From 3ba4b2c1c1ffa8275337857e10c250b338e15170 Mon Sep 17 00:00:00 2001
From: redmatrix <git@macgirvin.com>
Date: Thu, 11 Aug 2016 17:02:52 -0700
Subject: A bit of api cleanup. Don't get excited. This is like a 0.005%
 cleanup but you have to start somewhere.

---
 Zotlabs/Lib/Api_router.php |  24 +++++++
 Zotlabs/Module/Api.php     |  55 ++++++--------
 include/api.php            | 176 +++++++++++++++++++++++----------------------
 include/text.php           |  35 +++++++++
 4 files changed, 173 insertions(+), 117 deletions(-)
 create mode 100644 Zotlabs/Lib/Api_router.php

diff --git a/Zotlabs/Lib/Api_router.php b/Zotlabs/Lib/Api_router.php
new file mode 100644
index 000000000..404678bd9
--- /dev/null
+++ b/Zotlabs/Lib/Api_router.php
@@ -0,0 +1,24 @@
+<?php
+
+namespace Zotlabs\Lib;
+
+
+class Api_router {
+
+	static private $routes = array();
+
+	static function register($path,$fn,$auth_required) {
+		self::$routes[$path] = [ 'func' => $fn, 'auth' => $auth_required ];
+	}
+
+	static function find($path) {
+		if(array_key_exists($path,self::$routes))
+			return self::$routes[$path];
+		return null;
+	}
+
+	static function dbg() {
+		return self::$routes;
+	}
+
+}
\ No newline at end of file
diff --git a/Zotlabs/Module/Api.php b/Zotlabs/Module/Api.php
index e4744c29f..7f8aed48d 100644
--- a/Zotlabs/Module/Api.php
+++ b/Zotlabs/Module/Api.php
@@ -8,20 +8,15 @@ require_once('include/api.php');
 class Api extends \Zotlabs\Web\Controller {
 
 	function post() {
-	
 		if(! local_channel()) {
 			notice( t('Permission denied.') . EOL);
 			return;
 		}
 	
-		if(count(\App::$user) && x(\App::$user,'uid') && \App::$user['uid'] != local_channel()) {
-			notice( t('Permission denied.') . EOL);
-			return;
-		}
-	
 	}
 	
-		function get() {
+	function get() {
+
 		if(\App::$cmd=='api/oauth/authorize'){
 	
 			/* 
@@ -33,7 +28,8 @@ class Api extends \Zotlabs\Web\Controller {
 			// get consumer/client from request token
 			try {
 				$request = OAuth1Request::from_request();
-			} catch(Exception $e) {
+			}
+			catch(Exception $e) {
 				echo "<pre>"; var_dump($e); killme();
 			}
 			
@@ -41,17 +37,20 @@ class Api extends \Zotlabs\Web\Controller {
 			if(x($_POST,'oauth_yes')){
 			
 				$app = $this->oauth_get_client($request);
-				if (is_null($app)) return "Invalid request. Unknown token.";
+				if (is_null($app)) 
+					return "Invalid request. Unknown token.";
+
 				$consumer = new OAuth1Consumer($app['client_id'], $app['pw'], $app['redirect_uri']);
 	
 				$verifier = md5($app['secret'].local_channel());
 				set_config("oauth", $verifier, local_channel());
 				
 				
-				if($consumer->callback_url!=null) {
+				if($consumer->callback_url != null) {
 					$params = $request->get_parameters();
-					$glue="?";
-					if (strstr($consumer->callback_url,$glue)) $glue="?";
+					$glue = '?';
+					if(strstr($consumer->callback_url,$glue))
+						$glue = '?';
 					goaway($consumer->callback_url . $glue . "oauth_token=" . OAuth1Util::urlencode_rfc3986($params['oauth_token']) . "&oauth_verifier=" . OAuth1Util::urlencode_rfc3986($verifier));
 					killme();
 				}
@@ -59,7 +58,7 @@ class Api extends \Zotlabs\Web\Controller {
 				$tpl = get_markup_template("oauth_authorize_done.tpl");
 				$o = replace_macros($tpl, array(
 					'$title' => t('Authorize application connection'),
-					'$info' => t('Return to your app and insert this Securty Code:'),
+					'$info' => t('Return to your app and insert this Security Code:'),
 					'$code' => $verifier,
 				));
 			
@@ -72,14 +71,11 @@ class Api extends \Zotlabs\Web\Controller {
 				notice( t('Please login to continue.') . EOL );
 				return login(false,'api-login',$request->get_parameters());
 			}
-			//FKOAuth1::loginUser(4);
 			
 			$app = $this->oauth_get_client($request);
-			if (is_null($app)) return "Invalid request. Unknown token.";
-			
-			
-	
-			
+			if (is_null($app))
+				return "Invalid request. Unknown token.";
+						
 			$tpl = get_markup_template('oauth_authorize.tpl');
 			$o = replace_macros($tpl, array(
 				'$title' => t('Authorize application connection'),
@@ -100,23 +96,18 @@ class Api extends \Zotlabs\Web\Controller {
 
 	function oauth_get_client($request){
 
-	
 		$params = $request->get_parameters();
-		$token = $params['oauth_token'];
+		$token  = $params['oauth_token'];
 	
-		$r = q("SELECT `clients`.* 
-			FROM `clients`, `tokens` 
-			WHERE `clients`.`client_id`=`tokens`.`client_id` 
-			AND `tokens`.`id`='%s' AND `tokens`.`auth_scope`='request'",
-			dbesc($token));
+		$r = q("SELECT clients.* FROM clients, tokens WHERE clients.client_id = tokens.client_id 
+			AND tokens.id = '%s' AND tokens.auth_scope = 'request' ",
+			dbesc($token)
+		);
+		if($r)
+			return $r[0];
 
-		if (!count($r))
-			return null;
+		return null;
 	
-		return $r[0];
 	}
 	
-	
-	
-	
 }
diff --git a/include/api.php b/include/api.php
index 2587a72bb..9725c6dc0 100644
--- a/include/api.php
+++ b/include/api.php
@@ -62,9 +62,10 @@ require_once('include/api_auth.php');
 
 
 	function api_register_func($path, $func, $auth=false){
-		global $API;
-		$API[$path] = array('func'=>$func,
-							'auth'=>$auth);
+		\Zotlabs\Lib\Api_router::register($path,$func,$auth);
+//		global $API;
+//		$API[$path] = array('func'=>$func,
+//							'auth'=>$auth);
 	}
 
 	
@@ -73,99 +74,104 @@ require_once('include/api_auth.php');
 	 **************************/
 
 	function api_call($a){
-		GLOBAL $API, $called_api;
+		GLOBAL $called_api;
 
-		// preset
-		$type="json";
 
-		foreach ($API as $p=>$info){
-			if (strpos(App::$query_string, $p)===0){
-				$called_api= explode("/",$p);
-				//unset($_SERVER['PHP_AUTH_USER']);
-				if ($info['auth'] === true && api_user() === false) {
-						api_login($a);
-				}
+		$type = 'json';
+		$p = App::$cmd;
+
+		if(strrpos($p,'.')) {
+			$type = substr($p,strrpos($p,'.')+1);
+			$p = substr($p,0,strrpos($p,'.'));
+		}
 
-				load_contact_links(api_user());
-
-				$channel = App::get_channel();
-
-				logger('API call for ' . $channel['channel_name'] . ': ' . App::$query_string);
-				logger('API parameters: ' . print_r($_REQUEST,true));
-
-				$type="json";
-
-				if (strpos(App::$query_string, ".xml")>0) $type="xml";
-				if (strpos(App::$query_string, ".json")>0) $type="json";
-				if (strpos(App::$query_string, ".rss")>0) $type="rss";
-				if (strpos(App::$query_string, ".atom")>0) $type="atom";
-				if (strpos(App::$query_string, ".as")>0) $type="as";
-
-				$r = call_user_func($info['func'], $a, $type);
-				if ($r===false) return;
-
-				switch($type){
-					case "xml":
-						$r = mb_convert_encoding($r, "UTF-8",mb_detect_encoding($r));
-						header ("Content-Type: text/xml");
-						return '<?xml version="1.0" encoding="UTF-8"?>'."\n".$r;
-						break;
-					case "json":
-						header ("Content-Type: application/json");
-						foreach($r as $rr) {
-							if(! $rr)
-								$rr = array();
-							$json = json_encode($rr);
-						}
-						if ($_GET['callback'])
-							$json = $_GET['callback']."(".$json.")";
-						return $json; 
-						break;
-					case "rss":
-						header ("Content-Type: application/rss+xml");
-						return '<?xml version="1.0" encoding="UTF-8"?>'."\n".$r;
-						break;
-					case "atom":
-						header ("Content-Type: application/atom+xml");
-						return '<?xml version="1.0" encoding="UTF-8"?>'."\n".$r;
-						break;
-					case "as":
-						//header ("Content-Type: application/json");
-						//foreach($r as $rr)
-						//    return json_encode($rr);
-						return json_encode($r);
-						break;
+		$info = \Zotlabs\Lib\Api_router::find($p);
 
-				}
-				//echo "<pre>"; var_dump($r); die();
+		logger('info: ' . $p . ' type: ' . $type . ' ' . print_r($info,true));
+
+		if($info) {
+			$called_api= explode("/",$p);
+
+			if ($info['auth'] === true && api_user() === false) {
+					api_login($a);
 			}
-		}
-		header("HTTP/1.1 404 Not Found");
-		logger('API call not implemented: '.App::$query_string." - ".print_r($_REQUEST,true));
-		$r = '<status><error>not implemented</error></status>';
-		switch($type){
-			case "xml":
-				header ("Content-Type: text/xml");
-				return '<?xml version="1.0" encoding="UTF-8"?>'."\n".$r;
-				break;
-			case "json":
-				header ("Content-Type: application/json");
-			    return json_encode(array('error' => 'not implemented'));
-				break;
-			case "rss":
-				header ("Content-Type: application/rss+xml");
-				return '<?xml version="1.0" encoding="UTF-8"?>'."\n".$r;
-				break;
-			case "atom":
-				header ("Content-Type: application/atom+xml");
-				return '<?xml version="1.0" encoding="UTF-8"?>'."\n".$r;
-				break;
+
+			load_contact_links(api_user());
+
+			$channel = App::get_channel();
+
+			logger('API call for ' . $channel['channel_name'] . ': ' . App::$query_string);
+			logger('API parameters: ' . print_r($_REQUEST,true));
+
+			$r = call_user_func($info['func'], $a, $type);
+
+			if($r === false) 
+				return;
+
+			switch($type){
+				case "xml":
+					$r = mb_convert_encoding($r, "UTF-8",mb_detect_encoding($r));
+					header ("Content-Type: text/xml");
+					return '<?xml version="1.0" encoding="UTF-8"?>'."\n".$r;
+					break;
+				case "json":
+					header ("Content-Type: application/json");
+					foreach($r as $rr) {
+						if(! $rr)
+							$rr = array();
+						$json = json_encode($rr);
+					}
+					if ($_GET['callback'])
+						$json = $_GET['callback']."(".$json.")";
+					return $json; 
+					break;
+				case "rss":
+					header ("Content-Type: application/rss+xml");
+					return '<?xml version="1.0" encoding="UTF-8"?>'."\n".$r;
+					break;
+				case "atom":
+					header ("Content-Type: application/atom+xml");
+					return '<?xml version="1.0" encoding="UTF-8"?>'."\n".$r;
+					break;
+				case "as":
+					//header ("Content-Type: application/json");
+					//foreach($r as $rr)
+					//    return json_encode($rr);
+					return json_encode($r);
+					break;
+
+			}
+
 		}
 	}
 
+	header("HTTP/1.1 404 Not Found");
+	logger('API call not implemented: ' . App::$query_string . ' - ' . print_r($_REQUEST,true));
+	$r = '<status><error>not implemented</error></status>';
+	switch($type){
+		case "xml":
+			header ("Content-Type: text/xml");
+			return '<?xml version="1.0" encoding="UTF-8"?>'."\n".$r;
+			break;
+		case "json":
+			header ("Content-Type: application/json");
+		    return json_encode(array('error' => 'not implemented'));
+			break;
+		case "rss":
+			header ("Content-Type: application/rss+xml");
+			return '<?xml version="1.0" encoding="UTF-8"?>'."\n".$r;
+			break;
+		case "atom":
+			header ("Content-Type: application/atom+xml");
+			return '<?xml version="1.0" encoding="UTF-8"?>'."\n".$r;
+			break;
+	}
+
+
 	/**
 	 * RSS extra info
 	 */
+
 	function api_rss_extra($a, $arr, $user_info){
 		if (is_null($user_info)) $user_info = api_get_user($a);
 		$arr['$user'] = $user_info;
diff --git a/include/text.php b/include/text.php
index ac210b336..a2a6d918b 100644
--- a/include/text.php
+++ b/include/text.php
@@ -2975,3 +2975,38 @@ function text_highlight($s,$lang) {
     return('<code>' . $o . '</code>');
 }
 
+// function to convert multi-dimensional array to xml
+// create new instance of simplexml
+
+// $xml = new SimpleXMLElement('<root/>');
+
+// function callback
+// array2XML($xml, $my_array);
+
+// save as xml file
+// echo (($xml->asXML('data.xml')) ? 'Your XML file has been generated successfully!' : 'Error generating XML file!');
+
+function arrtoxml($root_elem,$arr) {
+	$xml = new SimpleXMLElement('<' . $root_elem . '/>');
+	array2XML($xml,$arr);
+	return $xml->asXML();
+}
+
+function array2XML($obj, $array)
+{
+    foreach ($array as $key => $value)
+    {
+        if(is_numeric($key))
+            $key = 'item' . $key;
+
+        if (is_array($value))
+        {
+            $node = $obj->addChild($key);
+            array2XML($node, $value);
+        }
+        else
+        {
+            $obj->addChild($key, htmlspecialchars($value));
+        }
+    }
+}
-- 
cgit v1.2.3