Home Explore Help
Sign In
epsylon
/
Elgg-Lorea-Hydra
Watch 1
Star 0
Fork 0
Files Issues 0 Pull Requests 0
Branch: master
Branches Tags
Elgg-Lorea-H...
/
mod
/
web_services
/
lib
/
api_user.php

api_user.php 1.8 KB
Permalink History Raw

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677 
  1. <?php
    2. 

  2. /**
    3. 

  3.  * A library for managing users of the web services API
    4. 

  4.  */
    5. 

  5. 

  6. // API key functions /////////////////////////////////////////////////////////////////////
    7. 

  7. 

  8. /**
    9. 

  9.  * Generate a new API user for a site, returning a new keypair on success.
    10. 

  10.  *
    11. 

  11.  * @param int $site_guid The GUID of the site. (default is current site)
    12. 

  12.  *
    13. 

  13.  * @return stdClass object or false
    14. 

  14.  */
    15. 

  15. function create_api_user($site_guid) {
    16. 

  16. 	global $CONFIG;
    17. 

  17. 

  18. 	if (!isset($site_guid)) {
    19. 

  19. 		$site_guid = $CONFIG->site_id;
    20. 

  20. 	}
    21. 

  21. 

  22. 	$site_guid = (int)$site_guid;
    23. 

  23. 

  24. 	$public = sha1(rand() . $site_guid . microtime());
    25. 

  25. 	$secret = sha1(rand() . $site_guid . microtime() . $public);
    26. 

  26. 

  27. 	$insert = insert_data("INSERT into {$CONFIG->dbprefix}api_users
    28. 

  28. 		(site_guid, api_key, secret) values
    29. 

  29. 		($site_guid, '$public', '$secret')");
    30. 

  30. 

  31. 	if ($insert) {
    32. 

  32. 		return get_api_user($site_guid, $public);
    33. 

  33. 	}
    34. 

  34. 

  35. 	return false;
    36. 

  36. }
    37. 

  37. 

  38. /**
    39. 

  39.  * Find an API User's details based on the provided public api key.
    40. 

  40.  * These users are not users in the traditional sense.
    41. 

  41.  *
    42. 

  42.  * @param int    $site_guid The GUID of the site.
    43. 

  43.  * @param string $api_key   The API Key
    44. 

  44.  *
    45. 

  45.  * @return mixed stdClass representing the database row or false.
    46. 

  46.  */
    47. 

  47. function get_api_user($site_guid, $api_key) {
    48. 

  48. 	global $CONFIG;
    49. 

  49. 

  50. 	$api_key = sanitise_string($api_key);
    51. 

  51. 	$site_guid = (int)$site_guid;
    52. 

  52. 

  53. 	$query = "SELECT * from {$CONFIG->dbprefix}api_users"
    54. 

  54. 	. " where api_key='$api_key' and site_guid=$site_guid and active=1";
    55. 

  55. 

  56. 	return get_data_row($query);
    57. 

  57. }
    58. 

  58. 

  59. /**
    60. 

  60.  * Revoke an api user key.
    61. 

  61.  *
    62. 

  62.  * @param int    $site_guid The GUID of the site.
    63. 

  63.  * @param string $api_key   The API Key (public).
    64. 

  64.  *
    65. 

  65.  * @return bool
    66. 

  66.  */
    67. 

  67. function remove_api_user($site_guid, $api_key) {
    68. 

  68. 	global $CONFIG;
    69. 

  69. 

  70. 	$keypair = get_api_user($site_guid, $api_key);
    71. 

  71. 	if ($keypair) {
    72. 

  72. 		return delete_data("DELETE from {$CONFIG->dbprefix}api_users where id={$keypair->id}");
    73. 

  73. 	}
    74. 

  74. 

  75. 	return false;
    76. 

  76. }
    77. 

  77.