api key check

index.php

 function check_api_key_()
 {
   $headers = apache_request_headers();
-  if (!isset($header["Authorization"]))
+  if (!isset($headers["Api-Key"]))
     return false;
-  return true;
+  $q = database_exec("SELECT id FROM api_keys WHERE `key` = :key",
+                     array(":key" => $headers["Api-Key"]));
+  if ($q->fetch() !== false)
+    return true;
+  return false;
 }
 
 function check_api_key()
 {
   if (!check_api_key_())
-    error(500, "Database Fail");
+    error(401, "Bad API Key");
 }
 
 function main()

sql.php

 <?php
-require_once "misc/config.php";
 require_once "utils.php";
+require_once "misc/config.php";
 
-function get_database()
+function database_get()
 {
   static $init = 0;
   static $database = NULL;
   if ($init == 0)
   {
     $init = 1;
+    global $database_host;
+    global $database_port;
+    global $database_name;
+    global $database_user;
+    global $database_pass;
     try
     {
-      $database = new PDO("mysql:host:$database_host;$database_port;".
+      $database = new PDO("mysql:host=$database_host;port=$database_port;".
                           "dbname=$database_name", $database_user,
                           $database_pass);
     }
     catch (Exception $e)
     {
-      var_dump($e);
-      error(500, "Database Fail");
+      error(500, "Database Fail Connect");
     }
   }
   return $database;
 }
 
+function database_exec($query, $args)
+{
+  $q = database_get()->prepare($query);
+  if (!$q->execute($args))
+    error(500, "Database Fail Query");
+  return $q;
+}
+
+function database_query($query)
+{
+  $q = database_get()->query($query);
+  if (!$q)
+    error(500, "Database Fail Query");
+  return $q;
+}
 ?>