ITbyHF
/
webapi
forked from tilera/webapi
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Using switches and added upload

This commit is contained in:
Timo Ley 2020-08-25 19:23:28 +02:00
parent 4bb747c11c
commit 639dd58d7a
1 changed files with 203 additions and 108 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

311
jensmemes.php
View File

@ -5,123 +5,149 @@ global $jmurl;
$obj = new stdClass();
$obj->status = 404;
$req = $_SERVER["PATH_INFO"];
$endpoint = explode("/", $req);
if ($req == "" or $req == "/") {
$obj->status = 200;
$obj->endpoints = endpoints();
}
elseif ($req == "/all") {
$obj->status = 200;
//Memes
$q_memes = "SELECT * FROM images";
$obj->memes = memesArray($q_memes);
//Categories
$q_cats = "SELECT * FROM cats";
$obj->categories = categoryArray($q_cats);
//Users
$users = array();
$q_users = "SELECT * FROM token";
$res_users = mysqli_query($jmcon, $q_users);
checksql($res_users);
while ($row = mysqli_fetch_array( $res_users, MYSQLI_ASSOC)) {
array_push($users, $row["name"]);
}
mysqli_free_result($res_users);
$obj->users = $users;
} elseif ($req == "/base" or $req == "/baseurl") {
$obj->status = 200;
$obj->baseurl = $jmurl;
} elseif ($req == "/memes") {
$obj->status = 200;
$query = "SELECT * FROM images";
if (isset($_GET["category"])) {
$query = addCondition('cat="' . $_GET["category"] . '"', $query);
}
if (isset($_GET["user"])) {
$query = addCondition('user LIKE "%' . $_GET["user"] . '%"', $query);
}
if (isset($_GET["search"])) {
$query = addCondition('path LIKE "%' . $_GET["search"] . '%"', $query);
}
$obj->memes = memesArray($query);
} elseif ($req == "/meme") {
if (isset($_GET["id"])) {
$q = 'SELECT * FROM images WHERE id=' . $_GET["id"];
$res = mysqli_query($jmcon, $q);
checksql($res);
$row = mysqli_fetch_array($res, MYSQLI_ASSOC);
if ($row) {
$method = $_SERVER['REQUEST_METHOD'];
if ($method == "GET") {
switch ($req) {
case "":
case "/":
$obj->status = 200;
$path = $row["path"];
$path = str_replace(" ", "%20", $path);
$obj->link = $jmurl . $path;
$obj->user = $row["user"];
$obj->category = $row["cat"];
}
}
} elseif ($req == "/random") {
$query = "SELECT * FROM images";
if (isset($_GET["category"])) {
$query = addCondition('cat="' . $_GET["category"] . '"', $query);
}
if (isset($_GET["user"])) {
$query = addCondition('user LIKE "%' . $_GET["user"] . '%"', $query);
}
$memes = memesArray($query);
$random = rand(0, count($memes) - 1);
$meme = $memes[$random];
if (isset($meme->path)) {
$obj->status = 200;
$obj->link = $jmurl . $meme->path;
$obj->category = $meme->category;
$obj->user = $meme->user;
}
} elseif ($req == "/categories") {
$obj->status = 200;
$obj->categories = categoryArray("SELECT * FROM cats");
} elseif ($req == "/category") {
if (isset($_GET["id"])) {
$q = 'SELECT * FROM cats WHERE id="' . $_GET["id"] . '"';
$res = mysqli_query($jmcon, $q);
checksql($res);
$row = mysqli_fetch_array($res, MYSQLI_ASSOC);
if ($row) {
$obj->endpoints = endpoints();
break;
case "/all":
$obj->status = 200;
$obj->id = $row["id"];
$obj->name = $row["name"];
}
//Memes
$q_memes = "SELECT * FROM images";
$obj->memes = memesArray($q_memes);
//Categories
$q_cats = "SELECT * FROM cats";
$obj->categories = categoryArray($q_cats);
//Users
$users = array();
$q_users = "SELECT * FROM token";
$res_users = mysqli_query($jmcon, $q_users);
checksql($res_users);
while ($row = mysqli_fetch_array($res_users, MYSQLI_ASSOC)) {
array_push($users, $row["name"]);
}
mysqli_free_result($res_users);
$obj->users = $users;
break;
case "/baseurl":
case "/base":
$obj->status = 200;
$obj->baseurl = $jmurl;
break;
case "/memes":
$obj->status = 200;
$query = "SELECT * FROM images";
if (isset($_GET["category"])) {
$query = addCondition('cat="' . $_GET["category"] . '"', $query);
}
if (isset($_GET["user"])) {
$query = addCondition('user LIKE "%' . $_GET["user"] . '%"', $query);
}
if (isset($_GET["search"])) {
$query = addCondition('path LIKE "%' . $_GET["search"] . '%"', $query);
}
$obj->memes = memesArray($query);
break;
case "/meme":
if (isset($_GET["id"])) {
$q = 'SELECT * FROM images WHERE id=' . $_GET["id"];
$res = mysqli_query($jmcon, $q);
checksql($res);
$row = mysqli_fetch_array($res, MYSQLI_ASSOC);
if ($row) {
$obj->status = 200;
$path = $row["path"];
$path = str_replace(" ", "%20", $path);
$obj->link = $jmurl . $path;
$obj->user = $row["user"];
$obj->category = $row["cat"];
}
}
break;
case "/random":
$query = "SELECT * FROM images";
if (isset($_GET["category"])) {
$query = addCondition('cat="' . $_GET["category"] . '"', $query);
}
if (isset($_GET["user"])) {
$query = addCondition('user LIKE "%' . $_GET["user"] . '%"', $query);
}
$memes = memesArray($query);
$random = rand(0, count($memes) - 1);
$meme = $memes[$random];
if (isset($meme->path)) {
$obj->status = 200;
$obj->link = $jmurl . $meme->path;
$obj->category = $meme->category;
$obj->user = $meme->user;
}
break;
case "/categories":
$obj->status = 200;
$obj->categories = categoryArray("SELECT * FROM cats");
break;
case "/category":
if (isset($_GET["id"])) {
$q = 'SELECT * FROM cats WHERE id="' . $_GET["id"] . '"';
$res = mysqli_query($jmcon, $q);
checksql($res);
$row = mysqli_fetch_array($res, MYSQLI_ASSOC);
if ($row) {
$obj->status = 200;
$obj->id = $row["id"];
$obj->name = $row["name"];
}
}
break;
case "/users":
$users = array();
$q_users = "SELECT * FROM token";
$res_users = mysqli_query($jmcon, $q_users);
checksql($res_users);
while ($row = mysqli_fetch_array($res_users, MYSQLI_ASSOC)) {
$user = new stdClass();
$user->name = $row["name"];
$user->tokenhash = md5($row["token"]);
$user->dayuploads = $row["uploadsLast24H"];
array_push($users, $user);
}
mysqli_free_result($res_users);
$obj->users = $users;
$obj->status = 200;
break;
case "/token/random":
if (isset($_GET["user"])) {
$obj->status = 200;
$obj->token = genToken($_GET["user"]);
} else {
$obj->error = "Need to set a user with ?user";
}
break;
default:
$obj->endpoints = endpoints();
break;
}
} elseif ($req == "/users") {
$users = array();
$q_users = "SELECT * FROM token";
$res_users = mysqli_query($jmcon, $q_users);
checksql($res_users);
while ($row = mysqli_fetch_array( $res_users, MYSQLI_ASSOC)) {
$user = new stdClass();
$user->name = $row["name"];
$user->tokenhash = md5($row["token"]);
$user->dayuploads = $row["uploadsLast24H"];
array_push($users, $user);
} else if ($method == "POST") {
switch ($req) {
case "/upload":
upload();
break;
}
mysqli_free_result($res_users);
$obj->users = $users;
$obj->status = 200;
} elseif ($req == "/token/random") {
if (isset($_GET["user"])) {
$obj->status = 200;
$obj->token = genToken($_GET["user"]);
} else {
$obj->error = "Need to set a user with ?user";
}
}
else {
$obj->endpoints = endpoints();
}
header('Content-Type: application/json');
echo stripslashes(json_encode($obj, JSON_UNESCAPED_UNICODE));
function endpoints() {
return array("/all", "/baseurl", "/memes", "/meme", "/random", "/categories", "/category");
return array("/all", "/baseurl", "/memes", "/meme", "/random", "/categories", "/category", "/users");
}
function postendpoints() {
return array("/admin", "/upload");
}
function checksql($res) {
@ -184,3 +210,72 @@ function genToken($discord) {
$prehash = $random . md5(time()) . $discord;
return md5($prehash);
}
function upload() {
global $jmcon;
global $obj;
global $jmimagepath;
$token = $_POST["token"];
$cat = $_POST["category"];
$obj->token = $token;
if (isset($token)) {
if (isset($cat)) {
$query = "SELECT * FROM token WHERE token='$token'";
$res = mysqli_query($jmcon, $query);
checksql($res);
$row = mysqli_fetch_array($res, MYSQLI_ASSOC);
if ($row) {
$uploads = $row["uploadsLast24H"];
$homedir = $row["userdir"];
$user = $row["name"];
$countfiles = count($_FILES['file']['name']);
if ($countfiles == 0) {
$obj->status = 400;
$obj->error = "no files to upload send";
}
else if ($uploads + $countfiles <= 20) {
$uploads += $countfiles;
$sqlMaxUpl = "UPDATE token SET uploadsLast24H='$uploads' WHERE token='$token'";
mysqli_query($jmcon, $sqlMaxUpl);
if ($countfiles == 1) {
$filename = $_FILES['file']['name'];
if (isset($filename)) {
$obj->file = $filename;
move_uploaded_file($_FILES['file']['tmp_name'], $jmimagepath . $homedir . "/" . $filename);
$path = "images/" . $homedir . "/" . $filename;
$clientIP = $_SERVER['REMOTE_ADDR'];;
$sqlType = "INSERT INTO images (user, path, cat, ip) VALUES ('$user', '$path', '$cat', '$clientIP')";
$res = mysqli_query($jmcon, $sqlType);
checksql($res);
}
} else {
for ($i = 0; $i < $countfiles; $i++) {
$filename = $_FILES['file']['name'][$i];
if (isset($filename)) {
$obj->file = $filename;
move_uploaded_file($_FILES['file']['tmp_name'][$i], $jmimagepath . $homedir . "/" . $filename);
$path = "images/" . $homedir . "/" . $filename;
$clientIP = $_SERVER['REMOTE_ADDR'];;
$sqlType = "INSERT INTO images (user, path, cat, ip) VALUES ('$user', '$path', '$cat', '$clientIP')";
$res = mysqli_query($jmcon, $sqlType);
checksql($res);
}
}
}
$obj->status = 201;
} else {
$obj->status = 403;
$obj->error = "upload limit reached";
}
} else {
$obj->status = 403;
$obj->error = "token not existing";
}
} else {
$obj->status = 400;
$obj->error = "missing category";
}
} else {
$obj->status = 401;
}
}