/** * Retrieve a user according to email and api key * * @param string $email The email of the user wanted * @param string $api_key The api key of the user wanted * @return ApiPrintUser The user object or null if it doesn't exist * @access public * @static * @since 1.0.0 */ public static function retrieveByEmailAndKey($email, $api_key) { if (is_string($email) === false || is_string($api_key) === false) { throw new Exception('email and api_key must be string'); } $api_print_user = new ApiPrintUser(); $sql = 'SELECT * FROM ' . $api_print_user->getTableName() . ' '; $sql .= 'WHERE email = :email AND api_key = :api_key'; $stmt = Database::getSingleton()->prepare($sql); $stmt->bindValue(':email', $email, PDO::PARAM_STR); $stmt->bindValue(':api_key', $api_key, PDO::PARAM_STR); $res = $stmt->execute(); if ($res === false) { if (DEBUG === true) { ob_start(); $stmt->debugDumpParams(); $error = ob_get_contents(); ob_end_clean(); throw new Exception('Error in the query : ' . $error); } return null; } $result = $stmt->fetch(PDO::FETCH_ASSOC); if ($result === false) { return null; } $api_print_user->load($result); return $api_print_user; }
/** * Retrieve a print according to user and md5 * * @param ApiPrintUser $user The API user * @param string $md5 The md5 of the URL or content * @return ApiPrint The print object or null if it doesn't exist * @access public * @static * @since 1.0.0 */ public static function retrieveByUserAndMd5(ApiPrintUser $user, $md5) { if (is_string($md5) === false || empty($md5) === true) { throw new Exception('MD5 must be a no empty string'); } $api_print = new ApiPrint(); $sql = 'SELECT * FROM ' . $api_print->getTableName() . ' '; $sql .= 'WHERE id_user = :id_user AND md5 = :md5'; $stmt = Database::getSingleton()->prepare($sql); $stmt->bindValue(':id_user', $user->getId(), PDO::PARAM_INT); $stmt->bindValue(':md5', $md5, PDO::PARAM_STR); $res = $stmt->execute(); if ($res === false) { if (DEBUG === true) { ob_start(); $stmt->debugDumpParams(); $error = ob_get_contents(); ob_end_clean(); throw new Exception('Error in the query : ' . $error); } return null; } $result = $stmt->fetch(PDO::FETCH_ASSOC); if ($result === false) { return null; } $api_print->load($result); return $api_print; }
# OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE # OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. # require_once dirname(__FILE__) . '/inc/config.inc.php'; require_once dirname(__FILE__) . '/inc/ApiPrint.class.php'; require_once dirname(__FILE__) . '/inc/ApiPrintUser.class.php'; require_once dirname(__FILE__) . '/inc/ApiPrintResponse.class.php'; // Prepare response $response = new ApiPrintResponse(); // Check headers if (isset($_SERVER['HTTP_X_API_EMAIL']) === false || isset($_SERVER['HTTP_X_API_TOKEN']) === false) { $response->sendCallError(); } try { // Get the user $api_user = ApiPrintUser::retrieveByEmailAndKey($_SERVER['HTTP_X_API_EMAIL'], $_SERVER['HTTP_X_API_TOKEN']); if ($api_user === null) { $response->sendLoginError(); } // Check URL or HTML content $md5 = null; $url = null; $content = null; $options = array(); if (isset($_POST['url']) === true && is_string($_POST['url']) === true && empty($_POST['url']) === false) { $url = (string) $_POST['url']; $md5 = md5($url); } elseif (isset($_POST['content']) === true && is_string($_POST['content']) === true && empty($_POST['content']) === false) { if (get_magic_quotes_gpc() === 1) { $_POST['content'] = stripslashes($_POST['content']); }