├── README.md ├── api ├── index.php ├── resources │ └── functions │ │ └── restapi_functions.php └── root.php └── rest_api ├── app_config.php ├── app_defaults.php ├── app_languages.php ├── app_menu.php ├── resources └── classes │ └── rest_api.php ├── rest_api.php ├── rest_api_edit.php └── root.php /README.md: -------------------------------------------------------------------------------- 1 | Start making pull requests :) 2 | 3 | 4 | # OK so this is a starter for ten... 5 | 6 | This is the result of a lazy Sunday hacking session, 7 | there will almost certainly be bugs, and the code will need checking for 8 | security, so 9 | 10 | **DO NOT DEPLOY THESE APPS ON A PRODUCTION SERVER!** 11 | 12 | To make an extensible REST API, my view was to keep the .php code simple and 13 | drive the API from a SQL table (v_restapi). 14 | 15 | To do this we have two apps:
16 | **/app/api** This is where the API runs, and this location also has the re-write 17 | rules set up in the default Nginx config. Everything after the /app/api gets 18 | rewritten to rewrite_uri. 19 | 20 | **/app/rest_api** This is an application to edit the v_restapi table. 21 | Advanced->Upgade App Defaults / Schema etc. may be required unless undertake 22 | these actions manually. 23 | 24 | The app_defaults.php contains the SQL to insert the five test APIs into the 25 | table. 26 | 27 | The test scenarios all use the contacts data: 28 | 29 | * List Contacts 30 | * List Contact Numbrs 31 | * Add Contact Number 32 | * Update Contact Number 33 | * Delete Contact Number 34 | 35 | The Rest API uses the usual request methods: GET, POST, PUT, DELETE, and uses 36 | JSON for the data exchange to and from the client. 37 | 38 | Sample test urls are listed below, the GET transactions are easyenough to 39 | execute in your web browser butyou may need to use a tool shuch as Postman 40 | ([https://www.getpostman.com/apps](URL)) to execute the POST, PUT and DELETE options. 41 | The /api-key{} can appear anywhere in the URI, it is stripped out once the 42 | API Key (uuid) has been extracted.
43 | 44 | **List all contacts**
45 | URL: https://<your domain>/app/api/contacts/api-key{<uuid>}
46 | Request Method: GET
47 | 48 | 49 | **List all numbers for a contact**
50 | URL: https://<your domain>/app/api/contact{<contact uuid>}/numbers/api-key{<uuid>}
51 | Request Method: GET
52 | 53 | 54 | **Add a contact number**
55 | URL: https://<your domain>/app/api/contact{<contact uuid>}/number/api-key{<uuid>}
56 | Request Method: POST
57 | Body raw data:
58 | {
59 | "phone_type_voice":"1",
60 | "phone_type_fax":null,
61 | "phone_type_video":null,
62 | "phone_type_text":null,
63 | "phone_label":"Home",
64 | "phone_primary":"0",
65 | "phone_number":"01636600660",
66 | "phone_extension":"",
67 | "phone_speed_dial":"",
68 | "phone_description":"Data Centre"
69 | }
70 | 71 | 72 | **Update a contact number**
73 | URL: https://<your domain>/app/api/contact{<contact uuid>}/number{<number uuid>}/api-key{<uuid>}
74 | Request Method: PUT
75 | Body raw data:
76 | {
77 | "phone_type_voice":"1",
78 | "phone_type_fax":null,
79 | "phone_type_video":null,
80 | "phone_type_text":null,
81 | "phone_label":"Work",
82 | "phone_primary":"0",
83 | "phone_number":"01636600550",
84 | "phone_extension":"",
85 | "phone_speed_dial":"",
86 | "phone_description":"Main Office"
87 | }
88 | 89 | 90 | **Delete a contact number**
91 | URL: https://<your domain>/app/api/contact{<contact uuid>}/number{<number uuid>}/api-key{<uuid>}
92 | Request Method: DELETE
93 |
94 | A note on the rest_api app. There is an option to make the API global, this is achieved by 95 | setting the domain_uuid field to null. Maybe I'm missing something or there is a limitation in 96 | the database class, but if the domain_uuid is null the normal delete functions do not work. in 97 | order to delete a record you must first meake it non global and then delete it. 98 | 99 | I think, that's about it.
100 | Adrian Fretwell. 101 | 102 | 103 | -------------------------------------------------------------------------------- /api/index.php: -------------------------------------------------------------------------------- 1 | 22 | for that original work. 23 | 24 | Contributor(s): 25 | Adrian Fretwell 26 | */ 27 | 28 | //includes 29 | include "root.php"; 30 | require_once "resources/require.php"; 31 | require_once "resources/functions/restapi_functions.php"; 32 | 33 | // https://pbxtest-blue.a2es.uk/app/api/contacts{121548741}/address 34 | // string(27) "contacts{121548741}/address" 35 | 36 | if(isset($_REQUEST["rewrite_uri"])){ 37 | $rewrite_uri = rtrim($_REQUEST["rewrite_uri"], '/'); 38 | } else { 39 | send_access_denied(); 40 | } 41 | 42 | $request_method = $_SERVER["REQUEST_METHOD"]; 43 | $segments = explode('/', $rewrite_uri); 44 | 45 | $endpoints = array(); 46 | foreach($segments as $segment) { 47 | $ids = array(); 48 | preg_match('/(.*){(.*)}/' , $segment , $ids); 49 | if(count($ids) == 3) { 50 | $endpoints[$ids[1]] = $ids[2]; 51 | } else { 52 | $endpoints[$segment] = ""; 53 | } 54 | } 55 | 56 | if (!array_key_exists('api-key', $endpoints)) { 57 | send_access_denied(); 58 | } 59 | 60 | // set request key value ready for call to check_auth 61 | $_REQUEST['key'] = $endpoints['api-key']; 62 | require_once "resources/check_auth.php"; 63 | 64 | switch($request_method) { 65 | case "POST": 66 | if (!permission_exists('restapi_c')) {send_access_denied(); } 67 | break; 68 | case "GET": 69 | if (!permission_exists('restapi_r')) {send_access_denied(); } 70 | break; 71 | case "PUT": 72 | if (!permission_exists('restapi_u')) {send_access_denied(); } 73 | break; 74 | case "DELETE": 75 | if (!permission_exists('restapi_d')) {send_access_denied(); } 76 | break; 77 | default: 78 | send_access_denied(); 79 | } 80 | 81 | 82 | // remove record Ids but keep placeholders 83 | $rewrite_uri = preg_replace('/{[^\/]*}/', '{}', $rewrite_uri); 84 | // remove any refernce to the api key from uri that we will compare against the DB 85 | $rewrite_uri = preg_replace(array('/\/api-key{?}?/', '/^api-key{?}?\//'), '', $rewrite_uri); 86 | 87 | $sql = "select * from v_restapi where api_method = :api_method and api_uri = :api_uri and api_enabled = 'true' and (domain_uuid = :domain_uuid or domain_uuid is null) order by domain_uuid asc"; 88 | 89 | $parameters['domain_uuid'] = $_SESSION['domain_uuid']; 90 | $parameters['api_method'] = $request_method; 91 | $parameters['api_uri'] = $rewrite_uri; 92 | 93 | $database = new database; 94 | 95 | $rows = $database->select($sql, $parameters, 'all'); 96 | if (is_array($rows) && @sizeof($rows) != 0) { 97 | $api_sql = $rows[0]['api_sql']; 98 | } else { 99 | send_api_message(404, "API not found."); 100 | } 101 | 102 | unset ($parameters, $sql); 103 | 104 | if ($request_method == 'GET') { 105 | if (strpos($api_sql, ':domain_uuid') > 0){ 106 | $parameters['domain_uuid'] = $_SESSION['domain_uuid']; 107 | } 108 | foreach($endpoints as $key => $value){ 109 | if ($key == 'api-key') continue; 110 | if (strlen($value) > 0) { 111 | $parameters[$key] = $value; 112 | } 113 | } 114 | 115 | //var_dump($parameters); 116 | //echo "
\n"; 117 | //exit; 118 | 119 | $rows = $database->select($api_sql, $parameters, 'all'); 120 | if (is_array($rows) && @sizeof($rows) != 0) { 121 | send_data($rows); 122 | } else { 123 | send_api_message(200, "Empty result set."); 124 | } 125 | exit; 126 | } 127 | 128 | if ($request_method == 'POST') { 129 | $data = json_decode(file_get_contents("php://input"), TRUE); 130 | if (!permission_exists('restapi_domain_in_data')) { 131 | if (strpos($api_sql, ':domain_uuid') > 0){ 132 | $data['domain_uuid'] = $_SESSION['domain_uuid']; 133 | } 134 | } 135 | if (!permission_exists('restapi_new_uuid_in_data')) { 136 | $data['new_uuid'] = uuid(); 137 | } 138 | 139 | foreach($endpoints as $key => $value){ 140 | if ($key == 'api-key') continue; 141 | if (strlen($value) > 0) { 142 | $data[$key] = $value; 143 | } 144 | } 145 | 146 | //var_dump($data); 147 | //echo "
\n".$api_sql."
\n"; 148 | //exit; 149 | 150 | $database->execute($api_sql, $data, 'all'); 151 | send_api_message($database->message['code'], $database->message['message']); 152 | //echo $database->message['error']['message']."\n"; 153 | exit; 154 | } 155 | 156 | if ($request_method == 'PUT') { 157 | $data = json_decode(file_get_contents("php://input"), TRUE); 158 | if (!permission_exists('restapi_domain_in_data')) { 159 | if (strpos($api_sql, ':domain_uuid') > 0){ 160 | $data['domain_uuid'] = $_SESSION['domain_uuid']; 161 | } 162 | } 163 | 164 | foreach($endpoints as $key => $value){ 165 | if ($key == 'api-key') continue; 166 | if (strlen($value) > 0) { 167 | $data[$key] = $value; 168 | } 169 | } 170 | 171 | //var_dump($data); 172 | //echo "
\n".$api_sql."
\n"; 173 | //exit; 174 | 175 | $database->execute($api_sql, $data, 'all'); 176 | send_api_message($database->message['code'], $database->message['message']); 177 | //echo $database->message['error']['message']."\n"; 178 | exit; 179 | } 180 | 181 | if ($request_method == 'DELETE') { 182 | 183 | if (strpos($api_sql, ':domain_uuid') > 0){ 184 | $parameters['domain_uuid'] = $_SESSION['domain_uuid']; 185 | } 186 | foreach($endpoints as $key => $value){ 187 | if ($key == 'api-key') continue; 188 | if (strlen($value) > 0) { 189 | $parameters[$key] = $value; 190 | } 191 | } 192 | 193 | //var_dump($data); 194 | //echo "
\n".$api_sql."
\n"; 195 | //exit; 196 | 197 | $database->execute($api_sql, $parameters, 'all'); 198 | send_api_message($database->message['code'], $database->message['message']); 199 | //echo $database->message['error']['message']."\n"; 200 | exit; 201 | } 202 | 203 | exit; 204 | ?> 205 | 206 | -------------------------------------------------------------------------------- /api/resources/functions/restapi_functions.php: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /api/root.php: -------------------------------------------------------------------------------- 1 | 22 | for that original work. 23 | 24 | Contributor(s): 25 | Adrian Fretwell 26 | */ 27 | 28 | // make sure the PATH_SEPARATOR is defined 29 | umask(2); 30 | if (!defined("PATH_SEPARATOR")) { 31 | if (strpos($_ENV["OS"], "Win") !== false) { 32 | define("PATH_SEPARATOR", ";"); 33 | } else { 34 | define("PATH_SEPARATOR", ":"); 35 | } 36 | } 37 | 38 | if (!isset($output_format)) $output_format = (PHP_SAPI == 'cli') ? 'text' : 'html'; 39 | 40 | // make sure the document_root is set 41 | $_SERVER["SCRIPT_FILENAME"] = str_replace("\\", '/', $_SERVER["SCRIPT_FILENAME"]); 42 | if(PHP_SAPI == 'cli'){ 43 | chdir(pathinfo(realpath($_SERVER["PHP_SELF"]), PATHINFO_DIRNAME)); 44 | $script_full_path = str_replace("\\", '/', getcwd() . '/' . $_SERVER["SCRIPT_FILENAME"]); 45 | $dirs = explode('/', pathinfo($script_full_path, PATHINFO_DIRNAME)); 46 | if (file_exists('/project_root.php')) { 47 | $path = '/'; 48 | } else { 49 | $i = 1; 50 | $path = ''; 51 | while ($i < count($dirs)) { 52 | $path .= '/' . $dirs[$i]; 53 | if (file_exists($path. '/project_root.php')) { 54 | break; 55 | } 56 | $i++; 57 | } 58 | } 59 | $_SERVER["DOCUMENT_ROOT"] = $path; 60 | }else{ 61 | $_SERVER["DOCUMENT_ROOT"] = str_replace($_SERVER["PHP_SELF"], "", $_SERVER["SCRIPT_FILENAME"]); 62 | } 63 | $_SERVER["DOCUMENT_ROOT"] = realpath($_SERVER["DOCUMENT_ROOT"]); 64 | // try to detect if a project path is being used 65 | if (!defined('PROJECT_PATH')) { 66 | if (is_dir($_SERVER["DOCUMENT_ROOT"]. '/fusionpbx')) { 67 | define('PROJECT_PATH', '/fusionpbx'); 68 | } elseif (file_exists($_SERVER["DOCUMENT_ROOT"]. '/project_root.php')) { 69 | define('PROJECT_PATH', ''); 70 | } else { 71 | $dirs = explode('/', str_replace('\\', '/', pathinfo($_SERVER["PHP_SELF"], PATHINFO_DIRNAME))); 72 | $i = 1; 73 | $path = $_SERVER["DOCUMENT_ROOT"]; 74 | while ($i < count($dirs)) { 75 | $path .= '/' . $dirs[$i]; 76 | if (file_exists($path. '/project_root.php')) { 77 | break; 78 | } 79 | $i++; 80 | } 81 | if(!file_exists($path. '/project_root.php')){ 82 | die("Failed to locate the Project Root by searching for project_root.php please contact support for assistance"); 83 | } 84 | $project_path = str_replace($_SERVER["DOCUMENT_ROOT"], "", $path); 85 | define('PROJECT_PATH', $project_path); 86 | } 87 | $_SERVER["PROJECT_ROOT"] = realpath($_SERVER["DOCUMENT_ROOT"] . PROJECT_PATH); 88 | set_include_path(get_include_path() . PATH_SEPARATOR . $_SERVER["PROJECT_ROOT"]); 89 | } 90 | 91 | ?> -------------------------------------------------------------------------------- /rest_api/app_config.php: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /rest_api/app_defaults.php: -------------------------------------------------------------------------------- 1 | 22 | for that original work. 23 | 24 | Contributor(s): 25 | Adrian Fretwell 26 | */ 27 | 28 | //process this only one time 29 | if ($domains_processed == 1) { 30 | 31 | //test to see if we already have any entries in v_restapi 32 | $sql = "select count(*) as \"restapi_count\" from v_restapi"; 33 | $database = new database; 34 | $rows = $database->select($sql, null, 'all'); 35 | if (is_array($rows) && @sizeof($rows) != 0) { 36 | $restapi_count = $rows[0]['restapi_count']; 37 | } 38 | unset($sql); 39 | 40 | 41 | if ($restapi_count < 1) { 42 | $sql = "insert into v_restapi values('44acd6ad-c7bc-435a-8a2d-9d047ac4ef43', 43 | NULL, 44 | 'List Contacts', 45 | 'Contacts', 46 | 'GET', 47 | 'contacts', 48 | 'select * from v_contacts 49 | where domain_uuid = :domain_uuid', 50 | 'true', 51 | 'Lists all contacts')"; 52 | 53 | $database->execute($sql, null, 'all'); 54 | unset($sql); 55 | 56 | $sql = "insert into v_restapi values('2f76129e-e7f3-40a2-ac49-b576e875239a', 57 | NULL, 58 | 'List Contact Numbers', 59 | 'Contacts', 60 | 'GET', 61 | 'contact{}/numbers', 62 | 'select * from v_contact_phones 63 | where domain_uuid = :domain_uuid 64 | and contact_uuid = :contact', 65 | 'true', 66 | 'Lists numbers for a contact')"; 67 | 68 | $database->execute($sql, null, 'all'); 69 | unset($sql); 70 | $sql = "insert into v_restapi values('cc742cc5-e42a-4a06-8def-5d30a3d99673', 71 | NULL, 72 | 'Add Contact Number', 73 | 'Contacts', 74 | 'POST', 75 | 'contact{}/number', 76 | 'insert into v_contact_phones values ( 77 | :new_uuid, 78 | :domain_uuid, 79 | :contact, 80 | :phone_type_voice, 81 | :phone_type_fax, 82 | :phone_type_video, 83 | :phone_type_text, 84 | :phone_label, 85 | :phone_primary, 86 | :phone_number, 87 | :phone_extension, 88 | :phone_speed_dial, 89 | :phone_description 90 | )', 91 | 'true', 92 | 'Adds a new contact number')"; 93 | 94 | $database->execute($sql, null, 'all'); 95 | unset($sql); 96 | $sql = "insert into v_restapi values('95553635-4c35-427a-9fc6-c1496c149279', 97 | NULL, 98 | 'Update Contact Number', 99 | 'Contacts', 100 | 'PUT', 101 | 'contact{}/number{}', 102 | 'update v_contact_phones set 103 | phone_type_voice = :phone_type_voice, 104 | phone_type_fax = :phone_type_fax, 105 | phone_type_video = :phone_type_video, 106 | phone_type_text = :phone_type_text, 107 | phone_label = :phone_label, 108 | phone_primary = :phone_primary, 109 | phone_number = :phone_number, 110 | phone_extension = :phone_extension, 111 | phone_speed_dial = :phone_speed_dial, 112 | phone_description = :phone_description 113 | where 114 | contact_phone_uuid = :number 115 | and domain_uuid = :domain_uuid 116 | and contact_uuid = :contact', 117 | 'true', 118 | 'Updates a contact number')"; 119 | 120 | $database->execute($sql, null, 'all'); 121 | unset($sql); 122 | $sql = "insert into v_restapi values('64be0dd0-c630-454c-ae8e-ffa0dfc2bbc5', 123 | NULL, 124 | 'Delete Contact Number', 125 | 'Contacts', 126 | 'DELETE', 127 | 'contact{}/number{}', 128 | 'delete from v_contact_phones 129 | where 130 | contact_phone_uuid = :number 131 | and domain_uuid = :domain_uuid 132 | and contact_uuid = :contact', 133 | 'true', 134 | 'Deletes a contact number')"; 135 | 136 | $database->execute($sql, null, 'all'); 137 | unset($sql); 138 | 139 | } 140 | 141 | } 142 | 143 | ?> -------------------------------------------------------------------------------- /rest_api/app_languages.php: -------------------------------------------------------------------------------- 1 | 386 | -------------------------------------------------------------------------------- /rest_api/app_menu.php: -------------------------------------------------------------------------------- 1 | 19 | -------------------------------------------------------------------------------- /rest_api/resources/classes/rest_api.php: -------------------------------------------------------------------------------- 1 | 22 | for that original work. 23 | 24 | Contributor(s): 25 | Adrian Fretwell 26 | */ 27 | 28 | //define the rest_api class 29 | if (!class_exists('rest_api')) { 30 | class rest_api { 31 | 32 | /** 33 | * declare private variables 34 | */ 35 | private $app_name; 36 | private $app_uuid; 37 | private $permission_prefix; 38 | private $list_page; 39 | private $table; 40 | private $uuid_prefix; 41 | private $toggle_field; 42 | private $toggle_values; 43 | 44 | /** 45 | * called when the object is created 46 | */ 47 | public function __construct() { 48 | 49 | //assign private variables 50 | $this->app_name = 'RestAPI'; 51 | $this->app_uuid = '41669f92-ed54-4851-8b98-e244fa71f38c'; 52 | $this->permission_prefix = 'restapi_'; 53 | $this->list_page = 'rest_api.php'; 54 | $this->table = 'restapi'; 55 | $this->uuid_prefix = 'restapi_'; 56 | $this->toggle_field = 'api_enabled'; 57 | $this->toggle_values = ['true','false']; 58 | 59 | } 60 | 61 | /** 62 | * called when there are no references to a particular object 63 | * unset the variables used in the class 64 | */ 65 | public function __destruct() { 66 | foreach ($this as $key => $value) { 67 | unset($this->$key); 68 | } 69 | } 70 | 71 | /** 72 | * delete records 73 | */ 74 | public function delete($records) { 75 | if (permission_exists($this->permission_prefix.'delete')) { 76 | 77 | //add multi-lingual support 78 | $language = new text; 79 | $text = $language->get(); 80 | 81 | //validate the token 82 | $token = new token; 83 | if (!$token->validate($_SERVER['PHP_SELF'])) { 84 | message::add($text['message-invalid_token'],'negative'); 85 | header('Location: '.$this->list_page); 86 | exit; 87 | } 88 | 89 | //delete multiple records 90 | if (is_array($records) && @sizeof($records) != 0) { 91 | 92 | //build the delete array 93 | foreach ($records as $x => $record) { 94 | if ($record['checked'] == 'true' && is_uuid($record['uuid'])) { 95 | $array[$this->table][$x][$this->uuid_prefix.'uuid'] = $record['uuid']; 96 | $array[$this->table][$x]['domain_uuid'] = $_SESSION['domain_uuid']; 97 | } 98 | } 99 | 100 | //delete the checked rows 101 | if (is_array($array) && @sizeof($array) != 0) { 102 | 103 | //execute delete 104 | $database = new database; 105 | $database->app_name = $this->app_name; 106 | $database->app_uuid = $this->app_uuid; 107 | $database->delete($array); 108 | unset($array); 109 | 110 | //set message 111 | message::add($text['message-delete']); 112 | } 113 | unset($records); 114 | } 115 | } 116 | } 117 | 118 | /** 119 | * toggle records 120 | */ 121 | public function toggle($records) { 122 | if (permission_exists($this->permission_prefix.'edit')) { 123 | 124 | //add multi-lingual support 125 | $language = new text; 126 | $text = $language->get(); 127 | 128 | //validate the token 129 | $token = new token; 130 | if (!$token->validate($_SERVER['PHP_SELF'])) { 131 | message::add($text['message-invalid_token'],'negative'); 132 | header('Location: '.$this->list_page); 133 | exit; 134 | } 135 | 136 | //toggle the checked records 137 | if (is_array($records) && @sizeof($records) != 0) { 138 | 139 | //get current toggle state 140 | foreach ($records as $x => $record) { 141 | if ($record['checked'] == 'true' && is_uuid($record['uuid'])) { 142 | $uuids[] = "'".$record['uuid']."'"; 143 | } 144 | } 145 | if (is_array($uuids) && @sizeof($uuids) != 0) { 146 | $sql = "select ".$this->uuid_prefix."uuid as uuid, ".$this->toggle_field." as toggle from v_".$this->table." "; 147 | $sql .= "where (domain_uuid = :domain_uuid or domain_uuid is null) "; 148 | $sql .= "and ".$this->uuid_prefix."uuid in (".implode(', ', $uuids).") "; 149 | $parameters['domain_uuid'] = $_SESSION['domain_uuid']; 150 | $database = new database; 151 | $rows = $database->select($sql, $parameters, 'all'); 152 | if (is_array($rows) && @sizeof($rows) != 0) { 153 | foreach ($rows as $row) { 154 | $states[$row['uuid']] = $row['toggle']; 155 | } 156 | } 157 | unset($sql, $parameters, $rows, $row); 158 | } 159 | 160 | //build update array 161 | $x = 0; 162 | foreach ($states as $uuid => $state) { 163 | $array[$this->table][$x][$this->uuid_prefix.'uuid'] = $uuid; 164 | $array[$this->table][$x][$this->toggle_field] = $state == $this->toggle_values[0] ? $this->toggle_values[1] : $this->toggle_values[0]; 165 | $x++; 166 | } 167 | 168 | //save the changes 169 | if (is_array($array) && @sizeof($array) != 0) { 170 | 171 | //save the array 172 | $database = new database; 173 | $database->app_name = $this->app_name; 174 | $database->app_uuid = $this->app_uuid; 175 | $database->save($array); 176 | unset($array); 177 | 178 | //set message 179 | message::add($text['message-toggle']); 180 | } 181 | unset($records, $states); 182 | } 183 | 184 | } 185 | } 186 | 187 | /** 188 | * copy records 189 | */ 190 | public function copy($records) { 191 | if (permission_exists($this->permission_prefix.'add')) { 192 | 193 | //add multi-lingual support 194 | $language = new text; 195 | $text = $language->get(); 196 | 197 | //validate the token 198 | $token = new token; 199 | if (!$token->validate($_SERVER['PHP_SELF'])) { 200 | message::add($text['message-invalid_token'],'negative'); 201 | header('Location: '.$this->list_page); 202 | exit; 203 | } 204 | 205 | //copy the checked records 206 | if (is_array($records) && @sizeof($records) != 0) { 207 | 208 | //get checked records 209 | foreach ($records as $x => $record) { 210 | if ($record['checked'] == 'true' && is_uuid($record['uuid'])) { 211 | $uuids[] = "'".$record['uuid']."'"; 212 | } 213 | } 214 | 215 | //create insert array from existing data 216 | if (is_array($uuids) && @sizeof($uuids) != 0) { 217 | $sql = "select * from v_".$this->table." "; 218 | $sql .= "where (domain_uuid = :domain_uuid or domain_uuid is null) "; 219 | $sql .= "and ".$this->uuid_prefix."uuid in (".implode(', ', $uuids).") "; 220 | $parameters['domain_uuid'] = $_SESSION['domain_uuid']; 221 | $database = new database; 222 | $rows = $database->select($sql, $parameters, 'all'); 223 | if (is_array($rows) && @sizeof($rows) != 0) { 224 | foreach ($rows as $x => $row) { 225 | 226 | //copy data 227 | $array[$this->table][$x] = $row; 228 | 229 | //overwrite 230 | $array[$this->table][$x][$this->uuid_prefix.'uuid'] = uuid(); 231 | $array[$this->table][$x]['api_description'] = trim($row['api_description'].' ('.$text['label-copy'].')'); 232 | 233 | } 234 | } 235 | unset($sql, $parameters, $rows, $row); 236 | } 237 | 238 | //save the changes and set the message 239 | if (is_array($array) && @sizeof($array) != 0) { 240 | 241 | //save the array 242 | $database = new database; 243 | $database->app_name = $this->app_name; 244 | $database->app_uuid = $this->app_uuid; 245 | $database->save($array); 246 | unset($array); 247 | 248 | //set message 249 | message::add($text['message-copy']); 250 | 251 | } 252 | unset($records); 253 | } 254 | 255 | } 256 | } 257 | 258 | } 259 | } 260 | 261 | ?> -------------------------------------------------------------------------------- /rest_api/rest_api.php: -------------------------------------------------------------------------------- 1 | 22 | for that original work. 23 | 24 | Contributor(s): 25 | Adrian Fretwell 26 | */ 27 | 28 | //includes 29 | require_once "root.php"; 30 | require_once "resources/require.php"; 31 | require_once "resources/check_auth.php"; 32 | require_once "resources/paging.php"; 33 | 34 | //check permissions 35 | if (permission_exists('restapi_view')) { 36 | //access granted 37 | } 38 | else { 39 | echo "access denied"; 40 | exit; 41 | } 42 | 43 | //add multi-lingual support 44 | $language = new text; 45 | $text = $language->get(); 46 | 47 | //get the http post data 48 | if (is_array($_POST['rest_api'])) { 49 | $action = $_POST['action']; 50 | $search = $_POST['search']; 51 | $rest_api = $_POST['rest_api']; 52 | } 53 | 54 | //process the http post data by action 55 | if ($action != '' && is_array($rest_api) && @sizeof($rest_api) != 0) { 56 | switch ($action) { 57 | case 'copy': 58 | if (permission_exists('restapi_add')) { 59 | $obj = new rest_api; 60 | $obj->copy($rest_api); 61 | } 62 | break; 63 | case 'toggle': 64 | if (permission_exists('restapi_edit')) { 65 | $obj = new rest_api; 66 | $obj->toggle($rest_api); 67 | } 68 | break; 69 | case 'delete': 70 | if (permission_exists('restapi_delete')) { 71 | $obj = new rest_api; 72 | $obj->delete($rest_api); 73 | } 74 | break; 75 | } 76 | 77 | header('Location: rest_api.php'.($search != '' ? '?search='.urlencode($search) : null)); 78 | exit; 79 | } 80 | 81 | //get order and order by 82 | $order_by = $_GET["order_by"]; 83 | $order = $_GET["order"]; 84 | 85 | //add the search string 86 | $search = strtolower($_GET["search"]); 87 | if (strlen($search) > 0) { 88 | $sql_search = " ("; 89 | $sql_search .= " lower(api_category) like :search "; 90 | $sql_search .= " or lower(api_uri) like :search "; 91 | $sql_search .= " or lower(api_enabled) like :search "; 92 | $sql_search .= " or lower(api_description) like :search "; 93 | $sql_search .= ") "; 94 | $parameters['search'] = '%'.$search.'%'; 95 | } 96 | 97 | //get the count 98 | $sql = "select count(restapi_uuid) from v_restapi "; 99 | if ($_GET['show'] == "all" && permission_exists('restapi_all')) { 100 | if (isset($sql_search)) { 101 | $sql .= "where ".$sql_search; 102 | } 103 | } 104 | else { 105 | $sql .= "where (domain_uuid = :domain_uuid or domain_uuid is null) "; 106 | if (isset($sql_search)) { 107 | $sql .= "and ".$sql_search; 108 | } 109 | $parameters['domain_uuid'] = $domain_uuid; 110 | } 111 | $database = new database; 112 | $num_rows = $database->select($sql, $parameters, 'column'); 113 | 114 | //prepare to page the results 115 | $rows_per_page = ($_SESSION['domain']['paging']['numeric'] != '') ? $_SESSION['domain']['paging']['numeric'] : 50; 116 | $param = $search ? "&search=".$search : null; 117 | $param = ($_GET['show'] == 'all' && permission_exists('restapi_all')) ? "&show=all" : null; 118 | $page = is_numeric($_GET['page']) ? $_GET['page'] : 0; 119 | list($paging_controls, $rows_per_page) = paging($num_rows, $param, $rows_per_page); 120 | list($paging_controls_mini, $rows_per_page) = paging($num_rows, $param, $rows_per_page, true); 121 | $offset = $rows_per_page * $page; 122 | 123 | //get the list 124 | $sql = str_replace('count(restapi_uuid)', '*', $sql); 125 | $sql .= order_by($order_by, $order, 'api_name', 'asc'); 126 | $sql .= limit_offset($rows_per_page, $offset); 127 | $database = new database; 128 | $rest_api = $database->select($sql, $parameters, 'all'); 129 | unset($sql, $parameters); 130 | 131 | //create token 132 | $object = new token; 133 | $token = $object->create($_SERVER['PHP_SELF']); 134 | 135 | //include the header 136 | $document['title'] = $text['title-restapi']; 137 | require_once "resources/header.php"; 138 | 139 | //show the content 140 | echo "

\n"; 141 | echo "

".$text['title-restapi']." (".$num_rows.")

\n"; 142 | echo "

\n"; 143 | if (permission_exists('restapi_add')) { 144 | echo button::create(['type'=>'button','label'=>$text['button-add'],'icon'=>$_SESSION['theme']['button_icon_add'],'link'=>'rest_api_edit.php']); 145 | } 146 | if (permission_exists('restapi_add') && $rest_api) { 147 | echo button::create(['type'=>'button','label'=>$text['button-copy'],'icon'=>$_SESSION['theme']['button_icon_copy'],'onclick'=>"if (confirm('".$text['confirm-copy']."')) { list_action_set('copy'); list_form_submit('form_list'); } else { this.blur(); return false; }"]); 148 | } 149 | if (permission_exists('restapi_edit') && $rest_api) { 150 | echo button::create(['type'=>'button','label'=>$text['button-toggle'],'icon'=>$_SESSION['theme']['button_icon_toggle'],'onclick'=>"if (confirm('".$text['confirm-toggle']."')) { list_action_set('toggle'); list_form_submit('form_list'); } else { this.blur(); return false; }"]); 151 | } 152 | if (permission_exists('restapi_delete') && $rest_api) { 153 | echo button::create(['type'=>'button','label'=>$text['button-delete'],'icon'=>$_SESSION['theme']['button_icon_delete'],'onclick'=>"if (confirm('".$text['confirm-delete']."')) { list_action_set('delete'); list_form_submit('form_list'); } else { this.blur(); return false; }"]); 154 | } 155 | echo "

\n"; 156 | if (permission_exists('restapi_all')) { 157 | if ($_GET['show'] == 'all') { 158 | echo " \n"; 159 | } 160 | else { 161 | echo button::create(['type'=>'button','label'=>$text['button-show_all'],'icon'=>$_SESSION['theme']['button_icon_all'],'link'=>'?show=all']); 162 | } 163 | } 164 | echo ""; 165 | echo button::create(['label'=>$text['button-search'],'icon'=>$_SESSION['theme']['button_icon_search'],'type'=>'submit','id'=>'btn_search','style'=>($search != '' ? 'display: none;' : null)]); 166 | echo button::create(['label'=>$text['button-reset'],'icon'=>$_SESSION['theme']['button_icon_reset'],'type'=>'button','id'=>'btn_reset','link'=>'rest_api.php','style'=>($search == '' ? 'display: none;' : null)]); 167 | if ($paging_controls_mini != '') { 168 | echo "".$paging_controls_mini."\n"; 169 | } 170 | echo "

\n"; 171 | echo "

\n"; 172 | echo "

\n"; 173 | echo "

\n"; 174 | 175 | echo $text['title_description-restapi']."\n"; 176 | echo "

\n"; 177 | 178 | echo "

\n"; 179 | echo "\n"; 180 | echo "\n"; 181 | 182 | echo "\n"; 183 | echo "\n"; 184 | if (permission_exists('restapi_add') || permission_exists('restapi_edit') || permission_exists('restapi_delete')) { 185 | echo " \n"; 188 | } 189 | if ($_GET['show'] == 'all' && permission_exists('restapi_all')) { 190 | echo th_order_by('domain_name', $text['label-domain'], $order_by, $order); 191 | } 192 | echo th_order_by('api_name', $text['label-restapi_name'], $order_by, $order); 193 | echo th_order_by('api_category', $text['label-restapi_category'], $order_by, $order); 194 | echo th_order_by('api_method', $text['label-restapi_method'], $order_by, $order); 195 | echo th_order_by('api_uri', $text['label-restapi_uri'], $order_by, $order); 196 | echo th_order_by('api_enabled', $text['label-restapi_enabled'], $order_by, $order, null, "class='center'"); 197 | echo " \n"; 198 | if (permission_exists('restapi_edit') && $_SESSION['theme']['list_row_edit_button']['boolean'] == 'true') { 199 | echo " \n"; 200 | } 201 | echo "\n"; 202 | 203 | if (is_array($rest_api) && @sizeof($rest_api) != 0) { 204 | $x = 0; 205 | foreach ($rest_api as $row) { 206 | if (permission_exists('restapi_edit')) { 207 | $list_row_url = "rest_api_edit.php?id=".urlencode($row['restapi_uuid']); 208 | } 209 | echo "\n"; 210 | if (permission_exists('restapi_add') || permission_exists('restapi_edit') || permission_exists('restapi_delete')) { 211 | echo " \n"; 215 | } 216 | if ($_GET['show'] == 'all' && permission_exists('restapi_all')) { 217 | echo " \n"; 218 | } 219 | echo " \n"; 227 | echo " \n"; 235 | echo " \n"; 243 | echo " \n"; 244 | 245 | if (permission_exists('restapi_edit')) { 246 | echo " \n"; 254 | echo " \n"; 255 | if (permission_exists('restapi_edit') && $_SESSION['theme']['list_row_edit_button']['boolean'] == 'true') { 256 | echo " \n"; 259 | } 260 | echo "\n"; 261 | $x++; 262 | } 263 | unset($rest_api); 264 | } 265 | 266 | echo "

\n"; 186 \| echo " \n"; 187 \| echo "	".$text['label-restapi_description']."
\n"; 212 \| echo " \n"; 213 \| echo " \n"; 214 \| echo "	".escape($_SESSION['domains'][$row['domain_uuid']]['domain_name'])."	\n"; 220 \| if (permission_exists('restapi_edit')) { 221 \| echo " ".escape($row['api_name'])."\n"; 222 \| } 223 \| else { 224 \| echo " ".escape($row['api_name']); 225 \| } 226 \| echo "	\n"; 228 \| if (permission_exists('restapi_edit')) { 229 \| echo " ".escape($row['api_category'])."\n"; 230 \| } 231 \| else { 232 \| echo " ".escape($row['api_category']); 233 \| } 234 \| echo "	\n"; 236 \| if (permission_exists('restapi_edit')) { 237 \| echo " ".escape($row['api_method'])."\n"; 238 \| } 239 \| else { 240 \| echo " ".escape($row['api_method']); 241 \| } 242 \| echo "	".escape($row['api_uri'])."	\n"; 247 \| echo button::create(['type'=>'submit','class'=>'link','label'=>$text['label-'.$row['api_enabled']],'title'=>$text['button-toggle'],'onclick'=>"list_self_check('checkbox_".$x."'); list_action_set('toggle'); list_form_submit('form_list')"]); 248 \| } 249 \| else { 250 \| echo "	\n"; 251 \| echo $text['label-'.$row['api_enabled']]; 252 \| } 253 \| echo "	".escape($row['api_description'])."	\n"; 257 \| echo button::create(['type'=>'button','title'=>$text['button-edit'],'icon'=>$_SESSION['theme']['button_icon_edit'],'link'=>$list_row_url]); 258 \| echo "

\n"; 267 | echo "
\n"; 268 | echo "

".$paging_controls."

\n"; 269 | echo "\n"; 270 | echo "

\n"; 271 | 272 | //include the footer 273 | require_once "resources/footer.php"; 274 | 275 | ?> 276 | -------------------------------------------------------------------------------- /rest_api/rest_api_edit.php: -------------------------------------------------------------------------------- 1 | 22 | for that original work. 23 | 24 | Contributor(s): 25 | Adrian Fretwell 26 | */ 27 | 28 | //includes 29 | require_once "root.php"; 30 | require_once "resources/require.php"; 31 | require_once "resources/check_auth.php"; 32 | 33 | //check permissions 34 | if (!permission_exists('restapi_add') && !permission_exists('restapi_edit')) { 35 | echo "access denied"; 36 | exit; 37 | } 38 | 39 | //add multi-lingual support 40 | $language = new text; 41 | $text = $language->get(); 42 | 43 | //action add or update 44 | if (is_uuid($_REQUEST["id"])) { 45 | $action = "update"; 46 | $api_uuid = $_REQUEST["id"]; 47 | $id = $_REQUEST["id"]; 48 | } 49 | else { 50 | $action = "add"; 51 | } 52 | 53 | //get http post variables and set them to php variables 54 | if (is_array($_POST)) { 55 | $api_uuid = $_POST["api_uuid"]; 56 | $api_global = $_POST["api_global"]; 57 | $api_name = $_POST["api_name"]; 58 | $api_category = $_POST["api_category"]; 59 | $api_method = $_POST["api_method"]; 60 | $api_uri = $_POST["api_uri"]; 61 | $api_sql = $_POST["api_sql"]; 62 | $api_enabled = $_POST["api_enabled"]; 63 | $api_description = $_POST["api_description"]; 64 | } 65 | 66 | //process the user data and save it to the database 67 | if (count($_POST) > 0 && strlen($_POST["persistformvar"]) == 0) { 68 | 69 | //delete the restapi 70 | if (permission_exists('restapi_delete')) { 71 | if ($_POST['action'] == 'delete' && is_uuid($api_uuid)) { 72 | //prepare 73 | $array[0]['checked'] = 'true'; 74 | $array[0]['uuid'] = $api_uuid; 75 | //delete 76 | $obj = new rest_api; 77 | $obj->delete($array); 78 | //redirect 79 | header('Location: rest_api.php'); 80 | exit; 81 | } 82 | } 83 | 84 | //get the uuid from the POST 85 | if ($action == "update") { 86 | $api_uuid = $_POST["api_uuid"]; 87 | } 88 | 89 | //validate the token 90 | $token = new token; 91 | if (!$token->validate($_SERVER['PHP_SELF'])) { 92 | message::add($text['message-invalid_token'],'negative'); 93 | header('Location: rest_api.php'); 94 | exit; 95 | } 96 | 97 | //check for all required data 98 | $msg = ''; 99 | if (strlen($api_name) == 0) { $msg .= $text['message-required']." ".$text['label-api_name']."
\n"; } 100 | if (strlen($api_category) == 0) { $msg .= $text['message-required']." ".$text['label-api_category']."
\n"; } 101 | if (strlen($api_method) == 0) { $msg .= $text['message-required']." ".$text['label-api_method']."
\n"; } 102 | if (strlen($api_uri) == 0) { $msg .= $text['message-required']." ".$text['label-api_uri']."
\n"; } 103 | if (strlen($api_sql) == 0) { $msg .= $text['message-required']." ".$text['label-api_sql']."
\n"; } 104 | if (strlen($api_enabled) == 0) { $msg .= $text['message-required']." ".$text['label-api_enabled']."
\n"; } 105 | if (strlen($msg) > 0 && strlen($_POST["persistformvar"]) == 0) { 106 | require_once "resources/header.php"; 107 | require_once "resources/persist_form_var.php"; 108 | echo "

\n"; 109 | echo "

\n"; 110 | echo $msg."
"; 111 | echo "

\n"; 112 | persistformvar($_POST); 113 | echo "

\n"; 114 | require_once "resources/footer.php"; 115 | return; 116 | } 117 | 118 | //add the api_uuid 119 | if (strlen($api_uuid) == 0) { 120 | $api_uuid = uuid(); 121 | } 122 | 123 | //prepare the array 124 | $array['restapi'][0]['restapi_uuid'] = $api_uuid; 125 | if ($api_global == 'true') { 126 | $array['restapi'][0]['domain_uuid'] = NULL; 127 | } else { 128 | $array['restapi'][0]['domain_uuid'] = $_SESSION["domain_uuid"]; 129 | } 130 | $array['restapi'][0]['api_name'] = $api_name; 131 | $array['restapi'][0]['api_category'] = $api_category; 132 | $array['restapi'][0]['api_method'] = $api_method; 133 | $array['restapi'][0]['api_uri'] = $api_uri; 134 | $array['restapi'][0]['api_sql'] = $api_sql; 135 | $array['restapi'][0]['api_enabled'] = $api_enabled; 136 | $array['restapi'][0]['api_description'] = $api_description; 137 | 138 | //save to the data 139 | $database = new database; 140 | $database->app_name = 'RestAPI'; 141 | $database->app_uuid = '41669f92-ed54-4851-8b98-e244fa71f38c'; 142 | $database->save($array); 143 | $message = $database->message; 144 | 145 | //redirect the user 146 | if (isset($action)) { 147 | if ($action == "add") { 148 | $_SESSION["message"] = $text['message-add']; 149 | } 150 | if ($action == "update") { 151 | $_SESSION["message"] = $text['message-update']; 152 | } 153 | header('Location: rest_api.php'); 154 | return; 155 | } 156 | } 157 | 158 | //pre-populate the form 159 | if (is_array($_GET) && $_POST["persistformvar"] != "true") { 160 | $api_uuid = $_GET["id"]; 161 | $sql = "select * from v_restapi "; 162 | $sql .= "where restapi_uuid = :api_uuid "; 163 | $parameters['api_uuid'] = $api_uuid; 164 | $database = new database; 165 | $row = $database->select($sql, $parameters, 'row'); 166 | if (is_array($row) && sizeof($row) != 0) { 167 | $api_domain_uuid = $row["domain_uuid"]; 168 | $api_name = $row["api_name"]; 169 | $api_category = $row["api_category"]; 170 | $api_method = $row["api_method"]; 171 | $api_uri = $row["api_uri"]; 172 | $api_sql = $row["api_sql"]; 173 | $api_enabled = $row["api_enabled"]; 174 | $api_description = $row["api_description"]; 175 | } else { 176 | $api_method = "GET"; 177 | $api_domain_uuid = ""; 178 | } 179 | unset($sql, $parameters, $row); 180 | } 181 | 182 | //create token 183 | $object = new token; 184 | $token = $object->create($_SERVER['PHP_SELF']); 185 | 186 | //show the header 187 | $document['title'] = $text['title-restapi']; 188 | require_once "resources/header.php"; 189 | 190 | //show the content 191 | echo "

\n"; 192 | 193 | echo "

\n"; 194 | echo "

".$text['title-restapi']."

\n"; 195 | echo "

\n"; 196 | echo button::create(['type'=>'button','label'=>$text['button-back'],'icon'=>$_SESSION['theme']['button_icon_back'],'style'=>'margin-right: 15px;','link'=>'rest_api.php']); 197 | if ($action == 'update' && permission_exists('restapi_delete')) { 198 | echo button::create(['type'=>'submit','label'=>$text['button-delete'],'icon'=>$_SESSION['theme']['button_icon_delete'],'name'=>'action','value'=>'delete','onclick'=>"if (confirm('".$text['confirm-delete']."')) { document.getElementById('frm').submit(); } else { this.blur(); return false; }",'style'=>'margin-right: 15px;']); 199 | } 200 | echo button::create(['type'=>'submit','label'=>$text['button-save'],'icon'=>$_SESSION['theme']['button_icon_save'],'name'=>'action','value'=>'save']); 201 | echo "

\n"; 202 | echo "

\n"; 203 | echo "

\n"; 209 \| echo " ".$text['label-restapi_name']."\n"; 210 \| echo "	\n"; 212 \| echo " \n"; 213 \| echo " \n"; 214 \| echo $text['description-restapi_name']."\n"; 215 \| echo "
\n"; 220 \| echo " ".$text['label-restapi_global']."\n"; 221 \| echo "	\n"; 223 \| echo " \n"; 237 \| echo " \n"; 238 \| echo $text['description-restapi_global']."\n"; 239 \| echo "
\n"; 245 \| echo " ".$text['label-restapi_category']."\n"; 246 \| echo "	\n"; 248 \| echo " \n"; 249 \| echo " \n"; 250 \| echo $text['description-restapi_category']."\n"; 251 \| echo "
\n"; 257 \| echo " ".$text['label-restapi_method']."\n"; 258 \| echo "	\n"; 260 \| echo " \n"; 267 \| echo " \n"; 268 \| echo $text['description-restapi_method']."\n"; 269 \| echo "
\n"; 276 \| echo " ".$text['label-restapi_uri']."\n"; 277 \| echo "	\n"; 279 \| echo " \n"; 280 \| echo " \n"; 281 \| echo $text['description-restapi_uri']."\n"; 282 \| echo "
\n"; 287 \| echo " ".$text['label-restapi_sql']."\n"; 288 \| echo "	\n"; 290 \| echo " ".$api_sql."\n"; 291 \| echo " \n"; 292 \| echo " ".$text['description-restapi_sql']."\n"; 293 \| echo "
\n"; 298 \| echo " ".$text['label-restapi_enabled']."\n"; 299 \| echo "	\n"; 301 \| echo " \n"; 315 \| echo " \n"; 316 \| echo $text['description-restapi_enabled']."\n"; 317 \| echo "
\n"; 322 \| echo " ".$text['label-restapi_description']."\n"; 323 \| echo "	\n"; 325 \| echo " \n"; 326 \| echo " \n"; 327 \| echo $text['description-restapi_description']."\n"; 328 \| echo "

"; 337 | 338 | //include the footer 339 | require_once "resources/footer.php"; 340 | 341 | ?> -------------------------------------------------------------------------------- /rest_api/root.php: -------------------------------------------------------------------------------- 1 | 22 | for that original work. 23 | 24 | Contributor(s): 25 | Adrian Fretwell 26 | */ 27 | 28 | // make sure the PATH_SEPARATOR is defined 29 | umask(2); 30 | if (!defined("PATH_SEPARATOR")) { 31 | if (strpos($_ENV["OS"], "Win") !== false) { 32 | define("PATH_SEPARATOR", ";"); 33 | } else { 34 | define("PATH_SEPARATOR", ":"); 35 | } 36 | } 37 | 38 | if (!isset($output_format)) $output_format = (PHP_SAPI == 'cli') ? 'text' : 'html'; 39 | 40 | // make sure the document_root is set 41 | $_SERVER["SCRIPT_FILENAME"] = str_replace("\\", '/', $_SERVER["SCRIPT_FILENAME"]); 42 | if(PHP_SAPI == 'cli'){ 43 | chdir(pathinfo(realpath($_SERVER["PHP_SELF"]), PATHINFO_DIRNAME)); 44 | $script_full_path = str_replace("\\", '/', getcwd() . '/' . $_SERVER["SCRIPT_FILENAME"]); 45 | $dirs = explode('/', pathinfo($script_full_path, PATHINFO_DIRNAME)); 46 | if (file_exists('/project_root.php')) { 47 | $path = '/'; 48 | } else { 49 | $i = 1; 50 | $path = ''; 51 | while ($i < count($dirs)) { 52 | $path .= '/' . $dirs[$i]; 53 | if (file_exists($path. '/project_root.php')) { 54 | break; 55 | } 56 | $i++; 57 | } 58 | } 59 | $_SERVER["DOCUMENT_ROOT"] = $path; 60 | }else{ 61 | $_SERVER["DOCUMENT_ROOT"] = str_replace($_SERVER["PHP_SELF"], "", $_SERVER["SCRIPT_FILENAME"]); 62 | } 63 | $_SERVER["DOCUMENT_ROOT"] = realpath($_SERVER["DOCUMENT_ROOT"]); 64 | // try to detect if a project path is being used 65 | if (!defined('PROJECT_PATH')) { 66 | if (is_dir($_SERVER["DOCUMENT_ROOT"]. '/fusionpbx')) { 67 | define('PROJECT_PATH', '/fusionpbx'); 68 | } elseif (file_exists($_SERVER["DOCUMENT_ROOT"]. '/project_root.php')) { 69 | define('PROJECT_PATH', ''); 70 | } else { 71 | $dirs = explode('/', str_replace('\\', '/', pathinfo($_SERVER["PHP_SELF"], PATHINFO_DIRNAME))); 72 | $i = 1; 73 | $path = $_SERVER["DOCUMENT_ROOT"]; 74 | while ($i < count($dirs)) { 75 | $path .= '/' . $dirs[$i]; 76 | if (file_exists($path. '/project_root.php')) { 77 | break; 78 | } 79 | $i++; 80 | } 81 | if(!file_exists($path. '/project_root.php')){ 82 | die("Failed to locate the Project Root by searching for project_root.php please contact support for assistance"); 83 | } 84 | $project_path = str_replace($_SERVER["DOCUMENT_ROOT"], "", $path); 85 | define('PROJECT_PATH', $project_path); 86 | } 87 | $_SERVER["PROJECT_ROOT"] = realpath($_SERVER["DOCUMENT_ROOT"] . PROJECT_PATH); 88 | set_include_path(get_include_path() . PATH_SEPARATOR . $_SERVER["PROJECT_ROOT"]); 89 | } 90 | 91 | ?> --------------------------------------------------------------------------------

\n"; 186 \| echo " \n"; 187 \| echo "	".$text['label-restapi_description']."
\n"; 212 \| echo " \n"; 213 \| echo " \n"; 214 \| echo "	".escape($_SESSION['domains'][$row['domain_uuid']]['domain_name'])."	\n"; 220 \| if (permission_exists('restapi_edit')) { 221 \| echo " ".escape($row['api_name'])."\n"; 222 \| } 223 \| else { 224 \| echo " ".escape($row['api_name']); 225 \| } 226 \| echo "	\n"; 228 \| if (permission_exists('restapi_edit')) { 229 \| echo " ".escape($row['api_category'])."\n"; 230 \| } 231 \| else { 232 \| echo " ".escape($row['api_category']); 233 \| } 234 \| echo "	\n"; 236 \| if (permission_exists('restapi_edit')) { 237 \| echo " ".escape($row['api_method'])."\n"; 238 \| } 239 \| else { 240 \| echo " ".escape($row['api_method']); 241 \| } 242 \| echo "	".escape($row['api_uri'])."	\n"; 247 \| echo button::create(['type'=>'submit','class'=>'link','label'=>$text['label-'.$row['api_enabled']],'title'=>$text['button-toggle'],'onclick'=>"list_self_check('checkbox_".$x."'); list_action_set('toggle'); list_form_submit('form_list')"]); 248 \| } 249 \| else { 250 \| echo "	\n"; 251 \| echo $text['label-'.$row['api_enabled']]; 252 \| } 253 \| echo "	".escape($row['api_description'])."	\n"; 257 \| echo button::create(['type'=>'button','title'=>$text['button-edit'],'icon'=>$_SESSION['theme']['button_icon_edit'],'link'=>$list_row_url]); 258 \| echo "

\n"; 209 \| echo " ".$text['label-restapi_name']."\n"; 210 \| echo "	\n"; 212 \| echo " \n"; 213 \| echo " \n"; 214 \| echo $text['description-restapi_name']."\n"; 215 \| echo "
\n"; 220 \| echo " ".$text['label-restapi_global']."\n"; 221 \| echo "	\n"; 223 \| echo " \n"; 237 \| echo " \n"; 238 \| echo $text['description-restapi_global']."\n"; 239 \| echo "
\n"; 245 \| echo " ".$text['label-restapi_category']."\n"; 246 \| echo "	\n"; 248 \| echo " \n"; 249 \| echo " \n"; 250 \| echo $text['description-restapi_category']."\n"; 251 \| echo "
\n"; 257 \| echo " ".$text['label-restapi_method']."\n"; 258 \| echo "	\n"; 260 \| echo " \n"; 267 \| echo " \n"; 268 \| echo $text['description-restapi_method']."\n"; 269 \| echo "
\n"; 276 \| echo " ".$text['label-restapi_uri']."\n"; 277 \| echo "	\n"; 279 \| echo " \n"; 280 \| echo " \n"; 281 \| echo $text['description-restapi_uri']."\n"; 282 \| echo "
\n"; 287 \| echo " ".$text['label-restapi_sql']."\n"; 288 \| echo "	\n"; 290 \| echo " ".$api_sql."\n"; 291 \| echo " \n"; 292 \| echo " ".$text['description-restapi_sql']."\n"; 293 \| echo "
\n"; 298 \| echo " ".$text['label-restapi_enabled']."\n"; 299 \| echo "	\n"; 301 \| echo " \n"; 315 \| echo " \n"; 316 \| echo $text['description-restapi_enabled']."\n"; 317 \| echo "
\n"; 322 \| echo " ".$text['label-restapi_description']."\n"; 323 \| echo "	\n"; 325 \| echo " \n"; 326 \| echo " \n"; 327 \| echo $text['description-restapi_description']."\n"; 328 \| echo "