//This is an example where authorization is requiered for all tables except for CategoryVisible that is always authorized
ArrestDBConfig::auth(["table" => "Category"], function ($method, $table, $id) {
return true;
});
ArrestDBConfig::auth([], function ($method, $table, $id) {
global $user;
if (!isset($_SERVER['PHP_AUTH_USER']) || !isset($_SERVER['PHP_AUTH_PW'])) {
header('WWW-Authenticate: Basic realm="My Realm"');
header('HTTP/1.0 401 Unauthorized');
echo 'Invalid Auth';
exit;
} else {
$user = $_SERVER['PHP_AUTH_USER'];
$pass = sha1($_SERVER['PHP_AUTH_PW']);
$query = ArrestDB::PrepareQueryGET(["TABLE" => "User", "WHERE" => ["email='{$user}'", "password='******'"]]);
$result = ArrestDB::Query($query);
if (count($result) == 0) {
header('WWW-Authenticate: Basic realm="My Realm"');
header('HTTP/1.0 401 Unauthorized');
echo 'Invalid Auth';
exit;
}
$user = $result[0];
return true;
}
});
/*
ALLOW (OPTIONAL)
It's similar to auth but it's used in other cases when is checked out if it's allowed to execute a method over a table or function. Return true if is allowed. By default all is allowed
}
}
return ArrestDB::Reply($result);
});
ArrestDB::Serve('PUT', '/(#any)/(#num)', function ($table, $id) {
if (empty($GLOBALS['_PUT']) === true) {
$result = ArrestDB::$HTTP[204];
} else {
if (is_array($GLOBALS['_PUT']) === true) {
$data = [];
foreach ($GLOBALS['_PUT'] as $key => $value) {
$data[$key] = sprintf('"%s" = ?', $key);
}
$query = array(sprintf('UPDATE "%s" SET %s WHERE "%s" = ?', $table, implode(', ', $data), 'id'));
$query = sprintf('%s;', implode(' ', $query));
$result = ArrestDB::Query($query, $GLOBALS['_PUT'], $id);
if ($result === false) {
$result = ArrestDB::$HTTP[409];
} else {
$result = ArrestDB::$HTTP[200];
}
}
}
return ArrestDB::Reply($result);
});
exit(ArrestDB::Reply(ArrestDB::$HTTP[400]));
class ArrestDB
{
public static $HTTP = [200 => ['success' => ['code' => 200, 'status' => 'OK']], 201 => ['success' => ['code' => 201, 'status' => 'Created']], 204 => ['error' => ['code' => 204, 'status' => 'No Content']], 400 => ['error' => ['code' => 400, 'status' => 'Bad Request']], 403 => ['error' => ['code' => 403, 'status' => 'Forbidden']], 404 => ['error' => ['code' => 404, 'status' => 'Not Found']], 409 => ['error' => ['code' => 409, 'status' => 'Conflict']], 503 => ['error' => ['code' => 503, 'status' => 'Service Unavailable']]];
public static function Query($query = null)
{
public static function getQuery($query, $extends = null, $id = "")
{
$table = $query["TABLE"];
$query = ArrestDB::PrepareQueryGET($query, false);
$result = ArrestDB::Query($query);
if ($result === false || count($result) == 0) {
return null;
} else {
if (isset($result[0])) {
foreach ($result as $k => $object) {
$result[$k]["__table"] = $table;
}
} else {
$result["__table"] = $table;
}
}
if (isset($extends) === true) {
$extends = explode(",", $extends);
try {
$result = ArrestDB::Extend($result, $extends);
} catch (Exception $e) {
$result = ArrestDB::$HTTP[$e->getCode()];
$result["error"]["detail"] = $e->getMessage();
return ArrestDB::Reply($result);
}
}
if (function_exists("ArrestDB_postProcess")) {
$result = ArrestDB_postProcess('GET', $table, $id, $result);
}
return ArrestDB::ObfuscateId($result);
}
} else {
if (is_array($GLOBALS['_PUT']) === true) {
$query = [];
$query["TABLE"] = $table;
$query["VALUES"] = [];
foreach ($GLOBALS["_PUT"] as $key => $value) {
$query["VALUES"][$key] = $value;
}
if (function_exists("ArrestDB_modify_query")) {
$query = ArrestDB_modify_query("PUT", $table, $id, $query);
}
$data = [];
foreach ($query['VALUES'] as $key => $value) {
$data[$key] = sprintf('"%s" = ?', $key);
}
$query2 = array(sprintf('UPDATE "%s" SET %s WHERE "%s" = ?', $query["TABLE"], implode(', ', $data), ArrestDB::TableKeyName($query["TABLE"])));
$query2 = sprintf('%s;', implode(' ', $query2));
$result = ArrestDB::Query($query2, $query['VALUES'], $id);
if ($result === false) {
$result = ArrestDB::$HTTP[409];
} else {
$result = ArrestDB::$HTTP[200];
if (function_exists(ArrestDB_postProcess)) {
ArrestDB_postProcess("PUT", $table, $id);
}
}
}
}
return ArrestDB::Reply($result);
});
exit(ArrestDB::Reply(ArrestDB::$HTTP[400]));
}
if ($rowCount != $result['result']->rowCount()) {
syslog(LOG_ERR, sprintf('Archived unloaded %d rows but delete removed %d rows - rolling back.', $rowCount, $result['result']->rowCount()));
$result = ArrestDB::Query('ROLLBACK');
if ($result === false) {
http_response_code(400);
exit('Unable to ROLLBACK transaction!! Oh noes...');
}
}
$result = ArrestDB::Query('COMMIT');
if ($result === false) {
http_response_code(400);
exit('Unable to COMMIT transaction');
}
} catch (Exception $e) {
$result = ArrestDB::Query('ROLLBACK');
if ($result === false) {
http_response_code(400);
exit('Unable to ROLLBACK transaction!! Oh noes...');
}
}
http_response_code(201);
header(sprintf('Location: %s/%s', $ARCHIVE_URI_PREFIX, basename($archive)));
return ArrestDB::Reply(['count' => $rowCount]);
});
ArrestDB::Serve('DELETE', '/(#any)', function () {
http_response_code(400);
exit('Not yet implemented');
});
http_response_code(400);
exit('Request failed to match');
$queries[] = array(sprintf('%s;', implode(' ', $query)), $data);
}
if (count($queries) > 1) {
ArrestDB::Query()->beginTransaction();
while (is_null($query = array_shift($queries)) !== true) {
if (($result = ArrestDB::Query($query[0], $query[1])) === false) {
ArrestDB::Query()->rollBack();
break;
}
}
if ($result !== false && ArrestDB::Query()->inTransaction() === true) {
$result = ArrestDB::Query()->commit();
}
} else {
if (is_null($query = array_shift($queries)) !== true) {
$result = ArrestDB::Query($query[0], $query[1]);
}
}
if ($result === false) {
$result = ArrestDB::$HTTP[409];
} else {
$result = ArrestDB::$HTTP[201];
}
}
}
return ArrestDB::Reply($result);
});
/* we don't need to have update enabled, commenting out this block
ArrestDB::Serve('PUT', '/(#any)/(#num)', function ($table, $id)
{
if (empty($GLOBALS['_PUT']) === true)
