api.php (13818B)
1 <?php 2 class ControllerUserApi extends Controller { 3 private $error = array(); 4 5 public function index() { 6 $this->load->language('user/api'); 7 8 $this->document->setTitle($this->language->get('heading_title')); 9 10 $this->load->model('user/api'); 11 12 $this->getList(); 13 } 14 15 public function add() { 16 $this->load->language('user/api'); 17 18 $this->document->setTitle($this->language->get('heading_title')); 19 20 $this->load->model('user/api'); 21 22 if (($this->request->server['REQUEST_METHOD'] == 'POST') && $this->validateForm()) { 23 $this->model_user_api->addApi($this->request->post); 24 25 $this->session->data['success'] = $this->language->get('text_success'); 26 27 $url = ''; 28 29 if (isset($this->request->get['sort'])) { 30 $url .= '&sort=' . $this->request->get['sort']; 31 } 32 33 if (isset($this->request->get['order'])) { 34 $url .= '&order=' . $this->request->get['order']; 35 } 36 37 if (isset($this->request->get['page'])) { 38 $url .= '&page=' . $this->request->get['page']; 39 } 40 41 $this->response->redirect($this->url->link('user/api', 'user_token=' . $this->session->data['user_token'] . $url, true)); 42 } 43 44 $this->getForm(); 45 } 46 47 public function edit() { 48 $this->load->language('user/api'); 49 50 $this->document->setTitle($this->language->get('heading_title')); 51 52 $this->load->model('user/api'); 53 54 if (($this->request->server['REQUEST_METHOD'] == 'POST') && $this->validateForm()) { 55 $this->model_user_api->editApi($this->request->get['api_id'], $this->request->post); 56 57 $this->session->data['success'] = $this->language->get('text_success'); 58 59 $url = ''; 60 61 if (isset($this->request->get['sort'])) { 62 $url .= '&sort=' . $this->request->get['sort']; 63 } 64 65 if (isset($this->request->get['order'])) { 66 $url .= '&order=' . $this->request->get['order']; 67 } 68 69 if (isset($this->request->get['page'])) { 70 $url .= '&page=' . $this->request->get['page']; 71 } 72 73 $this->response->redirect($this->url->link('user/api', 'user_token=' . $this->session->data['user_token'] . $url, true)); 74 } 75 76 $this->getForm(); 77 } 78 79 public function delete() { 80 $this->load->language('user/api'); 81 82 $this->document->setTitle($this->language->get('heading_title')); 83 84 $this->load->model('user/api'); 85 86 if (isset($this->request->post['selected']) && $this->validateDelete()) { 87 foreach ($this->request->post['selected'] as $api_id) { 88 $this->model_user_api->deleteApi($api_id); 89 } 90 91 $this->session->data['success'] = $this->language->get('text_success'); 92 93 $url = ''; 94 95 if (isset($this->request->get['sort'])) { 96 $url .= '&sort=' . $this->request->get['sort']; 97 } 98 99 if (isset($this->request->get['order'])) { 100 $url .= '&order=' . $this->request->get['order']; 101 } 102 103 if (isset($this->request->get['page'])) { 104 $url .= '&page=' . $this->request->get['page']; 105 } 106 107 $this->response->redirect($this->url->link('user/api', 'user_token=' . $this->session->data['user_token'] . $url, true)); 108 } 109 110 $this->getList(); 111 } 112 113 protected function getList() { 114 if (isset($this->request->get['sort'])) { 115 $sort = $this->request->get['sort']; 116 } else { 117 $sort = 'username'; 118 } 119 120 if (isset($this->request->get['order'])) { 121 $order = $this->request->get['order']; 122 } else { 123 $order = 'ASC'; 124 } 125 126 if (isset($this->request->get['page'])) { 127 $page = $this->request->get['page']; 128 } else { 129 $page = 1; 130 } 131 132 $url = ''; 133 134 if (isset($this->request->get['sort'])) { 135 $url .= '&sort=' . $this->request->get['sort']; 136 } 137 138 if (isset($this->request->get['order'])) { 139 $url .= '&order=' . $this->request->get['order']; 140 } 141 142 if (isset($this->request->get['page'])) { 143 $url .= '&page=' . $this->request->get['page']; 144 } 145 146 $data['breadcrumbs'] = array(); 147 148 $data['breadcrumbs'][] = array( 149 'text' => $this->language->get('text_home'), 150 'href' => $this->url->link('common/dashboard', 'user_token=' . $this->session->data['user_token'], true) 151 ); 152 153 $data['breadcrumbs'][] = array( 154 'text' => $this->language->get('heading_title'), 155 'href' => $this->url->link('user/api', 'user_token=' . $this->session->data['user_token'] . $url, true) 156 ); 157 158 $data['add'] = $this->url->link('user/api/add', 'user_token=' . $this->session->data['user_token'] . $url, true); 159 $data['delete'] = $this->url->link('user/api/delete', 'user_token=' . $this->session->data['user_token'] . $url, true); 160 161 $data['apis'] = array(); 162 163 $filter_data = array( 164 'sort' => $sort, 165 'order' => $order, 166 'start' => ($page - 1) * $this->config->get('config_limit_admin'), 167 'limit' => $this->config->get('config_limit_admin') 168 ); 169 170 $user_total = $this->model_user_api->getTotalApis(); 171 172 $results = $this->model_user_api->getApis($filter_data); 173 174 foreach ($results as $result) { 175 $data['apis'][] = array( 176 'api_id' => $result['api_id'], 177 'username' => $result['username'], 178 'status' => ($result['status'] ? $this->language->get('text_enabled') : $this->language->get('text_disabled')), 179 'date_added' => date($this->language->get('date_format_short'), strtotime($result['date_added'])), 180 'date_modified' => date($this->language->get('date_format_short'), strtotime($result['date_modified'])), 181 'edit' => $this->url->link('user/api/edit', 'user_token=' . $this->session->data['user_token'] . '&api_id=' . $result['api_id'] . $url, true) 182 ); 183 } 184 185 if (isset($this->error['warning'])) { 186 $data['error_warning'] = $this->error['warning']; 187 } else { 188 $data['error_warning'] = ''; 189 } 190 191 if (isset($this->session->data['success'])) { 192 $data['success'] = $this->session->data['success']; 193 194 unset($this->session->data['success']); 195 } else { 196 $data['success'] = ''; 197 } 198 199 if (isset($this->request->post['selected'])) { 200 $data['selected'] = (array)$this->request->post['selected']; 201 } else { 202 $data['selected'] = array(); 203 } 204 205 $url = ''; 206 207 if ($order == 'ASC') { 208 $url .= '&order=DESC'; 209 } else { 210 $url .= '&order=ASC'; 211 } 212 213 if (isset($this->request->get['page'])) { 214 $url .= '&page=' . $this->request->get['page']; 215 } 216 217 $data['sort_username'] = $this->url->link('user/api', 'user_token=' . $this->session->data['user_token'] . '&sort=username' . $url, true); 218 $data['sort_status'] = $this->url->link('user/api', 'user_token=' . $this->session->data['user_token'] . '&sort=status' . $url, true); 219 $data['sort_date_added'] = $this->url->link('user/api', 'user_token=' . $this->session->data['user_token'] . '&sort=date_added' . $url, true); 220 $data['sort_date_modified'] = $this->url->link('user/api', 'user_token=' . $this->session->data['user_token'] . '&sort=date_modified' . $url, true); 221 222 $url = ''; 223 224 if (isset($this->request->get['sort'])) { 225 $url .= '&sort=' . $this->request->get['sort']; 226 } 227 228 if (isset($this->request->get['order'])) { 229 $url .= '&order=' . $this->request->get['order']; 230 } 231 232 $pagination = new Pagination(); 233 $pagination->total = $user_total; 234 $pagination->page = $page; 235 $pagination->limit = $this->config->get('config_limit_admin'); 236 $pagination->url = $this->url->link('user/api', 'user_token=' . $this->session->data['user_token'] . $url . '&page={page}', true); 237 238 $data['pagination'] = $pagination->render(); 239 240 $data['results'] = sprintf($this->language->get('text_pagination'), ($user_total) ? (($page - 1) * $this->config->get('config_limit_admin')) + 1 : 0, ((($page - 1) * $this->config->get('config_limit_admin')) > ($user_total - $this->config->get('config_limit_admin'))) ? $user_total : ((($page - 1) * $this->config->get('config_limit_admin')) + $this->config->get('config_limit_admin')), $user_total, ceil($user_total / $this->config->get('config_limit_admin'))); 241 242 $data['sort'] = $sort; 243 $data['order'] = $order; 244 245 $data['header'] = $this->load->controller('common/header'); 246 $data['column_left'] = $this->load->controller('common/column_left'); 247 $data['footer'] = $this->load->controller('common/footer'); 248 249 $this->response->setOutput($this->load->view('user/api_list', $data)); 250 } 251 252 protected function getForm() { 253 $data['text_form'] = !isset($this->request->get['api_id']) ? $this->language->get('text_add') : $this->language->get('text_edit'); 254 $data['text_ip'] = sprintf($this->language->get('text_ip'), $this->request->server['REMOTE_ADDR']); 255 256 $data['user_token'] = $this->session->data['user_token']; 257 258 if (isset($this->error['warning'])) { 259 $data['error_warning'] = $this->error['warning']; 260 } else { 261 $data['error_warning'] = ''; 262 } 263 264 if (isset($this->error['username'])) { 265 $data['error_username'] = $this->error['username']; 266 } else { 267 $data['error_username'] = ''; 268 } 269 270 if (isset($this->error['key'])) { 271 $data['error_key'] = $this->error['key']; 272 } else { 273 $data['error_key'] = ''; 274 } 275 276 $url = ''; 277 278 if (isset($this->request->get['sort'])) { 279 $url .= '&sort=' . $this->request->get['sort']; 280 } 281 282 if (isset($this->request->get['order'])) { 283 $url .= '&order=' . $this->request->get['order']; 284 } 285 286 if (isset($this->request->get['page'])) { 287 $url .= '&page=' . $this->request->get['page']; 288 } 289 290 $data['breadcrumbs'] = array(); 291 292 $data['breadcrumbs'][] = array( 293 'text' => $this->language->get('text_home'), 294 'href' => $this->url->link('common/dashboard', 'user_token=' . $this->session->data['user_token'], true) 295 ); 296 297 $data['breadcrumbs'][] = array( 298 'text' => $this->language->get('heading_title'), 299 'href' => $this->url->link('user/api', 'user_token=' . $this->session->data['user_token'] . $url, true) 300 ); 301 302 if (!isset($this->request->get['api_id'])) { 303 $data['action'] = $this->url->link('user/api/add', 'user_token=' . $this->session->data['user_token'] . $url, true); 304 } else { 305 $data['action'] = $this->url->link('user/api/edit', 'user_token=' . $this->session->data['user_token'] . '&api_id=' . $this->request->get['api_id'] . $url, true); 306 } 307 308 $data['cancel'] = $this->url->link('user/api', 'user_token=' . $this->session->data['user_token'] . $url, true); 309 310 if (isset($this->request->get['api_id']) && ($this->request->server['REQUEST_METHOD'] != 'POST')) { 311 $api_info = $this->model_user_api->getApi($this->request->get['api_id']); 312 } 313 314 if (isset($this->request->post['username'])) { 315 $data['username'] = $this->request->post['username']; 316 } elseif (!empty($api_info)) { 317 $data['username'] = $api_info['username']; 318 } else { 319 $data['username'] = ''; 320 } 321 322 if (isset($this->request->post['key'])) { 323 $data['key'] = $this->request->post['key']; 324 } elseif (!empty($api_info)) { 325 $data['key'] = $api_info['key']; 326 } else { 327 $data['key'] = ''; 328 } 329 330 if (isset($this->request->post['status'])) { 331 $data['status'] = $this->request->post['status']; 332 } elseif (!empty($api_info)) { 333 $data['status'] = $api_info['status']; 334 } else { 335 $data['status'] = 0; 336 } 337 338 // IP 339 if (isset($this->request->post['api_ip'])) { 340 $data['api_ips'] = $this->request->post['api_ip']; 341 } elseif (isset($this->request->get['api_id'])) { 342 $data['api_ips'] = $this->model_user_api->getApiIps($this->request->get['api_id']); 343 } else { 344 $data['api_ips'] = array(); 345 } 346 347 // Session 348 $data['api_sessions'] = array(); 349 350 if (isset($this->request->get['api_id'])) { 351 $results = $this->model_user_api->getApiSessions($this->request->get['api_id']); 352 353 foreach ($results as $result) { 354 $data['api_sessions'][] = array( 355 'api_session_id' => $result['api_session_id'], 356 'session_id' => $result['session_id'], 357 'ip' => $result['ip'], 358 'date_added' => date($this->language->get('datetime_format'), strtotime($result['date_added'])), 359 'date_modified' => date($this->language->get('datetime_format'), strtotime($result['date_modified'])) 360 ); 361 } 362 } 363 364 $data['header'] = $this->load->controller('common/header'); 365 $data['column_left'] = $this->load->controller('common/column_left'); 366 $data['footer'] = $this->load->controller('common/footer'); 367 368 $this->response->setOutput($this->load->view('user/api_form', $data)); 369 } 370 371 protected function validateForm() { 372 if (!$this->user->hasPermission('modify', 'user/user')) { 373 $this->error['warning'] = $this->language->get('error_permission'); 374 } 375 376 if ((utf8_strlen(trim($this->request->post['username'])) < 3) || (utf8_strlen(trim($this->request->post['username'])) > 64)) { 377 $this->error['username'] = $this->language->get('error_username'); 378 } 379 380 if ((utf8_strlen($this->request->post['key']) < 64) || (utf8_strlen($this->request->post['key']) > 256)) { 381 $this->error['key'] = $this->language->get('error_key'); 382 } 383 384 if (!isset($this->error['warning']) && !isset($this->request->post['api_ip'])) { 385 $this->error['warning'] = $this->language->get('error_ip'); 386 } 387 388 return !$this->error; 389 } 390 391 protected function validateDelete() { 392 if (!$this->user->hasPermission('modify', 'user/api')) { 393 $this->error['warning'] = $this->language->get('error_permission'); 394 } 395 396 return !$this->error; 397 } 398 399 public function deleteSession() { 400 $this->load->language('user/api'); 401 402 $json = array(); 403 404 if (!$this->user->hasPermission('modify', 'user/api')) { 405 $json['error'] = $this->language->get('error_permission'); 406 } else { 407 $this->load->model('user/api'); 408 409 $this->model_user_api->deleteApiSession($this->request->get['api_session_id']); 410 411 $json['success'] = $this->language->get('text_success'); 412 } 413 414 $this->response->addHeader('Content-Type: application/json'); 415 $this->response->setOutput(json_encode($json)); 416 } 417 }