diff options
Diffstat (limited to '')
-rw-r--r-- | BSF/admin/ws_checker.php | 334 |
1 files changed, 0 insertions, 334 deletions
diff --git a/BSF/admin/ws_checker.php b/BSF/admin/ws_checker.php deleted file mode 100644 index 7da8fac10..000000000 --- a/BSF/admin/ws_checker.php +++ /dev/null @@ -1,334 +0,0 @@ -<?php -// +-----------------------------------------------------------------------+ -// | Piwigo - a PHP based picture gallery | -// +-----------------------------------------------------------------------+ -// | Copyright(C) 2008 Piwigo Team http://piwigo.org | -// | Copyright(C) 2003-2008 PhpWebGallery Team http://phpwebgallery.net | -// | Copyright(C) 2002-2003 Pierrick LE GALL http://le-gall.net/pierrick | -// +-----------------------------------------------------------------------+ -// | This program is free software; you can redistribute it and/or modify | -// | it under the terms of the GNU General Public License as published by | -// | the Free Software Foundation | -// | | -// | This program is distributed in the hope that it will be useful, but | -// | WITHOUT ANY WARRANTY; without even the implied warranty of | -// | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU | -// | General Public License for more details. | -// | | -// | You should have received a copy of the GNU General Public License | -// | along with this program; if not, write to the Free Software | -// | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, | -// | USA. | -// +-----------------------------------------------------------------------+ - -// Next evolution... -// Out of parameter WS management -// The remainer objective is to check -// - Does Web Service working properly? -// - Does any access return something really? -// Give a way to check to the webmaster... -// These questions are one of module name explanations (checker). - -if((!defined("PHPWG_ROOT_PATH")) or (!$conf['allow_web_services'])) -{ - die('Hacking attempt!'); -} -include_once(PHPWG_ROOT_PATH.'admin/include/functions.php'); -include_once(PHPWG_ROOT_PATH.'include/ws_functions.inc.php'); - -/** - * official_req returns the managed requests list in array format - * FIXME A New list need to be build for ws_checker.php - * returns array of authrorized request/methods - * */ -function official_req() -{ - $official = array( /* Requests are limited to */ - 'categories.' /* all categories. methods */ - , 'categories.getImages' - , 'categories.getList' - , 'images.' /* all images. methods */ - , 'images.getInfo' - , 'images.addComment' - , 'images.search' - , 'tags.' /* all tags. methods */ - , 'tags.getImages' - , 'tags.getList' - ); - if (function_exists('local_req')) { - $local = local_req(); - return array_merge( $official, $local ); - } - return $official; -} - -/** - * check_target($string) verifies and corrects syntax of target parameter - * example : check_target(cat/23,24,24,24,25,27) returns cat/23-25,27 - * */ -function check_target($list) -{ - if ( $list !== '' ) - { - $type = explode('/',$list); // Find type list - if ( !in_array($type[0],array('list','cat','tag') ) ) - { - $type[0] = 'list'; // Assume an id list - } - $ids = explode( ',',$type[1] ); - $list = $type[0] . '/'; - - // 1,2,21,3,22,4,5,9-12,6,11,12,13,2,4,6, - - $result = expand_id_list( $ids ); - - // 1,2,3,4,5,6,9,10,11,12,13,21,22, - // I would like - // 1-6,9-13,21-22 - $serial[] = $result[0]; // To be shifted - foreach ($result as $k => $id) - { - $next_less_1 = (isset($result[$k + 1]))? $result[$k + 1] - 1:-1; - if ( $id == $next_less_1 and end($serial)=='-' ) - { // nothing to do - } - elseif ( $id == $next_less_1 ) - { - $serial[]=$id; - $serial[]='-'; - } - else - { - $serial[]=$id; // end serie or non serie - } - } - $null = array_shift($serial); // remove first value - $list .= array_shift($serial); // add the real first one - $separ = ','; - foreach ($serial as $id) - { - $list .= ($id=='-') ? '' : $separ . $id; - $separ = ($id=='-') ? '-':','; // add comma except if hyphen - } - } - return $list; -} - -// +-----------------------------------------------------------------------+ -// | Check Access and exit when user status is not ok | -// +-----------------------------------------------------------------------+ -check_status(ACCESS_ADMINISTRATOR); - -// accepted queries -$req_type_list = official_req(); - -//--------------------------------------------------------- update informations -$chk_partner = ''; -// Is a new access required? - -if (isset($_POST['wsa_submit'])) -{ -// Check $_post (Some values are commented - maybe a future use) -$add_partner = htmlspecialchars( $_POST['add_partner'], ENT_QUOTES); -$add_target = check_target( $_POST['add_target']) ; -$add_end = ( is_numeric($_POST['add_end']) ) ? $_POST['add_end']:0; -$add_request = htmlspecialchars( $_POST['add_request'], ENT_QUOTES); -$add_limit = ( is_numeric($_POST['add_limit']) ) ? $_POST['add_limit']:1; -$add_comment = htmlspecialchars( $_POST['add_comment'], ENT_QUOTES); -if ( strlen($add_partner) < 8 ) -{ // TODO What? Complete with some MD5... -} - $query = ' -INSERT INTO '.WEB_SERVICES_ACCESS_TABLE.' -( `name` , `access` , `start` , `end` , `request` , `limit` , `comment` ) -VALUES (' . " - '$add_partner', '$add_target', - NOW(), - ADDDATE( NOW(), INTERVAL $add_end DAY), - '$add_request', '$add_limit', '$add_comment' );"; - - pwg_query($query); - $chk_partner = $add_partner; - - $template->append( - 'update_results', - l10n('ws_adding_legend').l10n('ws_success_upd') - ); -} - -// Next, Update selected access -if (isset($_POST['wsu_submit'])) -{ - $upd_end = ( is_numeric($_POST['upd_end']) ) ? $_POST['upd_end']:0; - $settxt = ' end = ADDDATE(NOW(), INTERVAL '. $upd_end .' DAY)'; - - if ((isset($_POST['selection'])) and (trim($settxt) != '')) - { - $uid = (int) $_POST['selection']; - $query = ' - UPDATE '.WEB_SERVICES_ACCESS_TABLE.' - SET '.$settxt.' - WHERE id = '.$uid.'; '; - pwg_query($query); - $template->append( - 'update_results', - l10n('ws_update_legend').l10n('ws_success_upd') - ); - } else { - $template->append( - 'update_results', - l10n('ws_update_legend').l10n('ws_failed_upd') - ); - } -} -// Next, Delete selected access - -if (isset($_POST['wsX_submit'])) -{ - if ((isset($_POST['delete_confirmation'])) - and (isset($_POST['selection']))) - { - $uid = (int) $_POST['selection']; - $query = 'DELETE FROM '.WEB_SERVICES_ACCESS_TABLE.' - WHERE id = '.$uid.'; '; - pwg_query($query); - $template->append( - 'update_results', - l10n('ws_delete_legend').l10n('ws_success_upd') - ); - } else { - $template->append( - 'update_results', - l10n('Not selected / Not confirmed').l10n('ws_failed_upd') - ); - } -} - - - -$template->assign( - array( - 'U_HELP' => get_root_url().'popuphelp.php?page=web_service', - ) - ); - -// Build where -$where = ''; -$order = ' ORDER BY `id` DESC' ; - -$query = ' -SELECT * - FROM '.WEB_SERVICES_ACCESS_TABLE.' -WHERE 1=1 ' -.$where. -' ' -.$order. -';'; -$result = pwg_query($query); -$acc_list = mysql_num_rows($result); -$result = pwg_query($query); -// +-----------------------------------------------------------------------+ -// | template init | -// +-----------------------------------------------------------------------+ - -$template->set_filenames( - array( - 'ws_checker' => 'admin/ws_checker.tpl' - ) - ); - - -// Access List -while ($row = mysql_fetch_array($result)) -{ - $chk_partner = ( $chk_partner == '' ) ? $row['name'] : $chk_partner; - $template->append( - 'access_list', - array( - 'ID' => $row['id'], - 'NAME' => - (is_adviser()) ? '*********' : $row['name'], - 'TARGET' => $row['access'], - 'END' => $row['end'], - 'REQUEST' => $row['request'], - 'LIMIT' => $row['limit'], - 'COMMENT' => $row['comment'], - ) - ); -} - -$template->assign('add_requests', $req_type_list); - -$template->assign('add_limits', $conf['ws_allowed_limit'] ); - -// Postponed Start Date -// By default 0, 1, 2, 3, 5, 7, 14 or 30 days -/*foreach ($conf['ws_postponed_start'] as $value) { - $template->assign_block_vars( - 'add_start', - array( - 'VALUE'=> $value, - 'CONTENT' => $value, - 'SELECTED' => ($conf['ws_postponed_start'][0] == $value) ? $selected:'', - ) - ); -}*/ - -// Durations (Allowed Web Services Period) -// By default 10, 5, 2, 1 year(s) or 6, 3, 1 month(s) or 15, 10, 7, 5, 1, 0 day(s) -$template->assign('add_ends', $conf['ws_durations']); - -if ( $chk_partner !== '' ) -{ - if (function_exists('curl_init')) - { - $request = get_absolute_root_url().'ws.php?method=pwg.getVersion&format=rest&' - . "partner=$chk_partner" ; - $session = curl_init($request); - curl_setopt ($session, CURLOPT_POST, true); - curl_setopt($session, CURLOPT_HEADER, true); - curl_setopt($session, CURLOPT_RETURNTRANSFER, true); - $response = curl_exec($session); - curl_close($session); - $status_code = array(); - preg_match('/\d\d\d/', $response, $status_code); - switch( $status_code[0] ) { - case 200: - $ws_status = l10n('Web Services under control'); - break; - case 503: - $ws_status = 'Piwigo Web Services failed and returned an ' - . 'HTTP status of 503. Service is unavailable. An internal ' - . 'problem prevented us from returning data to you.'; - break; - case 403: - $ws_status = 'Piwigo Web Services failed and returned an ' - . 'HTTP status of 403. Access is forbidden. You do not have ' - . 'permission to access this resource, or are over ' - . 'your rate limit.'; - break; - case 400: - // You may want to fall through here and read the specific XML error - $ws_status = 'Piwigo Web Services failed and returned an ' - . 'HTTP status of 400. Bad request. The parameters passed ' - . 'to the service did not match as expected. The exact ' - . 'error is returned in the XML response.'; - break; - default: - $ws_status = 'Piwigo Web Services returned an unexpected HTTP ' - . 'status of:' . $status_code[0]; - } - } - else - { - $ws_status = 'Cannot check - curl not installed'; - } - $template->assign( 'WS_STATUS', $ws_status ); -} - -//----------------------------------------------------------- sending html code - -$template->assign_var_from_handle('ADMIN_CONTENT', 'ws_checker'); - -include_once(PHPWG_ROOT_PATH.'include/ws_core.inc.php'); -?> |