50:07 +00:00
parent e0103e18bc
commit cb58bff46e
2 changed files with 18 additions and 169 deletions
Download patch file Download diff file Expand all files Collapse all files

143
include/functions_webserv.inc.php
View file

@ -1,143 +0,0 @@
<?php
// +-----------------------------------------------------------------------+
// | PhpWebGallery - a PHP based picture gallery |
// | Copyright (C) 2002-2003 Pierrick LE GALL - pierrick@phpwebgallery.net |
// | Copyright (C) 2003-2005 PhpWebGallery Team - http://phpwebgallery.net |
// +-----------------------------------------------------------------------+
// | branch : BSF (Best So Far)
// | file : $RCSfile$
// | last update : $Date: 2006-02-28 02:13:16 +0100 (mar., 28 févr. 2006) $
// | last modifier : $Author: rvelices $
// | revision : $Revision: 1058 $
// +-----------------------------------------------------------------------+
// | This program is free software; you can redistribute it and/or modify |
// | it under the terms of the GNU General Public License as published by |
// | the Free Software Foundation |
// | |
// | This program is distributed in the hope that it will be useful, but |
// | WITHOUT ANY WARRANTY; without even the implied warranty of |
// | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU |
// | General Public License for more details. |
// | |
// | You should have received a copy of the GNU General Public License |
// | along with this program; if not, write to the Free Software |
// | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, |
// | USA. |
// +-----------------------------------------------------------------------+
//------------------------------------------------------------------- functions
// official_req returns the managed requests list in array format
function official_req()
{
return array(
'random' /* Random order */
, 'list' /* list on MBt & z0rglub request */
, 'maxviewed' /* hit > 0 and hit desc order */
, 'recent' /* recent = Date_available desc order */
, 'highrated' /* avg_rate > 0 and desc order */
, 'oldest' /* Date_available asc order */
, 'lessviewed' /* hit asc order */
, 'lowrated' /* avg_rate asc order */
, 'undescribed' /* description missing */
, 'unnamed' /* new name missing */
, 'portraits' /* width < height (portrait oriented) */
, 'landscapes' /* width > height (landscape oriented) */
, 'squares' /* width ~ height (square form) */
);
}
// expand_id_list($ids) convert a human list expression to a full ordered list
// example : expand_id_list( array(5,2-3,2) ) returns array( 2, 3, 5)
function expand_id_list($ids)
{
$tid = array();
foreach ( $ids as $id )
{
if ( is_numeric($id) )
{
$tid[] = (int) $id;
}
else
{
$range = explode( '-', $id );
if ( is_numeric($range[0]) and is_numeric($range[1]) )
{
$from = min($range[0],$range[1]);
$to = max($range[0],$range[1]);
for ($i = $from; $i <= $to; $i++)
{
$tid[] = (int) $i;
}
}
}
}
$result = array_unique ($tid); // remove duplicates...
sort ($result);
return $result;
}
// check_target($string) verifies and corrects syntax of target parameter
// example : check_target(cat/23,24,24,24,25,27) returns cat/23-25,27
function check_target($list)
{
if ( $list !== '' )
{
$type = explode('/',$list); // Find type list
if ( !in_array($type[0],array('list','cat','tag') ) )
{
$type[0] = 'list'; // Assume an id list
}
$ids = explode( ',',$type[1] );
$list = $type[0] . '/';
// 1,2,21,3,22,4,5,9-12,6,11,12,13,2,4,6,
$result = expand_id_list( $ids );
// 1,2,3,4,5,6,9,10,11,12,13,21,22,
// I would like
// 1-6,9-13,21-22
$serial[] = $result[0]; // To be shifted
foreach ($result as $k => $id)
{
$next_less_1 = (isset($result[$k + 1]))? $result[$k + 1] - 1:-1;
if ( $id == $next_less_1 and end($serial)=='-' )
{ // nothing to do
}
elseif ( $id == $next_less_1 )
{
$serial[]=$id;
$serial[]='-';
}
else
{
$serial[]=$id; // end serie or non serie
}
}
$null = array_shift($serial); // remove first value
$list .= array_shift($serial); // add the real first one
$separ = ',';
foreach ($serial as $id)
{
$list .= ($id=='-') ? '' : $separ . $id;
$separ = ($id=='-') ? '-':','; // add comma except if hyphen
}
}
return $list;
}
// FIXME Function which could already exist somewhere else
function get_image_ids_for_cats($cat_ids)
{
$cat_list = implode(',', $cat_ids);
$ret_ids = array();
$query = '
SELECT DISTINCT image_id
FROM '.IMAGE_CATEGORY_TABLE.'
WHERE category_id in ('.$cat_list.')
;';
return $array_from_query($query, 'image_id');
}
?>

44
include/ws_functions.inc.php
View file

@ -51,12 +51,12 @@ SELECT * FROM '.WEB_SERVICES_ACCESS_TABLE."
} }
/** /**
* ws_add_controls * ws_addControls
* returns additionnal controls if requested * returns additionnal controls if requested
* usable for 99% of Web Service methods * usable for 99% of Web Service methods
* *
* - Args * - Args
* $method: is the requested method * $methodName: is the requested method
* $partner: is the key * $partner: is the key
* $tbl_name: is the alias_name in the query (sometimes called correlation name) * $tbl_name: is the alias_name in the query (sometimes called correlation name)
* null if !getting picture informations * null if !getting picture informations
@ -69,9 +69,9 @@ SELECT * FROM '.WEB_SERVICES_ACCESS_TABLE."
* *
* The additionnal in-where-clause is return * The additionnal in-where-clause is return
*/ */
function ws_add_controls( $method, $tbl_name ) function ws_addControls( $methodName, $tbl_name )
{ {
global $conf, $partner; global $conf, $calling_partner_id, $params;
if ( !$conf['ws_access_control'] ) if ( !$conf['ws_access_control'] )
{ {
return ' 1 = 1 '; // No controls are requested return ' 1 = 1 '; // No controls are requested
@ -80,7 +80,7 @@ function ws_add_controls( $method, $tbl_name )
// Is it an active Partner? // Is it an active Partner?
$query = ' $query = '
SELECT * FROM '.WEB_SERVICES_ACCESS_TABLE." SELECT * FROM '.WEB_SERVICES_ACCESS_TABLE."
WHERE `name` = '$partner' WHERE `name` = '$calling_partner_id'
AND NOW() <= end; "; AND NOW() <= end; ";
$result = pwg_query($query); $result = pwg_query($query);
if ( mysql_num_rows( $result ) == 0 ) if ( mysql_num_rows( $result ) == 0 )
@ -94,12 +94,14 @@ $result = pwg_query($query);
// Generic is not ready // Generic is not ready
// For generic you can say... tags. or categories. or images. maybe? // For generic you can say... tags. or categories. or images. maybe?
$filter = $row['request']; $filter = $row['request'];
$request_method = substr($method, 0, strlen($filter)) ; $request_method = substr($methodName, 0, strlen($filter)) ;
if ( $filter !== $filter_method ) if ( $filter !== $filter_method )
{ {
return ' 0 = 1'; // Unauthorized method request return ' 0 = 1'; // Unauthorized method request
} }
// Overide general object limit
$params['per_page'] = $row['limit'];
// Target restrict // Target restrict
// 3 cases: list, cat or tag // 3 cases: list, cat or tag
// Behind / we could found img-ids, cat-ids or tag-ids // Behind / we could found img-ids, cat-ids or tag-ids
@ -247,9 +249,7 @@ function ws_std_get_urls($image_row)
function ws_getVersion($params, &$service) function ws_getVersion($params, &$service)
{ {
// Needed for security reason... Maybe??? // TODO = Version availability is under control of $conf['show_version']
// $where_clause[] =
// ws_add_controls( 'getVersion', null );
return PHPWG_VERSION; return PHPWG_VERSION;
} }
@ -309,9 +309,8 @@ SELECT id, name, image_order
.implode(',', array_keys($cats) ) .implode(',', array_keys($cats) )
.')'; .')';
// Mandatory $where_clause[] =
// $where_clause[] = ws_addControls( 'categories.getImages', 'i.' );
// ws_add_controls( 'categories.getImages', 'i.' );
$order_by = ws_std_image_sql_order($params, 'i.'); $order_by = ws_std_image_sql_order($params, 'i.');
if (empty($order_by)) if (empty($order_by))
@ -431,11 +430,6 @@ function ws_categories_getList($params, &$service)
$where[] = 'id NOT IN ('.$user['forbidden_categories'].')'; $where[] = 'id NOT IN ('.$user['forbidden_categories'].')';
} }
// To ONLY build external links maybe ???
// $where_clause[] =
// ws_add_controls( 'categories.getList', null );
// Making links in a Blog...
$query = ' $query = '
SELECT id, name, uppercats, global_rank, SELECT id, name, uppercats, global_rank,
max_date_last, count_images AS nb_images, count_categories AS nb_categories max_date_last, count_images AS nb_images, count_categories AS nb_categories
@ -481,17 +475,16 @@ function ws_images_getInfo($params, &$service)
{ {
return new PwgError(WS_ERR_INVALID_PARAM, "Invalid image_id"); return new PwgError(WS_ERR_INVALID_PARAM, "Invalid image_id");
} }
// Mandatory (No comment)
// $where_clause[] =
// ws_add_controls( 'images.getInfo', '' );
$query=' $query='
SELECT * FROM '.IMAGES_TABLE.' SELECT * FROM '.IMAGES_TABLE.'
WHERE id='.$params['image_id']. WHERE id='.$params['image_id'].
get_sql_condition_FandF( get_sql_condition_FandF(
array('visible_images' => 'id'), array('visible_images' => 'id'),
' AND' ' AND'
).' ).' AND '.
LIMIT 1'; ws_addControls( 'images.getInfo', '' ).'
LIMIT 1;';
$image_row = mysql_fetch_assoc(pwg_query($query)); $image_row = mysql_fetch_assoc(pwg_query($query));
if ($image_row==null) if ($image_row==null)
@ -754,9 +747,8 @@ SELECT image_id, GROUP_CONCAT(tag_id) tag_ids
'', true '', true
); );
$where_clauses[] = 'id IN ('.implode(',',$image_ids).')'; $where_clauses[] = 'id IN ('.implode(',',$image_ids).')';
// Mandatory $where_clause[] =
// $where_clause[] = ws_addControls( 'tags.getImages', 'i.' );
// ws_add_controls( 'tags.getImages', '' );
$order_by = ws_std_image_sql_order($params); $order_by = ws_std_image_sql_order($params);
if (empty($order_by)) if (empty($order_by))