Small code fixes in API code

This commit is contained in:
2026-06-15 16:04:21 +02:00
parent 7429cd367d
commit 16be5448be
20 changed files with 64 additions and 75 deletions

View File

@@ -34,15 +34,6 @@ class API
# with the name _return and value of the url to return to.
public $return_url;
# Required fields & optional fields set by the API actions. This is an array like:
# Example:
# 'user_uuid' => ['type' => 'string', 'min' => 5, 'max' => 36],
# 'user_enabled' => ['type' => 'int', 'min' => 0, 'max' => 99],
# 'user_active' => ['type' => 'enum', 'values' => ['active', 'inactive', 'banned']],
# 'user_email' => ['type' => 'string', 'format' => 'email'],
private $requiredFields = [];
private $optionalFields = [];
# Used for the query builder base
public $baseQuery = false;
@@ -199,11 +190,9 @@ class API
{
$inputData = $this->postedData;
$this->requiredFields = $requiredFields;
$this->optionalFields = $optionalFields;
$sanitizedData = [];
foreach ($this->requiredFields as $field => $rules) {
foreach ($requiredFields as $field => $rules) {
if (!array_key_exists($field, $inputData)) {
$this->apiOutput(400, ['error' => "Missing required field: $field"]);
@@ -220,7 +209,7 @@ class API
// Check optional fields
foreach ($this->optionalFields as $field => $rules) {
foreach ($optionalFields as $field => $rules) {
if (isset($inputData[$field])) {
$value = $inputData[$field];
@@ -343,14 +332,9 @@ class API
if (!is_string($value)) return false;
return base64_encode(base64_decode($value, true)) === $value;
case 'uuid':
if (!is_string($value)) return false;
return preg_match('/^[0-9a-f]{8}-[0-9a-f]{4}-[1-5][0-9a-f]{3}-[89ab][0-9a-f]{3}-[0-9a-f]{12}$/i', $value);
case 'json':
if (!is_string($value)) return false;
json_decode($value);
return json_last_error() === JSON_ERROR_NONE;
return json_validate($value);
case 'array':
if (!is_array($value)) return false;
@@ -393,7 +377,7 @@ class API
case 'boolean':
if (is_string($value)) {
$value = strtolower(trim($value));
return in_array($value, ['true', '1'], true) ? true : false;
return in_array($value, ['true', '1'], true);
}
return (bool)$value;
@@ -453,6 +437,8 @@ class API
if ($returnBoolean) {
return true;
}
return false;
}
protected function setReturnUrl()
@@ -517,8 +503,7 @@ class API
return false;
}
json_decode($rawInput, true);
if (json_last_error() !== JSON_ERROR_NONE) {
if (!json_validate($rawInput)) {
return false;
}
@@ -590,17 +575,17 @@ class API
return true;
}
if (strpos($contentType, 'application/json') !== false) {
if (str_contains($contentType, 'application/json')) {
$this->content_type = 'application/json';
return true;
}
if (strpos($contentType, 'application/x-www-form-urlencoded') !== false) {
if (str_contains($contentType, 'application/x-www-form-urlencoded')) {
$this->content_type = 'application/x-www-form-urlencoded';
return true;
}
if (strpos($contentType, 'multipart/form-data') !== false) {
if (str_contains($contentType, 'multipart/form-data')) {
$this->content_type = 'multipart/form-data';
return true;
}
@@ -662,10 +647,9 @@ class API
try {
$stmt = $this->conn->prepare($query);
} catch (mysqli_sql_exception $e) {
} catch (\mysqli_sql_exception $e) {
// If an error occurs during prepare, catch it and return a proper response
$this->apiOutput(500, ['error' => 'Database error: ' . $e->getMessage()]);
return null;
}
return $stmt;
@@ -679,13 +663,12 @@ class API
try {
$stmt->execute();
return true;
} catch (mysqli_sql_exception $e) {
} catch (\mysqli_sql_exception $e) {
if ($e->getCode() === 1451) {
$this->apiOutput(409, ['error' => 'Cannot delete record: dependent data exists.']);
} else {
$this->apiOutput(500, ['error' => 'Database error: ' . $e->getMessage()]);
}
return null;
}
}

View File

@@ -4,6 +4,7 @@ namespace api\classes;
use api\classes\API;
use api\classes\API_users;
use JetBrains\PhpStorm\NoReturn;
require_once 'API.php';
@@ -66,6 +67,7 @@ class API_apitoken extends API
}
}
#[NoReturn]
public function createNewToken()
{

View File

@@ -4,6 +4,7 @@ namespace api\classes;
use api\classes\API;
use api\classes\imageProcessor;
use JetBrains\PhpStorm\NoReturn;
require_once 'API.php';
@@ -36,13 +37,14 @@ class API_devices extends API
$imageProcessor->imageRestrictions = $imageRestrictions;
$imageProcessor->validateAndProcess();
$ImageData = $imageProcessor->returnBase64image();
} catch (Exception $e) {
} catch (\RuntimeException $e) {
$this->apiOutput(401, ['error' => 'Error: ' . $e->getMessage()]);
}
return $ImageData;
}
#[NoReturn]
public function createDevice()
{
@@ -108,6 +110,7 @@ class API_devices extends API
}
}
#[NoReturn]
public function deleteDevice()
{
# check if the device exists

View File

@@ -3,6 +3,7 @@
namespace api\classes;
use api\classes\API;
use JetBrains\PhpStorm\NoReturn;
require_once 'API.php';
@@ -44,11 +45,6 @@ class API_inserve extends API
curl_close($this->ch);
}
public function returnResponse()
{
$this->apiOutput($this->httpCode, json_decode($this->response, true));
}
public function authMe()
{
$this->ch = curl_init($this->inserve_url . 'auth/me');
@@ -60,6 +56,7 @@ class API_inserve extends API
]
]);
$this->execCurl();
return true;
}
public function getLinkedCompanies()
@@ -246,7 +243,7 @@ class API_inserve extends API
];
if (!in_array($type, $allowedColumns, true)) {
throw new Exception('Invalid column name');
throw new \RuntimeException('Invalid column name');
}
$query = "SELECT `$type` FROM servers";
@@ -256,7 +253,7 @@ class API_inserve extends API
$servers = [];
while ($row = $result->fetch_assoc()) {
array_push($servers, $row);
$servers[] = $row;
}
$allTypes = [];
@@ -451,7 +448,7 @@ class API_inserve extends API
$namePart = substr($key, 7, -6);
$namePart = ucfirst($namePart);
} // Handle keys with "."
elseif (strpos($key, '.') !== false) {
elseif (str_contains($key, '.')) {
[$first, $second] = explode('.', $key, 2);
if ($first === $second || strtolower($second) === 'yes') {
$namePart = ucfirst($first);
@@ -459,7 +456,7 @@ class API_inserve extends API
$namePart = ucfirst($first) . ' - ' . $second;
}
} //Handle keys without . but with a space (example directadmin.Standard Discounted)
elseif (strpos($key, ' ') !== false) {
elseif (str_contains($key, ' ')) {
// explode on first .
$parts = explode('.', $key, 2);
if (count($parts) === 2) {
@@ -513,16 +510,14 @@ class API_inserve extends API
&& $item['subscriptionInserveExists'] !== false
) {
$payload = [
"quantity" => (int)$item['countSentri'],
"quantity" => ($row['server_state'] === 'deleted') ? 0 : $item['countSentri'],
"cloud_distribution_company_id" => (int)$item['sentriCompanyId'],
"name" => $item['subscriptionSentriName'],
"status" => $item['SentriStatus'],
"quantity" => ($row['server_state'] === 'deleted') ? 0 : $item['countSentri']
"status" => $item['SentriStatus']
];
$this->updateCloudSubscription($item['subscriptionInserveId'], $payload);
continue;
}
}
}

View File

@@ -3,11 +3,13 @@
namespace api\classes;
use api\classes\API;
use JetBrains\PhpStorm\NoReturn;
require_once 'API.php';
class API_mfa extends API
{
#[NoReturn]
public function disableMFA()
{
# Users cannot, by default disable MFA of other users
@@ -23,6 +25,7 @@ class API_mfa extends API
$this->apiOutput(200, ['success' => 'mfa is disabled']);
}
#[NoReturn]
public function enableMFA()
{
# Users cannot, create MFA of other users

View File

@@ -3,11 +3,13 @@
namespace api\classes;
use api\classes\API;
use JetBrains\PhpStorm\NoReturn;
require_once 'API.php';
class API_office_stompjes extends API
{
#[NoReturn]
public function addStomp()
{
$query = "INSERT INTO office_stompjes (stomp_uuid, user_uuid, stomp_timestamp) VALUES (UUID(), ?, ?)";
@@ -19,6 +21,7 @@ class API_office_stompjes extends API
$this->apiOutput(200, ['success' => 'Stomp added.']);
}
#[NoReturn]
public function deleteStomp()
{
$query = "DELETE FROM office_stompjes WHERE stomp_uuid = ?";

View File

@@ -3,6 +3,7 @@
namespace api\classes;
use api\classes\API;
use JetBrains\PhpStorm\NoReturn;
require_once 'API.php';
@@ -27,6 +28,7 @@ class API_permissions extends API
}
}
#[NoReturn]
public function createPermission()
{
# Check if permission slugify already exists
@@ -53,7 +55,7 @@ class API_permissions extends API
$sql = "SELECT * FROM system_user_groups";
$stmt = $this->conn->query($sql);
while ($user_group = $stmt->fetch_assoc()) {
array_push($user_groups, $user_group);
$user_groups[] = $user_group;
}
# Update all the groups with the newly added permission

View File

@@ -3,6 +3,7 @@
namespace api\classes;
use api\classes\API;
use JetBrains\PhpStorm\NoReturn;
require_once 'API.php';
@@ -18,6 +19,7 @@ class API_platforms extends API
}
#[NoReturn]
public function createPlatforms()
{
if (isset($this->data['platform_image'])) {

View File

@@ -3,11 +3,13 @@
namespace api\classes;
use api\classes\API;
use JetBrains\PhpStorm\NoReturn;
require_once 'API.php';
class API_system_sources extends API
{
#[NoReturn]
public function inserveUpdate()
{
$query = "INSERT INTO system_sources (

View File

@@ -3,6 +3,7 @@
namespace api\classes;
use api\classes\API;
use JetBrains\PhpStorm\NoReturn;
require_once 'API.php';
@@ -17,6 +18,7 @@ class API_usergroups extends API
return $items;
}
#[NoReturn]
public function createUsergroups()
{
# check if the user_group already exists
@@ -70,6 +72,7 @@ class API_usergroups extends API
}
}
#[NoReturn]
public function deleteUsergroup()
{
# check if the user group exists
@@ -113,6 +116,7 @@ class API_usergroups extends API
return $weight;
}
#[NoReturn]
public function updateUserGroup()
{
# check if the user group exists

View File

@@ -5,6 +5,7 @@ namespace api\classes;
use api\classes\API;
use api\classes\API_usergroups;
use bin\php\Classes\mailBuilder;
use JetBrains\PhpStorm\NoReturn;
require_once 'API.php';
require_once $_SERVER['DOCUMENT_ROOT'] . '/bin/php/Classes/mailBuilder.php';
@@ -20,6 +21,7 @@ class API_users extends API
return $items;
}
#[NoReturn]
public function createUser()
{
# check if the user already exists
@@ -102,6 +104,7 @@ The Sentri gnomes';
return $API_usergroups->getUserGroup()[0]['user_group_weight'];
}
#[NoReturn]
public function updateUser()
{
# check if the user exists
@@ -133,6 +136,7 @@ The Sentri gnomes';
$this->apiOutput(200, ['success' => 'User successfully updated.']);
}
#[NoReturn]
public function deleteUser()
{
# delete an user

View File

@@ -18,7 +18,7 @@ class API_usersavatar extends API
$imageProcessor->imageRestrictions = $imageRestrictions;
$imageProcessor->validateAndProcess();
$ImageData = $imageProcessor->returnBase64image();
} catch (Exception $e) {
} catch (\RuntimeException $e) {
$this->apiOutput(401, ['error' => 'Error: ' . $e->getMessage()]);
}

View File

@@ -3,6 +3,7 @@
namespace api\classes;
use api\classes\API;
use JetBrains\PhpStorm\NoReturn;
require_once 'API.php';
@@ -17,6 +18,7 @@ class API_vendors extends API
return $items;
}
#[NoReturn]
public function createVendor()
{
if (isset($this->data['vendor_image'])) {

View File

@@ -2,6 +2,9 @@
namespace api\classes;
use http\Exception\RuntimeException;
class imageProcessor
{
public $postedFile = null;
@@ -34,18 +37,18 @@ class imageProcessor
$mimeType = $matches[1];
$base64 = substr($base64, strpos($base64, ',') + 1);
} else {
throw new Exception('Invalid image data.');
throw new \RuntimeException('Invalid image data.');
}
$imageData = base64_decode($base64);
if ($imageData === false) {
throw new Exception('Invalid base64 image data.');
throw new \RuntimeException('Invalid base64 image data.');
}
# Create image directly from string (no file)
$srcImage = imagecreatefromstring($imageData);
if (!$srcImage) {
throw new Exception('Failed to create image from string.');
throw new \RuntimeException('Failed to create image from string.');
}
# Now you can get dimensions directly
@@ -53,7 +56,6 @@ class imageProcessor
$height = imagesy($srcImage);
# Store $srcImage in a class property, continue processing in-memory
$this->imageResource = $srcImage;
$this->imageInfo = [
'mime' => $mimeType,
'width' => $width,
@@ -74,11 +76,11 @@ class imageProcessor
$fileSizeKB = filesize($this->imageTmpPath) / 1024;
if (!in_array($mime, $this->imageRestrictions['allowed_types'])) {
throw new Exception("Invalid image type: $mime");
throw new \RuntimeException("Invalid image type: $mime");
}
if ($fileSizeKB > $this->imageRestrictions['max_size_kb']) {
throw new Exception("Image exceeds max file size.");
throw new \RuntimeException("Image exceeds max file size.");
}
# Resize to fit within min/max bounds
@@ -137,7 +139,7 @@ class imageProcessor
'image/jpeg' => imagecreatefromjpeg($this->imageTmpPath),
'image/png' => imagecreatefrompng($this->imageTmpPath),
'image/webp' => imagecreatefromwebp($this->imageTmpPath),
default => throw new Exception("Unsupported image type.")
default => throw new \RuntimeException("Unsupported image type.")
};
# Determine new size