diff options
Diffstat (limited to 'apis/webservice')
-rw-r--r-- | apis/webservice/getinfo.php | 25 | ||||
-rw-r--r-- | apis/webservice/login.php | 23 | ||||
-rw-r--r-- | apis/webservice/newupload.php | 67 | ||||
-rw-r--r-- | apis/webservice/upload.php | 62 |
4 files changed, 177 insertions, 0 deletions
diff --git a/apis/webservice/getinfo.php b/apis/webservice/getinfo.php new file mode 100644 index 00000000..3404008e --- /dev/null +++ b/apis/webservice/getinfo.php @@ -0,0 +1,25 @@ +<?php +if(isset($_SESSION['userid'])){ + $sql = "select user.login, user.fullname, user.email, cities.name from" + ." `user` left join cities on user.city=cities.cityid" + ." where user.userid= :userid"; + + $user=Database::queryFirst($sql, array("userid"=> $_SESSION['userid'])); + $ret = array( + "login"=>$user['login'], + "name"=>$user['fullname'], + "email"=>$user['email'], + "city"=>$user['name'], + "errormsg" => "", + "status" => "ok", + "msg" => "Get informations of user successful" + ); + echo json_encode($ret); + +}else{ + echo json_encode(array( + "errormsg"=> "Not logged in", + "status" => "error", + "msg" => "")); +} + diff --git a/apis/webservice/login.php b/apis/webservice/login.php new file mode 100644 index 00000000..e21975af --- /dev/null +++ b/apis/webservice/login.php @@ -0,0 +1,23 @@ +<?php +$login = $_POST['login']; +$sql = "select * from `user` WHERE login= :login"; +$user=Database::queryFirst($sql, array("login"=> $login)); +if($user){ + if(Crypto::verify($_POST['passwd'],$user['passwd'])){ + $_SESSION['userid']=$user['userid']; + echo json_encode(array( + "errormsg"=> "", + "status" => "ok", + "msg" => "Login successful")); + }else{ + echo json_encode(array( + "errormsg"=> "Wrong passwd", + "status" => "error", + "msg" => "")); + } +}else{ + echo json_encode(array( + "errormsg"=> "User not found", + "status" => "error", + "msg" => "")); +} diff --git a/apis/webservice/newupload.php b/apis/webservice/newupload.php new file mode 100644 index 00000000..b0e683c3 --- /dev/null +++ b/apis/webservice/newupload.php @@ -0,0 +1,67 @@ +<?php +if(!isset($_SESSION['userid'])){ + echo json_encode(array( + "errormsg"=>"Not logged in", + "status" => "error", + "msg" => "")); + die(); +} +if(!isset($_POST['nparts'])){ + echo json_encode(array( + "errormsg"=>"Number of parts isn't set", + "status" => "error", + "msg" => "")); + die(); +} + +function crypto_rand_secure($min, $max){ + $range = $max - $min; + if ($range < 1) return $min; // not so random... + $log = ceil(log($range, 2)); + $bytes = (int) ($log / 8) + 1; // length in bytes + $bits = (int) $log + 1; // length in bits + $filter = (int) (1 << $bits) - 1; // set all lower bits to 1 + do { + $rnd = hexdec(bin2hex(openssl_random_pseudo_bytes($bytes))); + $rnd = $rnd & $filter; // discard irrelevant bits + } while ($rnd >= $range); + return $min + $rnd; +} + +function getToken($length){ + $token = ""; + $codeAlphabet = "ABCDEFGHIJKLMNOPQRSTUVWXYZ"; + $codeAlphabet.= "abcdefghijklmnopqrstuvwxyz"; + $codeAlphabet.= "0123456789"; + $max = strlen($codeAlphabet) - 1; + for ($i=0; $i < $length; $i++) { + $token .= $codeAlphabet[crypto_rand_secure(0, $max)]; + } + return $token; +} +$token=getToken(35); +while(Database::queryFirst("select * from upload where `token`=:token", array( + "token" => $token))){ + $token = getToken(35); +} +$okay=Database::exec("INSERT INTO upload(`userid`, `nparts`, `nremaining`, `token`)". + " values (:userid, :nparts, :nremaining, :token)", array( + "userid"=>$_SESSION['userid'], + "nparts"=>$_POST['nparts'], + "nremaining"=>$_POST['nparts'], + "token"=> $token + )); +if($okay){ + echo json_encode(array( + "uploadid"=>$token, + "errormsg"=>"", + "status" => "ok", + "msg" => "New upload succesful")); + mkdir($target_dir.$token."/",0755, true); +}else{ + echo json_encode(array( + "errormsg"=>"Error when saving new upload, please retry", + "status" => "error", + "msg" => "")); +} + diff --git a/apis/webservice/upload.php b/apis/webservice/upload.php new file mode 100644 index 00000000..50ada40e --- /dev/null +++ b/apis/webservice/upload.php @@ -0,0 +1,62 @@ +<?php +if(!isset($_POST['uploadid'])){ + echo json_encode(array( + "errormsg"=>"Not logged in", + "status" => "error", + "msg" => "")); + die(); +}elseif (!isset($_FILES['fileToUpload'])){ + echo json_encode(array( + "errormsg"=>"No file received", + "status" => "error", + "msg" => "")); + die(); +} + +$upload = Database::queryFirst("Select * from upload where token = :token", + array( "token" => $_POST['uploadid'])); +if($upload['userid']!= $_SESSION['userid']){ + echo json_encode(array( + "errormsg"=>"Not same owner", + "status" => "error", + "msg" => "")); + die(); +} + +$name = $_FILES["fileToUpload"]["name"]; +$upload['nremaining'] = $upload['nremaining'] - 1; +if ($upload['nremaining'] < 0){ + echo json_encode(array( + "errormsg"=>"Already received all the parts", + "status" => "error", + "msg" => "")); + die(); +} +$target_file = $target_dir.$_POST['uploadid']."/".$name; +if(move_uploaded_file($_FILES["fileToUpload"]["tmp_name"], $target_file)){ + $ret = Database::exec("UPDATE upload SET nremaining= :nremaining". + " WHERE id=:id", array( + "id"=>$upload['id'], + "nremaining"=>$upload['nremaining'] + )); + if ($upload['nremaining'] == 0) { + echo json_encode(array( + "errormsg"=>"", + "status" => "ok", + "msg" => "Upload successful, sending to taskmanager")); + //passa pro taskmanager; + die(); + }else{ + echo json_encode(array( + "errormsg"=>"", + "status" => "ok", + "msg" => "Upload successful, waiting next part")); + die(); + } +} else { + echo json_encode(array( + "errormsg"=>"", + "status" => "error", + "msg" => "Error on upload, please resend")); +} + |