const SHRUB_PATH = "../../src/shrub/src/"; include_once __DIR__ . "/" . CONFIG_PATH . "config.php"; require_once __DIR__ . "/" . SHRUB_PATH . "api.php"; json_Begin(); // Do Actions // switch ($REQUEST[0]) { case 'set': json_ValidateHTTPMethod('POST'); if (user_AuthIsAdmin()) { json_EmitFatalError_NotImplemented(null, $RESPONSE); /// @todo sanitize (don't let API create fields) /// @todo Do a set if (false) { json_RespondCreated(); } else { json_EmitFatalError_Server(null, $RESPONSE); } } else { json_EmitFatalError_Permission(null, $RESPONSE); } break; case 'get': json_ValidateHTTPMethod('GET'); if (user_AuthIsAdmin()) { $RESPONSE['global'] = $SH; } else { json_EmitFatalError_Permission(null, $RESPONSE); } break; default: json_EmitFatalError_Forbidden(null, $RESPONSE);
if (!user_AuthKeyClear($id)) { json_EmitFatalError_Server("Unable to clear key", $RESPONSE); } // @TODO send confirmation e-mail // Successfully Created. json_RespondCreated(); } else { json_EmitFatalError_Server("Unable to add node", $RESPONSE); } } } } } else { // Keys don't match. This may be an attempt to hijack the account, so destroy the key. if (!user_AuthKeyClear($id)) { json_EmitFatalError_Server("Unable to clear key", $RESPONSE); } json_EmitFatalError_Permission(null, $RESPONSE); } } else { json_EmitFatalError_Permission(null, $RESPONSE); } } else { json_EmitFatalError_BadRequest(null, $RESPONSE); } break; case 'login': json_ValidateHTTPMethod('POST'); $login = null; $pw = null; $secret = null;