function post_xhr() { if ($this->checkAuth()) { $usernameOrEmail = mb_strtolower($_POST['usernameOrEmail']); if (mb_strlen($usernameOrEmail) >= 8 && preg_match('/^[a-zA-Z0-9_\\-]+$/', $usernameOrEmail) || filter_var($usernameOrEmail, FILTER_VALIDATE_EMAIL)) { $secondFactor = mb_strtolower($_POST['secondFactor']); if (ctype_alnum($secondFactor) || empty($secondFactor)) { $answer = mb_strtolower($_POST['answer']); if (mb_strlen($answer) >= 6 || empty($answer)) { $newPassword = $_POST['passwordForgot']; $newRetypedPassword = $_POST['passwordRetypedForgot']; if ($newPassword == $newRetypedPassword) { $userForgot = new AuthUser(); $responseArr = $userForgot->forgotPassword($usernameOrEmail, $secondFactor, $answer, $newPassword); if ($responseArr['continue'] == true) { echo json_encode(StatusReturn::S200($responseArr)); } else { echo json_encode(StatusReturn::E400('Unknown Error 5')); } } else { echo json_encode(StatusReturn::E400('Unknown Error 4')); } } else { echo json_encode(StatusReturn::E400('Unknown Error')); } } else { echo json_encode(StatusReturn::E400('Unknown Error')); } } else { echo json_encode(StatusReturn::E400('Unknown Error')); } } }
function post() { if ($this->checkAuth()) { if (AvailablePaymentMethodsData::hasBitPay()) { $jsonObj = json_decode(file_get_contents("php://input")); if (json_last_error() == JSON_ERROR_NONE) { //file_put_contents('IPNData.txt', print_r($jsonObj, true)); $payment = new PaymentSystem(); $posDataObj = json_decode($jsonObj->posData); $invoiceArr = explode(',', $posDataObj->invoiceList); if (json_last_error() == JSON_ERROR_NONE) { //file_put_contents('IPNPosData.txt', print_r($invoiceArr, true)); // todo: maybe confirm posData for extra Security? if ($payment->confirmBitPayPaidComplete($jsonObj->id)) { // todo: compare amounts paid vs invoice amount //file_put_contents('here1.txt', $posDataObj->userID); $payment->updateInvoicesPaid($invoiceArr, $jsonObj->id, PaymentMethod::BitPay, $posDataObj->userID); } else { if ($payment->confirmBitPayPending($jsonObj->id)) { //file_put_contents('here2.txt', $posDataObj->userID); $payment->updateInvoicesPending($invoiceArr, $posDataObj->userID); } } } else { // todo: record error somewhere } echo json_encode(StatusReturn::S200()); } else { echo json_encode(StatusReturn::E400('Bad JSON!')); } } else { echo json_encode(StatusReturn::E404('404 Not Found!')); } } }
function get_xhr() { if ($this->checkAuth()) { // todo: list pages of the modules echo json_encode(StatusReturn::S200()); } }
function get_xhr($email) { if ($this->checkAuth()) { if (!AuthUserData::emailExist(mb_strtolower($email))) { echo json_encode(StatusReturn::S200()); } else { echo json_encode(StatusReturn::E400('Email Already Being Used!')); } } }
function get_xhr($authUser) { if ($this->checkAuth()) { if (!AuthUserData::userExist(mb_strtolower($authUser))) { echo json_encode(StatusReturn::S200()); } else { echo json_encode(StatusReturn::E400('Username Exists Already!')); } } }
function get_xhr() { if ($this->checkAuth()) { $availableFactors = AvailableFactorsData::getAvailableFactors(); foreach ($availableFactors as $key => $value) { $availableFactors[$key]['available'] = $value['available'] == "1"; } $availableRoles = AuthUserRolesData::getAvailableRoles(); $availablePaymentMethods = AvailablePaymentMethodsData::getAvailablePaymentMethods(); $availablePackages = AvailablePackagesData::getAvailablePackages(); $newAvailablePackages = array(); foreach ($availablePackages as $package) { $newAvailablePackages[$package['packageGroup']][] = $package; } echo json_encode(StatusReturn::S200(array("availableFactors" => $availableFactors, "availableRoles" => $availableRoles, "availablePaymentMethods" => $availablePaymentMethods, "availablePackages" => $newAvailablePackages))); } }
function post_xhr() { if ($this->checkAuth()) { if (!empty($_POST['oldPassword']) && !empty($_POST['newPassword'])) { $headers = getallheaders(); $newUser = new AuthUser(); $newUser->loadUser(mb_strtolower($headers['Auth-User'])); if ($newUser->setPassword($_POST['oldPassword'], $_POST['newPassword'])) { echo json_encode(StatusReturn::S200()); } else { echo json_encode(StatusReturn::E400('Unknown Error')); } } else { echo json_encode(StatusReturn::E400('Unknown Error')); } } }
function post_xhr() { if ($this->checkAuth()) { if (!empty($_POST['question']) && isset($_POST['answer']) && mb_strlen($_POST['answer']) >= _SECURITY_ANSWER_MIN_LENGTH_) { $headers = getallheaders(); $newUser = new AuthUser(); $newUser->loadUser(mb_strtolower($headers['Auth-User'])); if ($newUser->setQuestion($_POST['question'], mb_strtolower($_POST['answer']))) { echo json_encode(StatusReturn::S200()); } else { echo json_encode(StatusReturn::E400('Unknown Error')); } } else { echo json_encode(StatusReturn::E400('Unknown Error')); } } }
function post_xhr() { if ($this->checkAuth()) { if (isset($_POST['user'], $_POST['answer']) && mb_strlen($_POST['user']) >= _USERNAME_MIN_LENGTH_ && preg_match('/^[a-zA-Z0-9_\\-]+$/', $_POST['user']) && !empty($_POST['email']) && filter_var($_POST['email'], FILTER_VALIDATE_EMAIL) && !empty($_POST['question']) && mb_strlen($_POST['answer']) >= _SECURITY_ANSWER_MIN_LENGTH_ && !empty($_POST['password']) && (empty($_POST['factor']) || mb_strlen($_POST['answer']) >= _SECURITY_ANSWER_MIN_LENGTH_)) { $newUser = new AuthUser(); if ($newUser->createUser(mb_strtolower($_POST['user']), mb_strtolower($_POST['email']), $_POST['password'], $_POST['question'], mb_strtolower($_POST['answer']), $_POST['factor'])) { if (isset($_POST['lang']) && $_POST['lang'] != '' && mb_strlen($_POST['lang']) == 2 && ctype_alpha($_POST['lang'])) { $newUser->setLanguage($_POST['lang']); } echo json_encode(StatusReturn::S200()); } else { echo json_encode(StatusReturn::E400('Unknown Error')); } } else { echo json_encode(StatusReturn::E400('Unknown Error')); } } }
function post_xhr() { if ($this->checkAuth()) { if (isset($_POST['baseLang'], $_POST['twoFactorType']) && !empty($_POST['baseLang']) && TwoFactor::isValidValue($_POST['twoFactorType'], false)) { $headers = getallheaders(); $newUser = new AuthUser(); $newUser->loadUser(mb_strtolower($headers['Auth-User'])); $packages = array(); if (isset($_POST['packages'])) { $packages = $_POST['packages']; } if ($newUser->setSettings($_POST['baseLang'], $_POST['twoFactorType'], $packages)) { echo json_encode(StatusReturn::S200()); } else { echo json_encode(StatusReturn::E400('Failed to save settings!')); } } else { echo json_encode(StatusReturn::E400('Missing or bad data!')); } } }
function post_xhr() { if ($this->checkAuth()) { echo json_encode(StatusReturn::S200("made it here")); } }
* PHP Version 5.6.18 * @package PHP-REST-API * @author Marc Godard <*****@*****.**> * @copyright 2016 Marc Godard * @license http://www.gnu.org/copyleft/lesser.html GNU Lesser General Public License * @note This program is distributed in the hope that it will be useful - WITHOUT * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or * FITNESS FOR A PARTICULAR PURPOSE. */ use PHP_REST_API\Modules\Modules; use PHP_REST_API\ApiAuthRouter; use PHP_REST_API\ApiAuthRouterHook; use PHP_REST_API\Helpers\StatusReturn; error_reporting(E_ALL); date_default_timezone_set('UTC'); //set_error_handler('\\PHP_REST_API\\Helpers\\ErrorHandling::errorHandler'); //set_exception_handler('\\PHP_REST_API\\Helpers\\ErrorHandling::exceptionHandler'); require_once 'system/Constants.php'; /* AutoLoaders */ require_once 'system/Libraries/autoload.php'; require_once "system/AutoLoader.php"; ApiAuthRouterHook::add("404", function () { echo json_encode(StatusReturn::E404('404 Not Found!')); }); ApiAuthRouterHook::add("404Web", function () { StatusReturn::WEB404(); }); $controllersArray = array('/' => array('controller' => 'WebSPA', 'auth' => false), '/:uuidV4/' => array('controller' => 'InvoiceDownload', 'auth' => false), '/bit-pay-ipn/' => array('controller' => 'BitPayIPN', 'auth' => false), '/api/check-username/:alphaNumPlus/' => array('controller' => 'SignUpUserName', 'auth' => false), '/api/check-email/:email/' => array('controller' => 'SignUpEmail', 'auth' => false), '/api/sign-up/' => array('controller' => 'SignUp', 'auth' => false), '/api/forgot-password/' => array('controller' => 'ForgotPassword', 'auth' => false), '/api/initiate/' => array('controller' => 'InitiateConnection', 'roles' => array('i18nAdmin', 'i18nUser'), 'whenLocked' => true, 'initialize' => true), '/api/check-login/' => array('controller' => 'CheckLogin', 'roles' => array('i18nAdmin', 'i18nUser'), 'whenLocked' => true), '/api/account-settings/' => array('controller' => 'AccountSettings', 'roles' => array('i18nAdmin', 'i18nUser'), 'whenLocked' => true), '/api/system-variables/' => array('controller' => 'SystemVariables', 'roles' => array('i18nAdmin', 'i18nUser'), 'whenLocked' => true), '/api/change-password/' => array('controller' => 'ChangePassword', 'roles' => array('i18nAdmin', 'i18nUser'), 'whenLocked' => true), '/api/change-question/' => array('controller' => 'ChangeSecurityQuestion', 'roles' => array('i18nAdmin', 'i18nUser'), 'whenLocked' => true), '/api/manage-users/:alphaNumPlus/' => array('controller' => 'ManageUsers', 'roles' => array('i18nAdmin', 'i18nManage'), 'whenLocked' => true), '/api/manage-users/' => array('controller' => 'ManageUsers', 'roles' => array('i18nAdmin', 'i18nManage'), 'whenLocked' => true), '/api/billing/:string/:number/' => array('controller' => 'Billing', 'roles' => array('i18nAdmin', 'i18nManage'), 'whenLocked' => true), '/api/billing/:string/' => array('controller' => 'Billing', 'roles' => array('i18nAdmin', 'i18nManage'), 'whenLocked' => true), '/api/billing/' => array('controller' => 'Billing', 'roles' => array('i18nAdmin', 'i18nManage'), 'whenLocked' => true), '/api/pages/' => array('controller' => 'ModulePages', 'roles' => array('i18nAdmin', 'i18nManage', 'i18nUser'), 'whenLocked' => true)); $modules = new Modules(); $controllersArray = array_merge($controllersArray, $modules->getAllRoutes()); ApiAuthRouter::serve($controllersArray);
function delete_xhr($type, $paymentProfileID) { if ($this->checkAuth()) { $headers = getallheaders(); $userPay = new PaymentSystem(); $userPay->loadUser(mb_strtolower($headers['Auth-User'])); if ($type == 'profiles') { if (isset($paymentProfileID) && $userPay->delPaymentProfile($paymentProfileID)) { echo json_encode(StatusReturn::S200()); } else { echo json_encode(StatusReturn::E400('Profile Missing!')); } } else { echo json_encode(StatusReturn::E404('404 Not Found!')); } } }
function delete_xhr($userID) { if ($this->checkAuth()) { if (AuthUserData::userExistByID($userID)) { $headers = getallheaders(); $subUser = new AuthSubUser(mb_strtolower($headers['Auth-User']), (int) $userID); if ($subUser->delUser()) { echo json_encode(StatusReturn::S200()); } else { echo json_encode(StatusReturn::E400('Error')); } } } }