/**
* Displays the page with key information and statistics (one tab each).
*/
public function subpage_key($apiKey)
{
wfProfileIn(__METHOD__);
$apiKeyObject = ApiGate_ApiKey::newFromDb($apiKey);
$html = "";
ob_start();
if (is_object($apiKeyObject)) {
// Determine if the current user can view this key (they must either own it or be an ApiGate admin).
if ($apiKeyObject->canBeViewedByCurrentUser()) {
$useTwoColLayout = false;
// use full width so that the charts fit
// Use standard tabs (from UI Style Guide)
?>
<ul class="tabs">
<li class="selected" data-tab="apiGate_keyInfo"><a><?php
echo wfMsg('apigate-tab-keyinfo');
?>
</a></li>
<li data-tab="apiGate_keyStats"><a><?php
echo wfMsg('apigate-tab-keystats');
?>
</a></li>
</ul>
<div id="apiGate_keyInfo" data-tab-body="apiGate_keyInfo" class="tabBody selected">
<?php
echo $this->subpage_keyInfo($apiKeyObject);
?>
</div>
<div id="apiGate_keyStats" data-tab-body="apiGate_keyStats" class="tabBody">
<?php
echo $this->subpage_keyStats($apiKey);
?>
</div><!-- end apiGate_keyStats -->
<?php
} else {
ApiGate::printError(i18n('apigate-error-keyaccess-denied', $apiKey));
}
} else {
// NOTE: This message which says essentially "not found or you don't have access" is intentionally vauge.
// If we had access-denied and key-not-found be different errors, attackers could just iterate through a bunch of possibilities
// until they found a key that exists & then they could spoof as being that app.
ApiGate::printError(i18n('apigate-error-keyaccess-denied', $apiKey));
}
$html .= ob_get_clean();
wfProfileOut(__METHOD__);
return $html;
}
/**
* Prints a mysql error.
*/
public static function queryError($queryString, $db, $returnAsString = false)
{
$errorString = i18n('apigate-mysql-error', $queryString, mysql_error($db));
if ($returnAsString) {
return ApiGate::getErrorHtml($errorString);
} else {
ApiGate::printError($errorString);
}
}