robin.thoni
/
3ie-api.vdm
Watch 1
Star 0
Fork 0
Code Issues 0 Pull Requests 0 Releases 0 Wiki Activity
Browse Source

status create

master
Robin Thoni 9 years ago
parent
765ac304b6
commit
e64f729bac
3 changed files with 31 additions and 6 deletions
Split View Show Diff Stats
  1. 1
    1
      index.php
  2. 25
    2
      status.php
  3. 5
    3
      utils.php

+ 1
- 1
index.php View File 

@@ -6,7 +6,7 @@ require_once "sql.php";
6 6
7 7 
 function check_api_key()
8 8 
 {
9 
-  if (!check_table_field("Api-Key", "api_keys", "key"))
9 
+  if (check_table_field("Api-Key", "api_keys", "key") === false)
10 10 
     error(401, "Bad API key");
11 11 
 }
12 12

+ 25
- 2
status.php View File 

@@ -3,8 +3,10 @@ require_once "utils.php";
3 3
4 4 
 function check_token()
5 5 
 {
6 
-  if (!check_table_field("Authorization", "tokens", "token"))
6 
+  $token = check_table_field("Authorization", "tokens", "token");
7 
+  if ($token === false)
7 8 
     error(401, "Invalid token");
9 
+  return $token;
8 10 
 }
9 11
10 12 
 function status_confirm($id)
 
@@ -14,8 +16,29 @@ function status_confirm($id)
14 16
15 17 
 function status_create()
16 18 
 {
17 
-  check_token();
19 
+  $token = check_token();
18 20 
   $status = get_post("status");
21 
+  if (strlen($status) < 10)
22 
+    error(422, "Status too short");
23 
+  $latitude = get_post("latitude", false);
24 
+  $longitude = get_post("longitude", false);
25 
+  $u = database_exec("SELECT `id`, `username` FROM users WHERE `id` = ".
26 
+    "(SELECT `user` FROM tokens WHERE `token` = :token)",
27 
+    array(":token" => $token))->fetch();
28 
+  database_exec("INSERT INTO status (`status`, `user`) VALUES(:status, :user)",
29 
+    array(":status" => $status, ":user" => $u["id"]));
30 
+  $s = database_exec("SELECT * FROM status WHERE id = :id",
31 
+    array(":id" => database_get()->lastInsertId()))->fetch();
32 
+  echo json_encode(array("status" => $s["status"],
33 
+    "creation_date" => $s['date'],
34 
+    /*"nb_confirm_up" => intval($s["up"]),
35 
+    "nb_confirm_down" => intval($s["down"]),*/
36 
+    "latitude" => $s["latitude"] === null ? null : floatval($s["latitude"]),
37 
+    "longitude" => $s["longitude"] === null ? null : floatval($s["longitude"]),
38 
+    "media_url" => $s["media"],
39 
+    "id" => $s["id"],
40 
+    "user_id" => $u["id"]
41 
+  ));
19 42 
 }
20 43
21 44 
 function status_feed()

+ 5
- 3
utils.php View File 

@@ -33,9 +33,11 @@ function check_table_field($header, $table, $field)
33 33 
   $headers = apache_request_headers();
34 34 
   if (!isset($headers[$header]))
35 35 
     return false;
36 
-  return database_exec("SELECT id FROM $table WHERE `$field` = :data",
37 
-    array(":data" => $headers[$header]))-> fetch()
38 
-    !== false;
36 
+  $u = database_exec("SELECT id FROM $table WHERE `$field` = :data",
37 
+    array(":data" => $headers[$header]))->fetch();
38 
+  if (!$u)
39 
+    return false;
40 
+  return $headers[$header];
39 41 
 }
40 42
41 43 
 ?>

Write Preview
Loading…
Cancel
Save