/**
This is where you perform the action when the API is called, the parameter given is an instance of stdClass, this method should return an instance of stdClass.
*/
public function action()
{
global $mybb, $db;
$api = APISystem::get_instance();
if (isset($api->paths[1]) && is_string($api->paths[1])) {
switch (strtolower($api->paths[1])) {
case "list":
if (isset($api->paths[2]) && is_string($api->paths[2]) && isset($forums[$api->paths[2]])) {
return (object) $forums[$api->paths[2]];
} else {
return (object) $forums;
}
break;
case "posts":
if (isset($api->paths[2]) && is_string($api->paths[2])) {
$posts = array();
$tid = $db->escape_string($api->paths[2]);
$query = $db->write_query("SELECT * FROM " . TABLE_PREFIX . "posts p WHERE p.`tid` = '{$tid}'");
while ($post = $db->fetch_array($query)) {
$posts[$post["pid"]] = $post;
}
return (object) $posts;
} else {
// what forum?
}
break;
case "permissions":
$forumpermissions = forum_permissions();
return (object) $forumpermissions;
default:
break;
}
}
throw new BadRequestException("No valid option given in the URL.");
}
/**
This is where you output the object you receive, the parameter given is an instance of stdClass.
*/
public function action($stdClassObject)
{
$api = APISystem::get_instance();
if ($api->standard_method() == APISystem::HTTP_HEADER) {
$jsonpcallback = $this->_jsonpcallback_from_http_header();
} elseif ($api->standard_method() == APISystem::URL_PARAMETER) {
$jsonpcallback = $this->_jsonpcallback_from_url_parameter();
} else {
$jsonpcallback = $this->_jsonpcallback_from_both();
}
// if no callback function has been defined OR the one provided is invalid, return "callback"
$jsonpcallback = is_null($jsonpcallback) || !self::_is_valid_jsonpcallback_function($jsonpcallback) ? "callback" : $jsonpcallback;
header("Content-type: application/javascript");
echo $jsonpcallback . "(";
echo json_encode($stdClassObject);
echo ")";
}
/**
This is where you perform the action when the API is called, the parameter given is an instance of stdClass, this method should return an instance of stdClass.
*/
public function action()
{
global $mybb, $db;
$api = APISystem::get_instance();
if (isset($api->paths[1]) && is_string($api->paths[1])) {
$forums = cache_forums();
switch (strtolower($api->paths[1])) {
case "list":
if (isset($api->paths[2]) && is_string($api->paths[2]) && isset($forums[$api->paths[2]])) {
return (object) $forums[$api->paths[2]];
} else {
return (object) $forums;
}
break;
case "threads":
if (isset($api->paths[2]) && is_string($api->paths[2]) && isset($forums[$api->paths[2]])) {
$threads = array();
$fid = $db->escape_string($api->paths[2]);
$query = $db->write_query("SELECT * FROM " . TABLE_PREFIX . "threads t WHERE t.`fid` = '{$fid}'");
while ($thread = $db->fetch_array($query)) {
$threads[$thread["tid"]] = $thread;
}
return (object) $threads;
} else {
// what forum?
}
break;
case "permissions":
if (isset($api->paths[2]) && is_string($api->paths[2]) && isset($forums[$api->paths[2]]) && $this->is_authenticated()) {
return (object) forum_permissions($api->paths[2], $this->get_user()->id, $this->get_user()->usergroup);
} else {
//what forum?
}
default:
break;
}
}
throw new BadRequestException("No valid option given in the URL.");
}
/**
This is where you perform the action when the API is called, the parameter given is an instance of stdClass, this method should return an instance of stdClass.
*/
public function action()
{
global $mybb, $db, $cache;
$api = APISystem::get_instance();
if (isset($api->paths[1]) && is_string($api->paths[1])) {
switch (strtolower($api->paths[1])) {
case "list":
// Incoming sort field?
if ($mybb->input['sort']) {
$mybb->input['sort'] = strtolower($mybb->input['sort']);
} else {
$mybb->input['sort'] = $mybb->settings['default_memberlist_sortby'];
}
switch ($mybb->input['sort']) {
case "regdate":
$sort_field = "u.regdate";
break;
case "lastvisit":
$sort_field = "u.lastactive";
break;
case "reputation":
$sort_field = "u.reputation";
break;
case "postnum":
$sort_field = "u.postnum";
break;
case "referrals":
$sort_field = "u.referrals";
break;
default:
$sort_field = "u.username";
$mybb->input['sort'] = 'username';
break;
}
// Incoming sort order?
if ($mybb->input['order']) {
$mybb->input['order'] = strtolower($mybb->input['order']);
} else {
$mybb->input['order'] = strtolower($mybb->settings['default_memberlist_order']);
}
if ($mybb->input['order'] == "ascending" || !$mybb->input['order'] && $mybb->input['sort'] == 'username') {
$sort_order = "ASC";
$mybb->input['order'] = "ascending";
} else {
$sort_order = "DESC";
$mybb->input['order'] = "descending";
}
// Incoming results per page?
$mybb->input['perpage'] = intval($mybb->input['perpage']);
if ($mybb->input['perpage'] > 0 && $mybb->input['perpage'] <= 500) {
$per_page = $mybb->input['perpage'];
} else {
if ($mybb->settings['membersperpage']) {
$per_page = $mybb->input['perpage'] = intval($mybb->settings['membersperpage']);
} else {
$per_page = $mybb->input['perpage'] = 20;
}
}
$search_query = '1=1';
// Limiting results to a certain letter
if ($mybb->input['letter']) {
$letter = chr(ord($mybb->input['letter']));
if ($mybb->input['letter'] == -1) {
$search_query .= " AND u.username NOT REGEXP('[a-zA-Z]')";
} else {
if (strlen($letter) == 1) {
$search_query .= " AND u.username LIKE '" . $db->escape_string_like($letter) . "%'";
}
}
}
// Searching for a matching username
$search_username = htmlspecialchars_uni(trim($mybb->input['username']));
if ($search_username != '') {
$username_like_query = $db->escape_string_like($search_username);
// Name begins with
if ($mybb->input['username_match'] == "begins") {
$search_query .= " AND u.username LIKE '" . $username_like_query . "%'";
} else {
$search_query .= " AND u.username LIKE '%" . $username_like_query . "%'";
}
}
// Website contains
$search_website = htmlspecialchars_uni($mybb->input['website']);
if (trim($mybb->input['website'])) {
$search_query .= " AND u.website LIKE '%" . $db->escape_string_like($mybb->input['website']) . "%'";
}
// AIM Identity
if (trim($mybb->input['aim'])) {
$search_query .= " AND u.aim LIKE '%" . $db->escape_string_like($mybb->input['aim']) . "%'";
}
// ICQ Number
if (trim($mybb->input['icq'])) {
$search_query .= " AND u.icq LIKE '%" . $db->escape_string_like($mybb->input['icq']) . "%'";
}
// MSN/Windows Live Messenger address
if (trim($mybb->input['msn'])) {
$search_query .= " AND u.msn LIKE '%" . $db->escape_string_like($mybb->input['msn']) . "%'";
}
// Yahoo! Messenger address
if (trim($mybb->input['yahoo'])) {
$search_query .= " AND u.yahoo LIKE '%" . $db->escape_string_like($mybb->input['yahoo']) . "%'";
}
$query = $db->simple_select("users u", "COUNT(*) AS users", "{$search_query}");
$num_users = $db->fetch_field($query, "users");
$page = intval($mybb->input['page']);
if ($page && $page > 0) {
$start = ($page - 1) * $per_page;
} else {
$start = 0;
$page = 1;
}
$query = $db->query("\n\t\t\t\t\tSELECT u.*, f.*\n\t\t\t\t\tFROM " . TABLE_PREFIX . "users u\n\t\t\t\t\tLEFT JOIN " . TABLE_PREFIX . "userfields f ON (f.ufid=u.uid)\n\t\t\t\t\tWHERE {$search_query}\n\t\t\t\t\tORDER BY {$sort_field} {$sort_order}\n\t\t\t\t\tLIMIT {$start}, {$per_page}\n\t\t\t\t");
$return_array = new stdClass();
$return_array->list = array();
while ($user = $db->fetch_array($query)) {
$return_array->list[] = $user;
}
$return_array->count = $num_users;
return $return_array;
break;
case "group":
$usergroups = $cache->read("usergroups");
return array_values($usergroups);
break;
default:
break;
}
}
}
/**
* Get single instance of the APISystem class
*/
public static function get_instance()
{
if (null === self::$instance) {
self::$instance = new APISystem();
}
return self::$instance;
}
<?php
# This file is a part of MyBB RESTful API System plugin - version 0.2
# Released under the MIT Licence by medbenji (TheGarfield)
define("IN_MYBB", 1);
define('THIS_SCRIPT', 'api.php');
require_once './global.php';
require_once MYBB_ROOT . 'inc/plugins/restfulapi/apisystem.class.php';
$api = APISystem::get_instance();
$lang->load("restfulapi");
if (!$api->is_active()) {
// restful api system is either not enabled, not installed or not activated
$api->redirect_index($lang->restfulapi_no_permission);
}
/*
building our output class
*/
$outputer = $api->build_outputer();
// does the API system require HTTPS and the request was made over HTTP ?
if ($api->requires_https() && !$api->is_https()) {
$api->perform_exception(new BadRequestException($lang->restfulapi_not_https));
}
/*
Reject invalid API keys, but provide an error answer instead of a redirection, so they can parse the error answer and know
they have been rejected.
*/
if (!$api->is_valid_api_key()) {
$api->perform_exception(new UnauthorizedException($lang->restfulapi_invalid_api_key));
}
$api_instance = $api->build_api_instance();
if (empty($api_instance)) {
/**
Getter not used by the API System
*/
public function get_user()
{
return APISystem::get_instance()->get_auth_user_object();
}
