/**
* Processes a POST (if there was one) of the registration form. If there was not a successful registration, then modifies
* the data passed in to contain the values which WERE posted (to make form re-submission easier). Returns 'true' if there
* was a successful registration, false if there was no registration attempt or an error.
*
* If registration is successful, also sets 'apiKey' key in the 'data' array to the new API key that was created.
*
* @param data - array - an associative array whose keys are the names of the the variables for the template, and whose values should
* be the default values for those fields. This will be modified (overridden) by any of those values which were posted
* to this page.
* @return mixed - boolean true if there was a successful registration, false if there was no registration or a failed attempt. If there was
* an error, that will be added to the 'data' array under the key 'errorString'.
*/
public static function processPost(&$data)
{
$didRegister = false;
if (ApiGate::getPost('formName') == "apiGate_register") {
$firstName = ApiGate::getPost('firstName');
$lastName = ApiGate::getPost('lastName');
$email_1 = ApiGate::getPost('email_1');
$email_2 = ApiGate::getPost('email_2');
// Validate the input.
$errorString = "";
$errorString = ApiGate_Register::validateNameAndEmail($firstName, $lastName, $email_1, $email_2, $errorString);
// If input was valid, attempt to create a key.
if ($errorString == "") {
// Create a new API key and store it to the database with the values provided.
$apiKey = self::generateKey();
$userId = ApiGate_Config::getUserId();
// This is in library-code (not MediaWiki) so build the query by hand.
$dbw = ApiGate_Config::getMasterDb();
$queryString = "INSERT INTO /* ApiGate_Register::processPost() */" . ApiGate::TABLE_KEYS . " (user_id, apiKey, email, firstName, lastName) VALUES (";
$queryString .= "'" . mysql_real_escape_string($userId, $dbw) . "', ";
$queryString .= "'" . mysql_real_escape_string($apiKey, $dbw) . "', ";
$queryString .= "'" . mysql_real_escape_string($email_1, $dbw) . "', ";
$queryString .= "'" . mysql_real_escape_string($firstName, $dbw) . "', ";
$queryString .= "'" . mysql_real_escape_string($lastName, $dbw) . "')";
if (ApiGate::sendQuery($queryString)) {
ApiGate::sendQuery("COMMIT");
// MediaWiki was randomly not saving the row without this.
$data['apiKey'] = $apiKey;
$didRegister = true;
} else {
$errorString .= "\n" . i18n('apigate-mysql-error');
$errorString .= "\n<br/><br/>" . mysql_error($dbw);
}
}
if ($errorString != "") {
$errorString = trim($errorString);
$errorString = str_replace("\n", "<br/>", $errorString);
$data['errorString'] = $errorString;
}
}
return $didRegister;
}
/**
* Shows a small module of the API keys for the user provided. If no user is provided, uses the currently logged in user.
*
* Allows explicitly specifying the keys (for performance reasons, if you've already looked them up).
*
* @param userId - mixed - (optional) userId of the user whose keys should be shown. If null or not provided, then it will use
* the currently logged in user.
* @param keyData - array - (optional) array of keys and key nicknames for the user in the format provided by ApiGate::getKeyDataByUserId.
* If provided, this will be assumed to be the correct list of keys
* so they will not be looked up from the database using the userId provided (or the default user as described in userId's
* param documentation above.
*/
public function subpage_userKeys($userId = null, $keyData = null)
{
wfProfileIn(__METHOD__);
if ($userId == null) {
$userId = ApiGate_Config::getUserId();
}
if ($keyData == null) {
$keyData = ApiGate::getKeyDataByUserId($userId);
}
$data = array('userId' => $userId, 'keyData' => $keyData);
$html = ApiGate_Dispatcher::renderTemplate("userKeys", $data);
wfProfileOut(__METHOD__);
return $html;
}
/**
* @return boolean - true if the currently-logged in user is allowed to view the info for this key, false otherwise.
* Currently, to view the key, the user must be the owner of the key or an API Gate admin.
*/
public function canBeViewedByCurrentUser()
{
return $this->userId == ApiGate_Config::getUserId() || ApiGate_Config::isAdmin();
}
