diff --git a/application/controllers/api.php b/application/controllers/api.php
index 944066d1..659b83e4 100644
--- a/application/controllers/api.php
+++ b/application/controllers/api.php
@@ -149,40 +149,51 @@ class API extends CI_Controller {
$this->load->model('api_model');
$this->load->model('logbook_model');
$this->load->model('user_model');
- //if(!$this->user_model->authorize(3)) { $this->session->set_flashdata('notice', 'You\'re not allowed to do that!'); redirect('dashboard'); }
+
+ $arguments = $this->_retrieve();
+
+ if((!$this->user_model->authorize(3)) && ($this->api_model->authorize($arguments['key']) == 0)) {
+ $this->session->set_flashdata('notice', 'You\'re not allowed to do that!'); redirect('dashboard');
+ }
// Retrieve the arguments from the query string
- $arguments = $this->_retrieve();
+ $data['data']['format'] = $arguments['format'];
// Call the parser within the API model to build the query
$query = $this->api_model->select_parse($arguments);
// Execute the query, and retrieve the results
$s = $this->logbook_model->api_search_query($query);
- $results = $s['results'];
-
- // Cycle through the results, and translate between MySQL column names
- // and more friendly, descriptive names
$a = 0;
- if($results->num_rows != 0)
- {
- foreach ($results->result() as $row) {
- $record = (array)$row;
- $r[$a]['rid'] = $a;
- while (list($key, $val) = each($record)) {
- $r[$a][$this->api_model->name($key)] = $val;
- }
- $a++;
- }
- // Add the result record to the main results array
+
+ if(isset($s['results'])) {
+ $results = $s['results'];
+
+ // Cycle through the results, and translate between MySQL column names
+ // and more friendly, descriptive names
+ if($results->num_rows != 0)
+ {
+ foreach ($results->result() as $row) {
+ $record = (array)$row;
+ $r[$a]['rid'] = $a;
+ while (list($key, $val) = each($record)) {
+ $r[$a][$this->api_model->name($key)] = $val;
+ }
+ $a++;
+ }
+ // Add the result record to the main results array
$data['data']['search_Result']['results'] = $r;
- }
- else
- {
- // We've got no results, so make this empty for completeness
- $data['data']['search_Result']['results'] = "";
- }
-
+ }
+ else
+ {
+ // We've got no results, so make this empty for completeness
+ $data['data']['search_Result']['results'] = "";
+ }
+ } else {
+ $data['data']['error'] = $s['error'];
+ $data['data']['search_Result']['results'] = "";
+ }
+
// Add some debugging information to the XML output
$data['data']['queryInfo']['call'] = "search";
$data['data']['queryInfo']['dbQuery'] = $s['query'];
@@ -193,6 +204,27 @@ class API extends CI_Controller {
$this->load->view('api/index', $data);
}
+ function validate()
+ {
+ // Load the API and Logbook models
+ $this->load->model('api_model');
+ $this->load->model('logbook_model');
+
+ // Retrieve the arguments from the query string
+ $arguments = $this->_retrieve();
+
+ // Add some debugging information to the XML output
+ $data['data'] = $arguments;
+ $data['data']['queryInfo']['call'] = "validate";
+ $data['data']['queryInfo']['dbQuery'] = "";
+ $data['data']['queryInfo']['numResults'] = 1;
+ $data['data']['queryInfo']['executionTime'] = 0;
+
+ $data['data']['validate_Result']['results'] = array(0 => array('Result' => $this->api_model->authorize($arguments['key'])));
+
+ $this->load->view('api/index', $data);
+ }
+
function add()
{
// Load the API and Logbook models
@@ -245,20 +277,31 @@ class API extends CI_Controller {
$arguments = array();
// Retrieve each arguments
- $query = preg_grep("/^query\[(.*)\]$/", $this->uri->segments);
- $limit = preg_grep("/^limit\[(.*)\]$/", $this->uri->segments);
- $order = preg_grep("/^order\[(.*)\]$/", $this->uri->segments);
- $fields = preg_grep("/^fields\[(.*)\]$/", $this->uri->segments);
+ $query = preg_grep("/^query=(.*)$/", $this->uri->segments);
+ $limit = preg_grep("/^limit=(.*)$/", $this->uri->segments);
+ $order = preg_grep("/^order=(.*)$/", $this->uri->segments);
+ $fields = preg_grep("/^fields=(.*)$/", $this->uri->segments);
+ $format = preg_grep("/^format=(.*)$/", $this->uri->segments);
+ $key = preg_grep("/^key=(.*)$/", $this->uri->segments);
// Strip each argument
$arguments['query'] = substr(array_pop($query), 6);
- $arguments['query'] = substr($arguments['query'], 0, strlen($arguments['query']) - 1);
+ $arguments['query'] = substr($arguments['query'], 0, strlen($arguments['query']));
$arguments['limit'] = substr(array_pop($limit), 6);
- $arguments['limit'] = substr($arguments['limit'], 0, strlen($arguments['limit']) - 1);
+ $arguments['limit'] = substr($arguments['limit'], 0, strlen($arguments['limit']));
$arguments['order'] = substr(array_pop($order), 6);
- $arguments['order'] = substr($arguments['order'], 0, strlen($arguments['order']) - 1);
+ $arguments['order'] = substr($arguments['order'], 0, strlen($arguments['order']));
$arguments['fields'] = substr(array_pop($fields), 7);
- $arguments['fields'] = substr($arguments['fields'], 0, strlen($arguments['fields']) - 1);
+ $arguments['fields'] = substr($arguments['fields'], 0, strlen($arguments['fields']));
+ $arguments['format'] = substr(array_pop($format), 7);
+ $arguments['format'] = substr($arguments['format'], 0, strlen($arguments['format']));
+ $arguments['key'] = substr(array_pop($key), 4);
+ $arguments['key'] = substr($arguments['key'], 0, strlen($arguments['key']));
+
+ // By default, assume XML for the format if not otherwise set
+ if($arguments['format'] == "") {
+ $arguments['format'] = "xml";
+ }
// Return the arguments
return $arguments;
diff --git a/application/models/api_model.php b/application/models/api_model.php
index 11cc2e31..352a49ad 100644
--- a/application/models/api_model.php
+++ b/application/models/api_model.php
@@ -38,26 +38,41 @@ class API_Model extends CI_Model {
function access($key) {
+ // No key = no access, mate
+ if(!$key) {
+ return $status = "No Key Found";
+ }
+
// Check that the key is valid
$this->db->where('key', $key);
- $query = $this->db->get('api');
+ $query = $this->db->get('api');
- if ($query->num_rows() > 0)
- {
- foreach ($query->result() as $row)
- {
- if($row->status == "active") {
- return $status = $row->rights;
- } else {
- return $status = "Key Disabled";
- }
-
- }
- } else {
- return $status = "No Key Found";
- }
+ if ($query->num_rows() > 0)
+ {
+ foreach ($query->result() as $row)
+ {
+ if($row->status == "active") {
+ return $status = $row->rights;
+ } else {
+ return $status = "Key Disabled";
+ }
+ }
+ } else {
+ return $status = "No Key Found";
+ }
}
+ function authorize($key) {
+ $r = $this->access($key);
+ if($r == "rw") {
+ return 2;
+ } else if($r == "r") {
+ return 1;
+ } else {
+ return 0;
+ }
+ }
+
// FUNCTION: string name(string $column)
// Converts a MySQL column name to a more friendly name
function name($col)
@@ -178,6 +193,8 @@ class API_Model extends CI_Model {
$s[3] = '/\(asc\)/';
$s[4] = '/\(desc\)/';
$s[5] = '/,$/';
+ $s[6] = '/\[/';
+ $s[7] = '/\]/';
$r[0] = '(';
$r[1] = ')';
@@ -185,6 +202,8 @@ class API_Model extends CI_Model {
$r[3] = ' ASC ';
$r[4] = ' DESC ';
$r[5] = '';
+ $r[6] = '';
+ $r[7] = '';
$q .= preg_replace($s, $r, $arguments['order']);
@@ -243,8 +262,9 @@ class API_Model extends CI_Model {
$r[1] = ' OR ';
$r[2] = ' < ';
$r[3] = ' > ';
- $r[4] = '[';
- $r[5] = ']';
+ // Strip out square brackets
+ $r[4] = '';
+ $r[5] = '';
$r[6] = '++$1++ =';
$r[7] = '= \'$1\'';
$r[8] = 'UNIX_TIMESTAMP(NOW())';
diff --git a/application/models/logbook_model.php b/application/models/logbook_model.php
index 6dcb4690..22641ea4 100644
--- a/application/models/logbook_model.php
+++ b/application/models/logbook_model.php
@@ -411,7 +411,10 @@ class Logbook_model extends CI_Model {
function api_search_query($query) {
$time_start = microtime(true);
- $results = @$this->db->query($query);
+ $results = $this->db->query($query);
+ if(!$results) {
+ return array('query' => $query, 'error' => $this->db->_error_number(), 'time' => 0);
+ }
$time_end = microtime(true);
$time = round($time_end - $time_start, 4);
@@ -421,6 +424,9 @@ class Logbook_model extends CI_Model {
function api_insert_query($query) {
$time_start = microtime(true);
$results = $this->db->insert($this->config->item('table_name'), $query);
+ if(!$results) {
+ return array('query' => $query, 'error' => $this->db->_error_number(), 'time' => 0);
+ }
$time_end = microtime(true);
$time = round($time_end - $time_start, 4);
diff --git a/application/views/api/help.php b/application/views/api/help.php
index f48fd690..07f92e9a 100644
--- a/application/views/api/help.php
+++ b/application/views/api/help.php
@@ -64,7 +64,7 @@
?>
- | status); ?> |
+ status); ?> - Test |
@@ -81,15 +81,15 @@
Key with Read & Write Access
Key with Read Only Access
-There are a number of API calls you can make from other applications.
+There are a number of API calls you can make from other applications, with output available in either XML or JSON.
API Guide
Description
-Query the logbook
+Query the logbook, and output in XML format.
Syntax
-/search/query[<field><=|~><value>{(and|or)...]}/limit[<num>]/fields[<field1>,{<field2>}]/order[<field>]
+/search/format=<format>/query=<field><=|~><value>{(and|or)...}/limit=<num>/fields=<field1>,{<field2>/order=<field>
Example
Search for entries with a call beginning with M0 and a locator beginning with I or J, show the callsign and locator fields, order it by callsign and limit the results to 10.
-/search/query[Call~M0*(and)(Locator~I*(or)Locator~J*)]/limit[10]/fields[distinct(Call),Locator]/order[Call(asc)]
-Run it!
+/search/format=xml/query=Call~M0*(and)(Locator~I*(or)Locator~J*)/limit=10/fields=distinct(Call),Locator/order=Call(asc)
+Run it! (XML) or Run it! (JSON)
diff --git a/application/views/api/index.php b/application/views/api/index.php
index 725187b7..2042c3e0 100644
--- a/application/views/api/index.php
+++ b/application/views/api/index.php
@@ -1,17 +1,17 @@
createProcessingInstruction("xml-stylesheet", "type=\"text/xsl\" href=\"/css/api.xsl\"");
-$xmlDoc->appendChild($xsl);
+
+if($data['format'] == "xml") {
+ // Add reference to the XSLT
+ $xsl = $xmlDoc->createProcessingInstruction("xml-stylesheet", "type=\"text/xsl\" href=\"/css/api.xsl\"");
+ $xmlDoc->appendChild($xsl);
+}
// Get the method called, and build the root node
$call = $data['queryInfo']['call'];
-$rootNode = $xmlDoc->createElement("HRDWebLogbook-API");
+$rootNode = $xmlDoc->createElement("Cloudlog-API");
$parentNode = $xmlDoc->appendChild($rootNode);
// Get the results output
@@ -36,14 +36,14 @@ $queryElement->setAttribute("executionTime", $data['queryInfo']['executionTime']
$queryElement->setAttribute("logbookURL", $this->config->item('base_url'));
// Add the main results node
-$node = $xmlDoc->createElement("elements");
+$node = $xmlDoc->createElement("results");
$elementsNode = $parentNode->appendChild($node);
// Cycle through the results and add to the results node
if($output['results'])
{
foreach($output['results'] as $e) {
- $node = $xmlDoc->createElement("element");
+ $node = $xmlDoc->createElement("result");
$element = $elementsNode->appendChild($node);
foreach($e as $attr) {
@@ -70,8 +70,34 @@ if($output['results'])
}
}
-// Output formatted XML
-echo formatXmlString($xmlDoc->saveXML());
+if(isset($data['error']))
+{
+ $node = $xmlDoc->createElement("error");
+ $errorNode = $parentNode->appendChild($node);
+
+ $errorNode->setAttribute("id", $data['error']);
+}
+
+// Output
+
+// Check whether we want XML or JSON output
+if(($data['format'] == "xml") || ($data['format'] == "xmlp") || ($data['format'] == "xmlt")) {
+ if(($data['format'] == "xml") || ($data['format'] == "xmlp")) {
+ // Set the content-type for browsers
+ header("Content-type: text/xml");
+ }
+ echo formatXmlString($xmlDoc->saveXML());
+} else if($data['format'] == "json") {
+ // Set the content-type for browsers
+ header("Content-type: application/json");
+ // For now, our JSON output is simply the XML re-parsed with SimpleXML and
+ // then re-encoded with json_encode
+ $x = simplexml_load_string($xmlDoc->saveXML());
+ $j = json_encode($x);
+ echo $j;
+} else {
+ echo "Error: Unknown format type '".$data['format']."'.";
+}
// This function tidies up the outputted XML
function formatXmlString($xml) {
diff --git a/css/api.xsl b/css/api.xsl
index f81aa8b2..424ecaaf 100644
--- a/css/api.xsl
+++ b/css/api.xsl
@@ -11,11 +11,11 @@
Output of ''