/** * Processes a POST (if there was one) of the registration form. If there was not a successful registration, then modifies * the data passed in to contain the values which WERE posted (to make form re-submission easier). Returns 'true' if there * was a successful registration, false if there was no registration attempt or an error. * * If registration is successful, also sets 'apiKey' key in the 'data' array to the new API key that was created. * * @param data - array - an associative array whose keys are the names of the the variables for the template, and whose values should * be the default values for those fields. This will be modified (overridden) by any of those values which were posted * to this page. * @return mixed - boolean true if there was a successful registration, false if there was no registration or a failed attempt. If there was * an error, that will be added to the 'data' array under the key 'errorString'. */ public static function processPost(&$data) { $didRegister = false; if (ApiGate::getPost('formName') == "apiGate_register") { $firstName = ApiGate::getPost('firstName'); $lastName = ApiGate::getPost('lastName'); $email_1 = ApiGate::getPost('email_1'); $email_2 = ApiGate::getPost('email_2'); // Validate the input. $errorString = ""; $errorString = ApiGate_Register::validateNameAndEmail($firstName, $lastName, $email_1, $email_2, $errorString); // If input was valid, attempt to create a key. if ($errorString == "") { // Create a new API key and store it to the database with the values provided. $apiKey = self::generateKey(); $userId = ApiGate_Config::getUserId(); // This is in library-code (not MediaWiki) so build the query by hand. $dbw = ApiGate_Config::getMasterDb(); $queryString = "INSERT INTO /* ApiGate_Register::processPost() */" . ApiGate::TABLE_KEYS . " (user_id, apiKey, email, firstName, lastName) VALUES ("; $queryString .= "'" . mysql_real_escape_string($userId, $dbw) . "', "; $queryString .= "'" . mysql_real_escape_string($apiKey, $dbw) . "', "; $queryString .= "'" . mysql_real_escape_string($email_1, $dbw) . "', "; $queryString .= "'" . mysql_real_escape_string($firstName, $dbw) . "', "; $queryString .= "'" . mysql_real_escape_string($lastName, $dbw) . "')"; if (ApiGate::sendQuery($queryString)) { ApiGate::sendQuery("COMMIT"); // MediaWiki was randomly not saving the row without this. $data['apiKey'] = $apiKey; $didRegister = true; } else { $errorString .= "\n" . i18n('apigate-mysql-error'); $errorString .= "\n<br/><br/>" . mysql_error($dbw); } } if ($errorString != "") { $errorString = trim($errorString); $errorString = str_replace("\n", "<br/>", $errorString); $data['errorString'] = $errorString; } } return $didRegister; }
/** * Shows a small module of the API keys for the user provided. If no user is provided, uses the currently logged in user. * * Allows explicitly specifying the keys (for performance reasons, if you've already looked them up). * * @param userId - mixed - (optional) userId of the user whose keys should be shown. If null or not provided, then it will use * the currently logged in user. * @param keyData - array - (optional) array of keys and key nicknames for the user in the format provided by ApiGate::getKeyDataByUserId. * If provided, this will be assumed to be the correct list of keys * so they will not be looked up from the database using the userId provided (or the default user as described in userId's * param documentation above. */ public function subpage_userKeys($userId = null, $keyData = null) { wfProfileIn(__METHOD__); if ($userId == null) { $userId = ApiGate_Config::getUserId(); } if ($keyData == null) { $keyData = ApiGate::getKeyDataByUserId($userId); } $data = array('userId' => $userId, 'keyData' => $keyData); $html = ApiGate_Dispatcher::renderTemplate("userKeys", $data); wfProfileOut(__METHOD__); return $html; }
/** * @return boolean - true if the currently-logged in user is allowed to view the info for this key, false otherwise. * Currently, to view the key, the user must be the owner of the key or an API Gate admin. */ public function canBeViewedByCurrentUser() { return $this->userId == ApiGate_Config::getUserId() || ApiGate_Config::isAdmin(); }