Exemplo n.º 1
0
//This is an example where authorization is requiered for all tables except for CategoryVisible that is always authorized
ArrestDBConfig::auth(["table" => "Category"], function ($method, $table, $id) {
    return true;
});
ArrestDBConfig::auth([], function ($method, $table, $id) {
    global $user;
    if (!isset($_SERVER['PHP_AUTH_USER']) || !isset($_SERVER['PHP_AUTH_PW'])) {
        header('WWW-Authenticate: Basic realm="My Realm"');
        header('HTTP/1.0 401 Unauthorized');
        echo 'Invalid Auth';
        exit;
    } else {
        $user = $_SERVER['PHP_AUTH_USER'];
        $pass = sha1($_SERVER['PHP_AUTH_PW']);
        $query = ArrestDB::PrepareQueryGET(["TABLE" => "User", "WHERE" => ["email='{$user}'", "password='******'"]]);
        $result = ArrestDB::Query($query);
        if (count($result) == 0) {
            header('WWW-Authenticate: Basic realm="My Realm"');
            header('HTTP/1.0 401 Unauthorized');
            echo 'Invalid Auth';
            exit;
        }
        $user = $result[0];
        return true;
    }
});
/*
	ALLOW (OPTIONAL)
	
	It's similar to auth but it's used in other cases when is checked out if it's allowed to execute a method over a table or function. Return true if is allowed. By default all is allowed
	
Exemplo n.º 2
0
Arquivo: index.php Projeto: r67/cose
        }
    }
    return ArrestDB::Reply($result);
});
ArrestDB::Serve('PUT', '/(#any)/(#num)', function ($table, $id) {
    if (empty($GLOBALS['_PUT']) === true) {
        $result = ArrestDB::$HTTP[204];
    } else {
        if (is_array($GLOBALS['_PUT']) === true) {
            $data = [];
            foreach ($GLOBALS['_PUT'] as $key => $value) {
                $data[$key] = sprintf('"%s" = ?', $key);
            }
            $query = array(sprintf('UPDATE "%s" SET %s WHERE "%s" = ?', $table, implode(', ', $data), 'id'));
            $query = sprintf('%s;', implode(' ', $query));
            $result = ArrestDB::Query($query, $GLOBALS['_PUT'], $id);
            if ($result === false) {
                $result = ArrestDB::$HTTP[409];
            } else {
                $result = ArrestDB::$HTTP[200];
            }
        }
    }
    return ArrestDB::Reply($result);
});
exit(ArrestDB::Reply(ArrestDB::$HTTP[400]));
class ArrestDB
{
    public static $HTTP = [200 => ['success' => ['code' => 200, 'status' => 'OK']], 201 => ['success' => ['code' => 201, 'status' => 'Created']], 204 => ['error' => ['code' => 204, 'status' => 'No Content']], 400 => ['error' => ['code' => 400, 'status' => 'Bad Request']], 403 => ['error' => ['code' => 403, 'status' => 'Forbidden']], 404 => ['error' => ['code' => 404, 'status' => 'Not Found']], 409 => ['error' => ['code' => 409, 'status' => 'Conflict']], 503 => ['error' => ['code' => 503, 'status' => 'Service Unavailable']]];
    public static function Query($query = null)
    {
Exemplo n.º 3
0
 public static function getQuery($query, $extends = null, $id = "")
 {
     $table = $query["TABLE"];
     $query = ArrestDB::PrepareQueryGET($query, false);
     $result = ArrestDB::Query($query);
     if ($result === false || count($result) == 0) {
         return null;
     } else {
         if (isset($result[0])) {
             foreach ($result as $k => $object) {
                 $result[$k]["__table"] = $table;
             }
         } else {
             $result["__table"] = $table;
         }
     }
     if (isset($extends) === true) {
         $extends = explode(",", $extends);
         try {
             $result = ArrestDB::Extend($result, $extends);
         } catch (Exception $e) {
             $result = ArrestDB::$HTTP[$e->getCode()];
             $result["error"]["detail"] = $e->getMessage();
             return ArrestDB::Reply($result);
         }
     }
     if (function_exists("ArrestDB_postProcess")) {
         $result = ArrestDB_postProcess('GET', $table, $id, $result);
     }
     return ArrestDB::ObfuscateId($result);
 }
Exemplo n.º 4
0
    } else {
        if (is_array($GLOBALS['_PUT']) === true) {
            $query = [];
            $query["TABLE"] = $table;
            $query["VALUES"] = [];
            foreach ($GLOBALS["_PUT"] as $key => $value) {
                $query["VALUES"][$key] = $value;
            }
            if (function_exists("ArrestDB_modify_query")) {
                $query = ArrestDB_modify_query("PUT", $table, $id, $query);
            }
            $data = [];
            foreach ($query['VALUES'] as $key => $value) {
                $data[$key] = sprintf('"%s" = ?', $key);
            }
            $query2 = array(sprintf('UPDATE "%s" SET %s WHERE "%s" = ?', $query["TABLE"], implode(', ', $data), ArrestDB::TableKeyName($query["TABLE"])));
            $query2 = sprintf('%s;', implode(' ', $query2));
            $result = ArrestDB::Query($query2, $query['VALUES'], $id);
            if ($result === false) {
                $result = ArrestDB::$HTTP[409];
            } else {
                $result = ArrestDB::$HTTP[200];
                if (function_exists(ArrestDB_postProcess)) {
                    ArrestDB_postProcess("PUT", $table, $id);
                }
            }
        }
    }
    return ArrestDB::Reply($result);
});
exit(ArrestDB::Reply(ArrestDB::$HTTP[400]));
Exemplo n.º 5
0
        }
        if ($rowCount != $result['result']->rowCount()) {
            syslog(LOG_ERR, sprintf('Archived unloaded %d rows but delete removed %d rows - rolling back.', $rowCount, $result['result']->rowCount()));
            $result = ArrestDB::Query('ROLLBACK');
            if ($result === false) {
                http_response_code(400);
                exit('Unable to ROLLBACK transaction!! Oh noes...');
            }
        }
        $result = ArrestDB::Query('COMMIT');
        if ($result === false) {
            http_response_code(400);
            exit('Unable to COMMIT transaction');
        }
    } catch (Exception $e) {
        $result = ArrestDB::Query('ROLLBACK');
        if ($result === false) {
            http_response_code(400);
            exit('Unable to ROLLBACK transaction!! Oh noes...');
        }
    }
    http_response_code(201);
    header(sprintf('Location: %s/%s', $ARCHIVE_URI_PREFIX, basename($archive)));
    return ArrestDB::Reply(['count' => $rowCount]);
});
ArrestDB::Serve('DELETE', '/(#any)', function () {
    http_response_code(400);
    exit('Not yet implemented');
});
http_response_code(400);
exit('Request failed to match');
Exemplo n.º 6
0
                $queries[] = array(sprintf('%s;', implode(' ', $query)), $data);
            }
            if (count($queries) > 1) {
                ArrestDB::Query()->beginTransaction();
                while (is_null($query = array_shift($queries)) !== true) {
                    if (($result = ArrestDB::Query($query[0], $query[1])) === false) {
                        ArrestDB::Query()->rollBack();
                        break;
                    }
                }
                if ($result !== false && ArrestDB::Query()->inTransaction() === true) {
                    $result = ArrestDB::Query()->commit();
                }
            } else {
                if (is_null($query = array_shift($queries)) !== true) {
                    $result = ArrestDB::Query($query[0], $query[1]);
                }
            }
            if ($result === false) {
                $result = ArrestDB::$HTTP[409];
            } else {
                $result = ArrestDB::$HTTP[201];
            }
        }
    }
    return ArrestDB::Reply($result);
});
/*  we don't need to have update enabled, commenting out this block
ArrestDB::Serve('PUT', '/(#any)/(#num)', function ($table, $id)
{
	if (empty($GLOBALS['_PUT']) === true)