/**
* Execute the console command.
*
* @return mixed
*/
public function fire()
{
//
$shop_id = $this->argument('shop');
if (!$shop_id) {
return $this->error('You must provide a shop ID.');
}
$shop = Shop::where('id', $shop_id)->first();
if (!$shop) {
return $this->error('The shop ID you provided is invalid.');
}
$access_title = $this->argument('access_title');
if (!$access_title) {
$access_title = 'Free';
}
$accessLevel = AccessLevel::where('title', $access_title)->first();
if (!$accessLevel) {
return $this->error('The access level you provided is invalid.');
}
$apiKey = new ApiKey();
$apiKey->shop_id = $shop_id;
$apiKey->public_key = Hash::make($shop_id . 'REMEDY');
$apiKey->access_level_id = $accessLevel->id;
$apiKey->save();
$this->info('The generated API key is:');
return $this->info($apiKey->public_key);
}
/**
* @covers Smsglobal\RestApiClient\ApiKey::getAuthorizationHeader
*/
public function testGetAuthorizationHeader()
{
$apiKey = new ApiKey('test', 'abcd');
$header = $apiKey->getAuthorizationHeader('GET', '/v1/sms/', 'api.smsglobal.com', 443);
$regExp = '/^MAC id="test", ts="\\d+", nonce=".*", mac=".*"$/';
$this->assertRegExp($regExp, $header);
}
public function store()
{
if ($this->getId() != 0) {
try {
$stmt = DB::getInstance()->prepare("UPDATE api_keys SET\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\tapi_key = ?,\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\tobject_id = ?,\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\tobject_type = ?,\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\tdescription = ?,\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\tupdate_date = NOW()\n\t\t\t\t\t\t\t\t\t\t\t\t\t\tWHERE id=?");
$stmt->execute(array($this->getApiKey(), $this->getObjectId(), $this->getObjectType(), $this->getDescription(), $this->getId()));
return $stmt->rowCount();
} catch (PDOException $e) {
echo $e->getMessage();
echo $e->getTraceAsString();
}
} elseif ($this->getApiKey() != "" and $this->getObjectId() != 0 and $this->getObjectType() != "") {
$tmp_api_key = new ApiKey(false, $this->getApiKey());
if (!$tmp_api_key->fetch()) {
try {
$stmt = DB::getInstance()->prepare("INSERT INTO api_keys (api_key, object_id, object_type, description, create_date, update_date)\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\tVALUES (?, ?, ?, ?, NOW(), NOW())");
$stmt->execute(array($this->getApiKey(), $this->getObjectId(), $this->getObjectType(), $this->getDescription()));
return DB::getInstance()->lastInsertId();
} catch (PDOException $e) {
echo $e->getMessage();
echo $e->getTraceAsString();
}
}
}
return false;
}
/**
* Main Controller Method for Shopify Authorization
*/
public function installOrAuthenticate()
{
if (Input::get('code')) {
// New install
Log::info('New Install: ' . Input::get('shop'));
$sh = App::make('ShopifyAPI', ['API_KEY' => Config::get('shopify.APP_API_KEY'), 'API_SECRET' => Config::get('shopify.APP_API_SECRET'), 'SHOP_DOMAIN' => Input::get('shop')]);
// Get Access Token
try {
$accessToken = $sh->getAccessToken(Input::get('code'));
} catch (Exception $e) {
Log::error($e->getMessage());
die('<pre>Error: ' . $e->getMessage() . '</pre>');
}
$shop = Shop::where('domain', Input::get('shop'))->first();
if (!$shop) {
//Log::info(__LINE__ . ': New Shop');
$shop = new Shop();
}
$shop->setDomain(Input::get('shop'));
$shop->setAccessToken($accessToken);
$shop->save();
$this->updateShopInfo($shop);
/**
* Create the shop's first api key automatically, on install
*/
$apiKey = new ApiKey();
$apiKey->shop_id = $shop->id;
$apiKey->public_key = Hash::make($shop->id . 'REMEDY');
$apiKey->access_level_id = AccessLevel::where('title', 'Free Plus')->first()->id;
$apiKey->save();
/**
* Create webhook for uninstall
*/
$hookData = array('webhook' => array('topic' => 'app/uninstalled', 'address' => 'https://' . $_ENV['HOST'] . '/uninstall-hook', 'format' => 'json'));
try {
$sh->setup(['ACCESS_TOKEN' => $shop->getAccessToken()]);
$sh->call(['URL' => 'webhooks.json', 'METHOD' => 'POST', 'DATA' => $hookData]);
} catch (Exception $e) {
Log::error('Issue creating uninstall webhook - ' . $shop->domain . ' : ' . $e->getMessage());
}
Session::put('shop', $shop->domain);
return Redirect::to('/');
} else {
// Accessing app from apps screen
$shop = Shop::where('domain', Input::get('shop'))->first();
if ($shop) {
Log::info('Shop found after Auth: ' . Input::get('shop'));
$this->updateShopInfo($shop);
Session::put('shop', Input::get('shop'));
return Redirect::to('/');
} else {
Log::warning('Shop redirecting to install: ' . Input::get('shop'));
$sh = App::make('ShopifyAPI', ['API_KEY' => Config::get('shopify.APP_API_KEY'), 'SHOP_DOMAIN' => Input::get('shop')]);
return Redirect::to($sh->installURL(['permissions' => Config::get('shopify.APP_API_SCOPE'), 'redirect' => 'https://' . $_ENV['HOST'] . '/auth']));
}
}
}
private function keyExists($key)
{
$apiKeyCount = ApiKey::where('key', '=', $key)->limit(1)->count();
if ($apiKeyCount > 0) {
return true;
}
return false;
}
public function authenticate($key = null)
{
$key = $key ?: $this->parseKey();
if (is_null($keyRecord = ApiKey::getByKey($key))) {
throw new \RuntimeException('Invalid API key.');
}
return $keyRecord;
}
private function mockPrepareApiCall()
{
$keyId = 'keyId';
$vcode = 'vcode';
$this->apiCall->shouldReceive('getKey')->andReturn($this->key);
$this->key->shouldReceive('isActive')->andReturn(true);
$this->key->shouldReceive('getKeyId')->andReturn($keyId);
$this->key->shouldReceive('getVcode')->andReturn($vcode);
$this->phealFactory->shouldReceive('createEveOnline')->with($keyId, $vcode)->andReturn($this->pheal);
$this->apiCall->shouldReceive('getApi')->andReturn($this->api);
$this->specificApiFactory->shouldReceive('create')->with($this->api)->andReturn($this->specificApi);
}
/**
* @protected
* Check API Key
*/
public function _secure()
{
$headers = getallheaders();
$key = $headers['X-Api-Key'];
if (!$key) {
$this->redirect('/api/failure/12');
}
$apiKey = ApiKey::first(['key' => $key]);
if (!$apiKey) {
$this->redirect('/api/failure/13');
}
$ip = Utils::getClientIp();
if (!in_array($ip, $apiKey->ips)) {
// $this->redirect('/api/failure/41');
}
$this->_org = Organization::first(['_id' => $apiKey->org_id]);
if ($this->_org->live !== true) {
$this->redirect('/api/failure/42');
}
}
/**
* Sets the Authorization header on the given request
*
* @param Request $request Request instance
* @param string $method HTTP method
* @param string $requestUri Request URI
* @return $this Provides a fluent interface
*/
protected function setAuthorizationHeader(Request $request, $method, $requestUri)
{
$header = $this->apiKey->getAuthorizationHeader($method, $requestUri, $this->host, $this->useSsl ? 443 : 80);
$request->headers->set('Authorization', $header);
return $this;
}
function valuesFromForm(array &$values, ApiKey $record)
{
$record->setPerms($values['_perms']);
$values['perms'] = $record->perms;
}
public static function getAllKeys()
{
$oMysqli = Database::getInstance();
$oResults = $oMysqli->query("SELECT a.*,u.login FROM tks_apikeys a \r\n JOIN tks_users u \r\n ON u.id = a.id_user");
$aResults = array();
while ($aResult = $oResults->fetch_assoc()) {
$oKey = new ApiKey($aResult['apikey'], $aResult['id_user'], $aResult['read'], $aResult['write']);
$oKey->setUserLogin($aResult['login']);
$aResults[] = $oKey;
}
return $aResults;
}
use Pheal\Pheal;
use Pheal\Core\Config;
Config::getInstance()->cache = new \Pheal\Cache\MemcacheStorage();
Config::getInstance()->access = new \Pheal\Access\StaticCheck();
// Confirming that the API server is responding
if ($eve->getAPIStatus()) {
// Setting the lookup cache limit to 1 hour / 3600 seconds
$cacheLimit = time() - 3600;
// Getting the oldest key that isn't set to 999 (disabled) and
$stmt = $db->prepare('SELECT * FROM core_cron WHERE cron_updated < ? AND cron_status = 1 ORDER BY cron_updated ASC LIMIT 1');
$stmt->execute(array($cacheLimit));
$apiLookup = $stmt->fetch(PDO::FETCH_ASSOC);
// Checking to see if anything is out of cache
if (isset($apiLookup['api_keyID'])) {
// Checking the API key
$key = new ApiKey($apiLookup['api_keyID'], $apiLookup['api_vCode'], $apiLookup['uid'], $db);
// Checking to see if the key is valid
if ($key->getKeyStatus() == 1) {
// Key is valid, updating it
$updateKey = $key->updateAPIKey();
// Checking the access mask for the key
if ($key->accessMaskCheck()) {
// Looping through the characters
foreach ($key->getCharacters() as $character) {
$char = new Character($character['characterID'], $key->getKeyID(), $key->getVCode(), $key->getAccessMask(), $db, $apiLookup['uid']);
if ($char->getExistance() or $char->getExistance() == FALSE) {
$char->updateCharacterInfo();
/*
* SKILLS UPDATE SECTION
*/
$skills = $char->updateCharacterSkills();
/**
* Add a new server
*
* @param string $name The name of the server
* @param string $domain The domain of the server (e.g. server.com)
* @param string $port The port of the server (e.g. 5154)
* @param int $country The ID of the country
* @param int $owner The ID of the server owner
*
* @return Server An object that represents the sent message
*/
public static function addServer($name, $domain, $port, $country, $owner)
{
$key = ApiKey::getKeyByOwner($owner);
$server = self::create(array('name' => $name, 'domain' => $domain, 'port' => $port, 'country' => $country, 'owner' => $owner, 'api_key' => $key->getId(), 'status' => 'active'), 'updated');
$server->forceUpdate();
return $server;
}
Route::post('/user/apikeys', array('uses' => 'AccountController@createApiKey', 'as' => 'create-account-apikey'));
// delete account api key by id
Route::delete('/user/apikeys/{apikey_id}', array('uses' => 'AccountController@deleteApiKey', 'as' => 'delete-account-apikey'));
/**
* Public API v1 routes
*/
Route::group(['prefix' => 'api/v1', 'before' => 'api.auth|api.rate'], function () {
/**
* Get a single product
*/
Route::get('products/{id}', array('uses' => 'ProductController@getOne'));
/**
* Get all / filtered / sorted products
*/
Route::get('products', array('uses' => 'ProductController@getMany'));
});
/**
* Public API v2 routes
*/
Route::group(['prefix' => 'api/v{version_number}', 'before' => 'api.auth|api.rate'], function () {
/**
* Future API version
*/
Route::get('{any?}', function () {
$public_key = Request::header('X-Remedy-Auth');
$apiKey = ApiKey::where('public_key', $public_key)->first();
$builder = new ResponseBuilder($apiKey);
$builder->setStatus(418, 'cool', 'I like where your head is at but mine is not there yet. ;)');
return $builder->getResponse();
});
});
/**
* Create label for access right
* @param ApiKey $p_oApiKey
* @return string HTML code
*/
private function createAccessLabel($p_oApiKey)
{
if ($p_oApiKey->isRead()) {
if ($p_oApiKey->isWrite()) {
$sType = 'success';
$sText = Language::translate('API_ADMIN_LABEL_FULL');
} else {
$sType = 'info';
$sText = Language::translate('API_ADMIN_LABEL_READ');
}
} elseif ($p_oApiKey->isWrite()) {
$sType = 'info';
$sText = Language::translate('API_ADMIN_LABEL_WRITE');
} else {
$sType = 'danger';
$sText = Language::translate('API_ADMIN_LABEL_NONE');
}
$oLabel = new View('label');
$oLabel->addData('text', $sText);
$oLabel->addData('type', $sType);
$oLabel->create();
return $oLabel->getCode();
}
public function sendAuthRequestEmail(ApiKey $api)
{
$this->sendMail('ApiAuthRequest', array('api_id' => $api->getIncremented()));
return;
}
|--------------------------------------------------------------------------
|
| Public API filter provides header based API key authentication and API rate limiting
|
*/
Route::filter('api.auth', function () {
// do we have an auth header
$authToken = Request::header('X-Remedy-Auth');
if (!$authToken) {
$builder = new ResponseBuilder();
$builder->setStatus(401, 'missing_api_key', 'No api key given.');
return $builder->getResponse();
}
// does that auth header contain a valid api key
$apiKey = ApiKey::where('public_key', $authToken)->first();
if (!$apiKey) {
$builder = new ResponseBuilder();
$builder->setStatus(401, 'invalid_api_key', 'Unauthorized request. This event has been logged. Do it 2 more times, I DARE you!');
return $builder->getResponse();
}
});
Route::filter('api.rate', function () {
$authToken = Request::header('X-Remedy-Auth');
$apiKey = ApiKey::where('public_key', $authToken)->first();
// check if the api key is over their limit and store / update the cache
if (!RateLimiter::check($apiKey)) {
$builder = new ResponseBuilder();
$builder->setStatus(429, 'rate_limited', 'Too many requests. You have been rate limited, because the internet. ;)');
return $builder->getResponse();
}
});
<?php
require_once 'runtime.php';
require_once ROOT_DIR . '/lib/core/ApiKeyList.class.php';
require_once ROOT_DIR . '/lib/core/Router.class.php';
require_once ROOT_DIR . '/lib/core/User.class.php';
if ($_GET['section'] == "insert_add") {
//add new api key
do {
$api_key = new ApiKey(false, ApiKey::generateApiKey(), (int) $_GET['object_id'], $_GET['object_type'], $_POST['description']);
$api_key_id = $api_key->store();
} while (!$api_key_id);
$message[] = array("Es wurde ein neuer API-Key " . $api_key->getApiKey() . " generiert und gespeichert.", 1);
Message::setMessage($message);
header('Location: ./api_key_list.php?object_id=' . $_GET['object_id'] . '&object_type=' . $_GET['object_type']);
} elseif ($_GET['section'] == "delete") {
$api_key = new ApiKey((int) $_GET['api_key_id']);
$api_key->fetch();
$message[] = array("Der API-Key " . $api_key->getApiKey() . " wurde gelöscht.", 1);
$api_key->delete();
Message::setMessage($message);
header('Location: ./api_key_list.php?object_id=' . $_GET['object_id'] . '&object_type=' . $_GET['object_type']);
}
public function insertNewRouter()
{
$check_router_hostname_exist = Router_old::getRouterByHostname($_POST['hostname']);
if (!isset($_POST['allow_router_auto_assign'])) {
$_POST['allow_router_auto_assign'] = 0;
$_POST['router_auto_assign_login_string'] = '';
}
if ($_POST['allow_router_auto_assign'] == '1' and !empty($_POST['router_auto_assign_login_string'])) {
$check_router_auto_assign_login_string = Router_old::getRouterByAutoAssignLoginString($_POST['router_auto_assign_login_string']);
}
if (empty($_POST['hostname'])) {
$message[] = array("Bitte geben Sie einen Hostname an.", 2);
Message::setMessage($message);
return array("result" => false, "router_id" => $router_id);
} elseif (!empty($check_router_hostname_exist)) {
$message[] = array("Ein Router mit dem Hostnamen {$_POST['hostname']} existiert bereits, bitte wählen Sie einen anderen Hostnamen.", 2);
Message::setMessage($message);
return array("result" => false, "router_id" => $router_id);
} elseif (!(is_string($_POST['hostname']) and strlen($_POST['hostname']) <= 255 and preg_match("/^([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\\-]{0,61}[a-zA-Z0-9])(\\.([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\\-]{0,61}[a-zA-Z0-9]))*\$/", $_POST['hostname']))) {
//check for valid hostname as specified in rfc 1123
//see http://stackoverflow.com/a/3824105
$message[] = array("Der Hostname ist ungültig. Erlaubt sind Hostnames nach RFC 1123.", 2);
Message::setMessage($message);
return array("result" => false, "router_id" => $router_id);
} elseif (!empty($check_router_auto_assign_login_string)) {
$message[] = array("Der Router Auto Assign Login String wird bereits verwendet.", 2);
Message::setMessage($message);
return array("result" => false, "router_id" => $router_id);
} elseif ($_POST['allow_router_auto_assign'] == '1' and ($_POST['router_auto_assign_login_string'] == "Mac-Adresse..." or empty($_POST['router_auto_assign_login_string']) or ctype_space($_POST['router_auto_assign_login_string']))) {
$message[] = array("Wenn Automatische Routerzuweisung aktiviert ist, muss eine Mac-Adresse gesetzt werden.", 2);
$message[] = array("Du findest die Mac-Adresse oft auf der Rückseite des Routers.", 0);
Message::setMessage($message);
return array("result" => false, "router_id" => $router_id);
} else {
if (!is_numeric($_POST['latitude']) or !is_numeric($_POST['longitude'])) {
$_POST['latitude'] = 0;
$_POST['longitude'] = 0;
}
try {
$stmt = DB::getInstance()->prepare("INSERT INTO routers (user_id, create_date, update_date, crawl_method, hostname, allow_router_auto_assign, router_auto_assign_login_string, description, location, latitude, longitude, chipset_id)\n\t\t\t\t\t\t\t\t VALUES (?, NOW(), NOW(), ?, ?, ?, ?, ?, ?, ?, ?, ?)");
$stmt->execute(array($_SESSION['user_id'], $_POST['crawl_method'], $_POST['hostname'], $_POST['allow_router_auto_assign'], $_POST['router_auto_assign_login_string'], $_POST['description'], $_POST['location'], $_POST['latitude'], $_POST['longitude'], $_POST['chipset_id']));
$router_id = DB::getInstance()->lastInsertId();
} catch (PDOException $e) {
echo $e->getMessage();
echo $e->getTraceAsString();
}
$crawl_cycle_id = Crawling::getLastEndedCrawlCycle();
$router_status = new RouterStatus(false, (int) $crawl_cycle_id['id'], (int) $router_id, "offline");
$router_status->store();
//add new api key
do {
$api_key = new ApiKey(false, ApiKey::generateApiKey(), (int) $router_id, "router", "Initial key");
$api_key_id = $api_key->store();
} while (!$api_key_id);
if ($_POST['allow_router_auto_assign'] == '1' and !empty($_POST['router_auto_assign_login_string'])) {
RoutersNotAssigned::deleteByAutoAssignLoginString($_POST['router_auto_assign_login_string']);
}
$message[] = array("Der Router {$_POST['hostname']} wurde angelegt.", 1);
//Add event for new router
//TODO: add Router Object to data array
$event = new Event(false, 'router', (int) $router_id, 'new', array());
$event->store();
//Send Message to twitter
if ($_POST['twitter_notification'] == '1') {
Message::postTwitterMessage(Config::getConfigValueByName('community_name') . " hat einen neuen #Freifunk Knoten! Wo? Schau nach: " . Config::getConfigValueByName('url_to_netmon') . "/router.php?router_id={$router_id}");
}
Message::setMessage($message);
return array("result" => true, "router_id" => $router_id);
}
}
<?php
if (isset($_POST['action'])) {
if ($_POST['action'] == 'refresh' or $_POST['action'] == 'add') {
$keyID = $_POST['keyID'];
$vCode = $_POST['vCode'];
$key = new ApiKey($keyID, $vCode, $user, $db);
$keyUpdate = $key->refreshAPIKey();
if ($keyUpdate and $_POST['action'] == 'refresh') {
setAlert('success', 'API Key Updated', 'The selected API Key has been refreshed, and all character information updated.');
} elseif ($keyUpdate and $_POST['action'] == 'add') {
setAlert('success', 'API Key Added', 'The API Key has been successfully added to the account');
}
} elseif ($_POST['action'] == 'delete') {
ApiKey::deleteKey($_POST['keyID'], $user);
}
}
$stmt = $db->prepare('SELECT * FROM user_apikeys WHERE uid = ? ORDER BY userid ASC');
$stmt->execute(array($user->getUID()));
$apiKeys = $stmt->fetchAll(PDO::FETCH_ASSOC);
require_once 'includes/header.php';
?>
<div class="opaque-container" role="tablist" aria-multiselectable="true">
<div class="row" style="width: 100%; margin-top: 20px; margin-bottom: 20px">
<div class="col-md-12 opaque-section" style="padding: 0px">
<div class="row box-title-section">
<a class="box-title-link" style="text-decoration: none" >
<h1 class="eve-text" style="margin-top: 10px; text-align: center; font-size: 200%; font-weight: 700">API Key Management</h1>
</a>
</div>
public function tearDown()
{
$this->key->wipe();
$this->owner->wipe();
}
<?php
require_once 'includes/header.php';
use Pheal\Pheal;
use Pheal\Core\Config;
Config::getInstance()->cache = new \Pheal\Cache\MemcacheStorage();
Config::getInstance()->access = new \Pheal\Access\StaticCheck();
// Getting the compliance type
if ($request['action'] == 'api') {
if ($request['value'] == 'refresh') {
$key = new ApiKey($_POST['keyID'], $_POST['vCode'], $_POST['uid'], $db);
if ($key->getKeyStatus() == 1 and $key->getAccessMask() & MINIMUM_API) {
$update = $key->updateApiKey();
if ($update) {
foreach ($key->getCharacters() as $character) {
$char = new Character($character['characterID'], $key->getKeyID(), $key->getVCode(), $key->getAccessMask(), $db, $user);
if ($char->getExistance() or $char->getExistance() == FALSE) {
$char->updateCharacterInfo();
}
}
$refresh = $key->refreshAPIKey();
setAlert('success', 'API Key Refreshed', 'The API key has been successfully refreshed.');
}
} elseif (!($key->getAccessMask() & MINIMUM_API) and $key->getKeyStatus() == 1) {
setAlert('danger', 'The API Key Does Not Meet Minimum Requirements', 'The required minimum Access Mask for API keys is ' . MINIMUM_API . '. Please create a new key using the Create Key link.');
}
}
// We're doing API compliance
$compliance_type = "API";
// Getting a full API-pulled member list
$pheal = new Pheal($settings->getCorpUserID(), $settings->getCorpVCode(), 'corp');
public static function deleteUser($uid)
{
global $db;
$stmt = $db->prepare('SELECT * FROM user_apikeys WHERE uid = ?');
$stmt->execute(array($uid));
$keys = $stmt->fetchAll(PDO::FETCH_ASSOC);
foreach ($keys as $key) {
ApiKey::deleteKey($key['userid'], $uid);
}
$stmt = $db->prepare('SELECT * FROM user_applications WHERE uid = ?');
$stmt->execute(array($uid));
$apps = $stmt->fetchAll(PDO::FETCH_ASSOC);
foreach ($apps as $app) {
$stmt = $db->prepare('DELETE FROM group_application_comments WHERE application_id = ?');
$stmt->execute(array($app['application_id']));
}
$stmt = $db->prepare('DELETE FROM user_applications WHERE uid = ?');
$stmt->execute(array($uid));
$stmt = $db->prepare('DELETE FROM user_accounts WHERE uid = ?');
$stmt->execute(array($uid));
}
*/
/** Setting the minimum access level */
if ($user->getAccessLevel(2)) {
/** Checking to see what type of account page we're loading */
if ($pageRequest[0] == "keys") {
/** Working with API keys*/
$keys = true;
/** Checking to see if we've submitted an action */
if (isset($_POST['action'])) {
/** Checking to see what action we're performing*/
if ($_POST['action'] == 'refresh' || $_POST['action'] == 'add') {
/** Saving our API keys from $_POST */
$keyID = $_POST['keyID'];
$vCode = $_POST['vCode'];
/** Creating an API key object */
$key = new ApiKey($keyID, $vCode, $user, $db);
/** Doing either the add or the refresh action */
$keyUpdate = $key->refreshAPIKey($_POST['action']);
} elseif ($_POST['action'] == 'delete') {
/** Deleting the API Key */
ApiKey::deleteKey($_POST['keyID'], $user, $db);
}
}
$stmt = $db->prepare('SELECT * FROM user_apikeys WHERE userid = ? ORDER BY key_keyid ASC');
$stmt->execute(array($user->getUserID()));
$apiKeys = $stmt->fetchAll(\PDO::FETCH_ASSOC);
$characterArray = array();
if ($stmt->rowCount() >= 1) {
foreach ($apiKeys as $key) {
$stmt_lookup_characters = $db->prepare('SELECT character_id,key_keyid,corporation_id,' . 'alliance_id,sso_character FROM user_characters WHERE key_keyid = ?');
$stmt_lookup_characters->execute(array($key['key_keyid']));
/**
* @before _secure
* @after _csrfToken
*/
public function settings()
{
$this->seo(array("title" => "Settings"));
$view = $this->getActionView();
$user = $this->user;
$org = $this->org;
$search = ['prop' => 'customField', 'propid' => $org->_id];
$meta = Meta::first($search) ?? (object) [];
$view->set('fields', $meta->value ?? []);
$apikey = ApiKey::first(["org_id = ?" => $org->id]);
$mailConf = Meta::first(['prop' => 'orgSmtp', 'propid' => $this->org->_id]) ?? (object) [];
$view->set('mailConf', $mailConf->value ?? [])->set("errors", []);
if (RM::type() == 'POST') {
$action = RM::post('action', '');
switch ($action) {
case 'account':
$user->name = RM::post('name');
$user->currency = RM::post('currency', 'INR');
$user->region = ["currency" => RM::post('currency', 'INR'), "zone" => RM::post('timezone', 'Asia/Kolkata')];
$user->phone = RM::post('phone');
$user->save();
$view->set('message', 'Account Updated!!');
break;
case 'password':
$old = RM::post('password');
$new = RM::post('npassword');
$view->set($user->updatePassword($old, $new));
break;
case 'billing':
$billing = $org->billing;
$billing["aff"]["auto"] = RM::post("autoinvoice", 0);
$billing["aff"]["freq"] = RM::post("freq", 15);
$billing["aff"]["minpay"] = $this->currency(RM::post('minpay', 100));
$billing["aff"]["ptypes"] = RM::post("ptypes");
$billing["adv"]["paypal"] = RM::post("paypal");
$org->billing = $billing;
$org->save();
$this->setOrg($org);
$view->set('message', 'Organization Billing Updated!!');
break;
case 'org':
$meta = $org->meta;
if (RM::post("widgets")) {
$meta["widgets"] = RM::post("widgets");
$org->meta = $meta;
}
$zopim = RM::post("zopim");
$meta["zopim"] = $zopim;
if (strlen($zopim) == 0) {
unset($meta["zopim"]);
}
$org->name = RM::post('name');
$org->meta = $meta;
$org->logo = $this->_upload('logo');
$org->url = RM::post('url');
$org->email = RM::post('email');
$org->save();
$this->setOrg($org);
$view->set('message', 'Network Settings updated!!');
break;
case 'customField':
$label = RM::post("fname");
$type = RM::post("ftype", "text");
$required = RM::post("frequired", 1);
$name = strtolower(str_replace(" ", "_", $label));
$field = ['label' => ucwords($label), 'type' => $type, 'name' => $name, 'required' => (bool) $required];
if (!$label) {
break;
}
if (!is_object($meta) || !is_a($meta, 'Meta')) {
$meta = new Meta($search);
}
$fields = $meta->value;
$fields[] = $field;
$meta->value = $fields;
$meta->save();
$view->set('fields', $meta->value ?? []);
$view->set('message', 'Extra Field Added!!');
break;
case 'smtp':
$msg = \Shared\Services\Smtp::create($this->org);
$view->set('message', $msg);
break;
case 'apikey':
$view->set('message', "Api Key Updated!!");
if (!$apikey) {
$apikey = new ApiKey(['org_id' => $this->org->_id, 'key' => uniqid() . uniqid() . uniqid()]);
$view->set('message', "Api Key Created!!");
}
$apikey->updateIps();
$apikey->save();
break;
}
$this->setUser($user);
}
$view->set("apiKey", $apikey);
if (RM::type() === 'DELETE') {
if (is_a($meta, 'Meta')) {
$meta->delete();
}
$view->set('message', 'Extra Fields removed!!');
}
$img = RM::get("img");
if (RM::get("action") == "removelogo" && $img === $org->logo) {
Utils::media($org->logo, 'remove');
$org->logo = ' ';
$this->setOrg($org);
$org->save();
$this->redirect("/admin/settings.html");
}
}
<input class="form-control" type="text" placeholder="API Key ID" name="keyID">
</fieldset>
<fieldset>
<input class="form-control" type="text" placeholder="API Key Verification Code" name="vCode" style="margin-top: 5px">
</fieldset>
<input class="btn btn-primary btn-lg eve-text pull-right" style="margin-top: 5px; margin-bottom: 5px; border-radius: 0px" type="submit" name="register_step_1" value="Continue">
<a style="color: #65a9cc; margin-top: 15px;" href="/login/" class="pull-left">Already have an account?</a>
</form>
</div>
</div>
</div>
<?php
} elseif ($request['action'] == '2') {
$key = new ApiKey($_POST['keyID'], $_POST['vCode'], 0, $db);
if ($key->getKeyStatus() == 1) {
if ($key->getAccessMask() & MINIMUM_API or $key->getExpiration() != 'No Expiration' or $key->getKeyType() != 'Account') {
?>
<div class="col-md-offset-3 col-md-6 col-sm-offset-2 col-sm-8 mobile-reconfig" style="padding-right: 0px">
<?php
showAlerts();
?>
<div class="col-md-12 opaque-section" style="padding: 0px">
<div class="row box-title-section">
<h3 class="eve-text" style="text-align: center; font-size: 250%"><?php
echo SITE_NAME;
?>
</h3>
</div>
<div class="row" style="padding-left: 10px; padding-right: 10px">
<?php
if (isset($_POST['action'])) {
if ($_POST['action'] == 'refresh' or $_POST['action'] == 'add') {
$keyID = $_POST['keyID'];
$vCode = $_POST['vCode'];
$key = new ApiKey($keyID, $vCode, $user, $db);
$update_type = $_POST['action'];
$keyUpdate = $key->refreshAPIKey($update_type);
if ($keyUpdate and $_POST['action'] == 'refresh') {
setAlert('success', 'API Key Updated', 'The selected API Key has been refreshed, and all character information updated.');
} elseif ($keyUpdate and $_POST['action'] == 'add') {
setAlert('success', 'API Key Added', 'The API Key has been successfully added to the account');
}
} elseif ($_POST['action'] == 'delete') {
ApiKey::deleteKey($_POST['keyID'], $user);
}
}
$stmt = $db->prepare('SELECT * FROM user_apikeys WHERE uid = ? ORDER BY userid ASC');
$stmt->execute(array($user->getUID()));
$apiKeys = $stmt->fetchAll(PDO::FETCH_ASSOC);
require_once 'includes/header.php';
?>
<div class="opaque-container" role="tablist" aria-multiselectable="true">
<div class="row" style="width: 100%; margin-top: 20px; margin-bottom: 20px">
<div class="col-md-12 opaque-section" style="padding: 0px">
<div class="row box-title-section">
<a class="box-title-link" style="text-decoration: none" >
<h1 class="eve-text" style="margin-top: 10px; text-align: center; font-size: 200%; font-weight: 700">API Key Management</h1>
</a>
