Small code fixes in API code

This commit is contained in:
2026-06-15 16:04:21 +02:00
parent 7429cd367d
commit 16be5448be
20 changed files with 64 additions and 75 deletions

View File

@@ -34,15 +34,6 @@ class API
# with the name _return and value of the url to return to. # with the name _return and value of the url to return to.
public $return_url; public $return_url;
# Required fields & optional fields set by the API actions. This is an array like:
# Example:
# 'user_uuid' => ['type' => 'string', 'min' => 5, 'max' => 36],
# 'user_enabled' => ['type' => 'int', 'min' => 0, 'max' => 99],
# 'user_active' => ['type' => 'enum', 'values' => ['active', 'inactive', 'banned']],
# 'user_email' => ['type' => 'string', 'format' => 'email'],
private $requiredFields = [];
private $optionalFields = [];
# Used for the query builder base # Used for the query builder base
public $baseQuery = false; public $baseQuery = false;
@@ -199,11 +190,9 @@ class API
{ {
$inputData = $this->postedData; $inputData = $this->postedData;
$this->requiredFields = $requiredFields;
$this->optionalFields = $optionalFields;
$sanitizedData = []; $sanitizedData = [];
foreach ($this->requiredFields as $field => $rules) { foreach ($requiredFields as $field => $rules) {
if (!array_key_exists($field, $inputData)) { if (!array_key_exists($field, $inputData)) {
$this->apiOutput(400, ['error' => "Missing required field: $field"]); $this->apiOutput(400, ['error' => "Missing required field: $field"]);
@@ -220,7 +209,7 @@ class API
// Check optional fields // Check optional fields
foreach ($this->optionalFields as $field => $rules) { foreach ($optionalFields as $field => $rules) {
if (isset($inputData[$field])) { if (isset($inputData[$field])) {
$value = $inputData[$field]; $value = $inputData[$field];
@@ -343,14 +332,9 @@ class API
if (!is_string($value)) return false; if (!is_string($value)) return false;
return base64_encode(base64_decode($value, true)) === $value; return base64_encode(base64_decode($value, true)) === $value;
case 'uuid':
if (!is_string($value)) return false;
return preg_match('/^[0-9a-f]{8}-[0-9a-f]{4}-[1-5][0-9a-f]{3}-[89ab][0-9a-f]{3}-[0-9a-f]{12}$/i', $value);
case 'json': case 'json':
if (!is_string($value)) return false; if (!is_string($value)) return false;
json_decode($value); return json_validate($value);
return json_last_error() === JSON_ERROR_NONE;
case 'array': case 'array':
if (!is_array($value)) return false; if (!is_array($value)) return false;
@@ -393,7 +377,7 @@ class API
case 'boolean': case 'boolean':
if (is_string($value)) { if (is_string($value)) {
$value = strtolower(trim($value)); $value = strtolower(trim($value));
return in_array($value, ['true', '1'], true) ? true : false; return in_array($value, ['true', '1'], true);
} }
return (bool)$value; return (bool)$value;
@@ -453,6 +437,8 @@ class API
if ($returnBoolean) { if ($returnBoolean) {
return true; return true;
} }
return false;
} }
protected function setReturnUrl() protected function setReturnUrl()
@@ -517,8 +503,7 @@ class API
return false; return false;
} }
json_decode($rawInput, true); if (!json_validate($rawInput)) {
if (json_last_error() !== JSON_ERROR_NONE) {
return false; return false;
} }
@@ -590,17 +575,17 @@ class API
return true; return true;
} }
if (strpos($contentType, 'application/json') !== false) { if (str_contains($contentType, 'application/json')) {
$this->content_type = 'application/json'; $this->content_type = 'application/json';
return true; return true;
} }
if (strpos($contentType, 'application/x-www-form-urlencoded') !== false) { if (str_contains($contentType, 'application/x-www-form-urlencoded')) {
$this->content_type = 'application/x-www-form-urlencoded'; $this->content_type = 'application/x-www-form-urlencoded';
return true; return true;
} }
if (strpos($contentType, 'multipart/form-data') !== false) { if (str_contains($contentType, 'multipart/form-data')) {
$this->content_type = 'multipart/form-data'; $this->content_type = 'multipart/form-data';
return true; return true;
} }
@@ -662,10 +647,9 @@ class API
try { try {
$stmt = $this->conn->prepare($query); $stmt = $this->conn->prepare($query);
} catch (mysqli_sql_exception $e) { } catch (\mysqli_sql_exception $e) {
// If an error occurs during prepare, catch it and return a proper response // If an error occurs during prepare, catch it and return a proper response
$this->apiOutput(500, ['error' => 'Database error: ' . $e->getMessage()]); $this->apiOutput(500, ['error' => 'Database error: ' . $e->getMessage()]);
return null;
} }
return $stmt; return $stmt;
@@ -679,13 +663,12 @@ class API
try { try {
$stmt->execute(); $stmt->execute();
return true; return true;
} catch (mysqli_sql_exception $e) { } catch (\mysqli_sql_exception $e) {
if ($e->getCode() === 1451) { if ($e->getCode() === 1451) {
$this->apiOutput(409, ['error' => 'Cannot delete record: dependent data exists.']); $this->apiOutput(409, ['error' => 'Cannot delete record: dependent data exists.']);
} else { } else {
$this->apiOutput(500, ['error' => 'Database error: ' . $e->getMessage()]); $this->apiOutput(500, ['error' => 'Database error: ' . $e->getMessage()]);
} }
return null;
} }
} }

View File

@@ -4,6 +4,7 @@ namespace api\classes;
use api\classes\API; use api\classes\API;
use api\classes\API_users; use api\classes\API_users;
use JetBrains\PhpStorm\NoReturn;
require_once 'API.php'; require_once 'API.php';
@@ -66,6 +67,7 @@ class API_apitoken extends API
} }
} }
#[NoReturn]
public function createNewToken() public function createNewToken()
{ {

View File

@@ -4,6 +4,7 @@ namespace api\classes;
use api\classes\API; use api\classes\API;
use api\classes\imageProcessor; use api\classes\imageProcessor;
use JetBrains\PhpStorm\NoReturn;
require_once 'API.php'; require_once 'API.php';
@@ -36,13 +37,14 @@ class API_devices extends API
$imageProcessor->imageRestrictions = $imageRestrictions; $imageProcessor->imageRestrictions = $imageRestrictions;
$imageProcessor->validateAndProcess(); $imageProcessor->validateAndProcess();
$ImageData = $imageProcessor->returnBase64image(); $ImageData = $imageProcessor->returnBase64image();
} catch (Exception $e) { } catch (\RuntimeException $e) {
$this->apiOutput(401, ['error' => 'Error: ' . $e->getMessage()]); $this->apiOutput(401, ['error' => 'Error: ' . $e->getMessage()]);
} }
return $ImageData; return $ImageData;
} }
#[NoReturn]
public function createDevice() public function createDevice()
{ {
@@ -108,6 +110,7 @@ class API_devices extends API
} }
} }
#[NoReturn]
public function deleteDevice() public function deleteDevice()
{ {
# check if the device exists # check if the device exists

View File

@@ -3,6 +3,7 @@
namespace api\classes; namespace api\classes;
use api\classes\API; use api\classes\API;
use JetBrains\PhpStorm\NoReturn;
require_once 'API.php'; require_once 'API.php';
@@ -44,11 +45,6 @@ class API_inserve extends API
curl_close($this->ch); curl_close($this->ch);
} }
public function returnResponse()
{
$this->apiOutput($this->httpCode, json_decode($this->response, true));
}
public function authMe() public function authMe()
{ {
$this->ch = curl_init($this->inserve_url . 'auth/me'); $this->ch = curl_init($this->inserve_url . 'auth/me');
@@ -60,6 +56,7 @@ class API_inserve extends API
] ]
]); ]);
$this->execCurl(); $this->execCurl();
return true;
} }
public function getLinkedCompanies() public function getLinkedCompanies()
@@ -246,7 +243,7 @@ class API_inserve extends API
]; ];
if (!in_array($type, $allowedColumns, true)) { if (!in_array($type, $allowedColumns, true)) {
throw new Exception('Invalid column name'); throw new \RuntimeException('Invalid column name');
} }
$query = "SELECT `$type` FROM servers"; $query = "SELECT `$type` FROM servers";
@@ -256,7 +253,7 @@ class API_inserve extends API
$servers = []; $servers = [];
while ($row = $result->fetch_assoc()) { while ($row = $result->fetch_assoc()) {
array_push($servers, $row); $servers[] = $row;
} }
$allTypes = []; $allTypes = [];
@@ -451,7 +448,7 @@ class API_inserve extends API
$namePart = substr($key, 7, -6); $namePart = substr($key, 7, -6);
$namePart = ucfirst($namePart); $namePart = ucfirst($namePart);
} // Handle keys with "." } // Handle keys with "."
elseif (strpos($key, '.') !== false) { elseif (str_contains($key, '.')) {
[$first, $second] = explode('.', $key, 2); [$first, $second] = explode('.', $key, 2);
if ($first === $second || strtolower($second) === 'yes') { if ($first === $second || strtolower($second) === 'yes') {
$namePart = ucfirst($first); $namePart = ucfirst($first);
@@ -459,7 +456,7 @@ class API_inserve extends API
$namePart = ucfirst($first) . ' - ' . $second; $namePart = ucfirst($first) . ' - ' . $second;
} }
} //Handle keys without . but with a space (example directadmin.Standard Discounted) } //Handle keys without . but with a space (example directadmin.Standard Discounted)
elseif (strpos($key, ' ') !== false) { elseif (str_contains($key, ' ')) {
// explode on first . // explode on first .
$parts = explode('.', $key, 2); $parts = explode('.', $key, 2);
if (count($parts) === 2) { if (count($parts) === 2) {
@@ -513,16 +510,14 @@ class API_inserve extends API
&& $item['subscriptionInserveExists'] !== false && $item['subscriptionInserveExists'] !== false
) { ) {
$payload = [ $payload = [
"quantity" => (int)$item['countSentri'], "quantity" => ($row['server_state'] === 'deleted') ? 0 : $item['countSentri'],
"cloud_distribution_company_id" => (int)$item['sentriCompanyId'], "cloud_distribution_company_id" => (int)$item['sentriCompanyId'],
"name" => $item['subscriptionSentriName'], "name" => $item['subscriptionSentriName'],
"status" => $item['SentriStatus'], "status" => $item['SentriStatus']
"quantity" => ($row['server_state'] === 'deleted') ? 0 : $item['countSentri']
]; ];
$this->updateCloudSubscription($item['subscriptionInserveId'], $payload); $this->updateCloudSubscription($item['subscriptionInserveId'], $payload);
continue;
} }
} }
} }

View File

@@ -3,11 +3,13 @@
namespace api\classes; namespace api\classes;
use api\classes\API; use api\classes\API;
use JetBrains\PhpStorm\NoReturn;
require_once 'API.php'; require_once 'API.php';
class API_mfa extends API class API_mfa extends API
{ {
#[NoReturn]
public function disableMFA() public function disableMFA()
{ {
# Users cannot, by default disable MFA of other users # Users cannot, by default disable MFA of other users
@@ -23,6 +25,7 @@ class API_mfa extends API
$this->apiOutput(200, ['success' => 'mfa is disabled']); $this->apiOutput(200, ['success' => 'mfa is disabled']);
} }
#[NoReturn]
public function enableMFA() public function enableMFA()
{ {
# Users cannot, create MFA of other users # Users cannot, create MFA of other users

View File

@@ -3,11 +3,13 @@
namespace api\classes; namespace api\classes;
use api\classes\API; use api\classes\API;
use JetBrains\PhpStorm\NoReturn;
require_once 'API.php'; require_once 'API.php';
class API_office_stompjes extends API class API_office_stompjes extends API
{ {
#[NoReturn]
public function addStomp() public function addStomp()
{ {
$query = "INSERT INTO office_stompjes (stomp_uuid, user_uuid, stomp_timestamp) VALUES (UUID(), ?, ?)"; $query = "INSERT INTO office_stompjes (stomp_uuid, user_uuid, stomp_timestamp) VALUES (UUID(), ?, ?)";
@@ -19,6 +21,7 @@ class API_office_stompjes extends API
$this->apiOutput(200, ['success' => 'Stomp added.']); $this->apiOutput(200, ['success' => 'Stomp added.']);
} }
#[NoReturn]
public function deleteStomp() public function deleteStomp()
{ {
$query = "DELETE FROM office_stompjes WHERE stomp_uuid = ?"; $query = "DELETE FROM office_stompjes WHERE stomp_uuid = ?";

View File

@@ -3,6 +3,7 @@
namespace api\classes; namespace api\classes;
use api\classes\API; use api\classes\API;
use JetBrains\PhpStorm\NoReturn;
require_once 'API.php'; require_once 'API.php';
@@ -27,6 +28,7 @@ class API_permissions extends API
} }
} }
#[NoReturn]
public function createPermission() public function createPermission()
{ {
# Check if permission slugify already exists # Check if permission slugify already exists
@@ -53,7 +55,7 @@ class API_permissions extends API
$sql = "SELECT * FROM system_user_groups"; $sql = "SELECT * FROM system_user_groups";
$stmt = $this->conn->query($sql); $stmt = $this->conn->query($sql);
while ($user_group = $stmt->fetch_assoc()) { while ($user_group = $stmt->fetch_assoc()) {
array_push($user_groups, $user_group); $user_groups[] = $user_group;
} }
# Update all the groups with the newly added permission # Update all the groups with the newly added permission

View File

@@ -3,6 +3,7 @@
namespace api\classes; namespace api\classes;
use api\classes\API; use api\classes\API;
use JetBrains\PhpStorm\NoReturn;
require_once 'API.php'; require_once 'API.php';
@@ -18,6 +19,7 @@ class API_platforms extends API
} }
#[NoReturn]
public function createPlatforms() public function createPlatforms()
{ {
if (isset($this->data['platform_image'])) { if (isset($this->data['platform_image'])) {

View File

@@ -3,11 +3,13 @@
namespace api\classes; namespace api\classes;
use api\classes\API; use api\classes\API;
use JetBrains\PhpStorm\NoReturn;
require_once 'API.php'; require_once 'API.php';
class API_system_sources extends API class API_system_sources extends API
{ {
#[NoReturn]
public function inserveUpdate() public function inserveUpdate()
{ {
$query = "INSERT INTO system_sources ( $query = "INSERT INTO system_sources (

View File

@@ -3,6 +3,7 @@
namespace api\classes; namespace api\classes;
use api\classes\API; use api\classes\API;
use JetBrains\PhpStorm\NoReturn;
require_once 'API.php'; require_once 'API.php';
@@ -17,6 +18,7 @@ class API_usergroups extends API
return $items; return $items;
} }
#[NoReturn]
public function createUsergroups() public function createUsergroups()
{ {
# check if the user_group already exists # check if the user_group already exists
@@ -70,6 +72,7 @@ class API_usergroups extends API
} }
} }
#[NoReturn]
public function deleteUsergroup() public function deleteUsergroup()
{ {
# check if the user group exists # check if the user group exists
@@ -113,6 +116,7 @@ class API_usergroups extends API
return $weight; return $weight;
} }
#[NoReturn]
public function updateUserGroup() public function updateUserGroup()
{ {
# check if the user group exists # check if the user group exists

View File

@@ -5,6 +5,7 @@ namespace api\classes;
use api\classes\API; use api\classes\API;
use api\classes\API_usergroups; use api\classes\API_usergroups;
use bin\php\Classes\mailBuilder; use bin\php\Classes\mailBuilder;
use JetBrains\PhpStorm\NoReturn;
require_once 'API.php'; require_once 'API.php';
require_once $_SERVER['DOCUMENT_ROOT'] . '/bin/php/Classes/mailBuilder.php'; require_once $_SERVER['DOCUMENT_ROOT'] . '/bin/php/Classes/mailBuilder.php';
@@ -20,6 +21,7 @@ class API_users extends API
return $items; return $items;
} }
#[NoReturn]
public function createUser() public function createUser()
{ {
# check if the user already exists # check if the user already exists
@@ -102,6 +104,7 @@ The Sentri gnomes';
return $API_usergroups->getUserGroup()[0]['user_group_weight']; return $API_usergroups->getUserGroup()[0]['user_group_weight'];
} }
#[NoReturn]
public function updateUser() public function updateUser()
{ {
# check if the user exists # check if the user exists
@@ -133,6 +136,7 @@ The Sentri gnomes';
$this->apiOutput(200, ['success' => 'User successfully updated.']); $this->apiOutput(200, ['success' => 'User successfully updated.']);
} }
#[NoReturn]
public function deleteUser() public function deleteUser()
{ {
# delete an user # delete an user

View File

@@ -18,7 +18,7 @@ class API_usersavatar extends API
$imageProcessor->imageRestrictions = $imageRestrictions; $imageProcessor->imageRestrictions = $imageRestrictions;
$imageProcessor->validateAndProcess(); $imageProcessor->validateAndProcess();
$ImageData = $imageProcessor->returnBase64image(); $ImageData = $imageProcessor->returnBase64image();
} catch (Exception $e) { } catch (\RuntimeException $e) {
$this->apiOutput(401, ['error' => 'Error: ' . $e->getMessage()]); $this->apiOutput(401, ['error' => 'Error: ' . $e->getMessage()]);
} }

View File

@@ -3,6 +3,7 @@
namespace api\classes; namespace api\classes;
use api\classes\API; use api\classes\API;
use JetBrains\PhpStorm\NoReturn;
require_once 'API.php'; require_once 'API.php';
@@ -17,6 +18,7 @@ class API_vendors extends API
return $items; return $items;
} }
#[NoReturn]
public function createVendor() public function createVendor()
{ {
if (isset($this->data['vendor_image'])) { if (isset($this->data['vendor_image'])) {

View File

@@ -2,6 +2,9 @@
namespace api\classes; namespace api\classes;
use http\Exception\RuntimeException;
class imageProcessor class imageProcessor
{ {
public $postedFile = null; public $postedFile = null;
@@ -34,18 +37,18 @@ class imageProcessor
$mimeType = $matches[1]; $mimeType = $matches[1];
$base64 = substr($base64, strpos($base64, ',') + 1); $base64 = substr($base64, strpos($base64, ',') + 1);
} else { } else {
throw new Exception('Invalid image data.'); throw new \RuntimeException('Invalid image data.');
} }
$imageData = base64_decode($base64); $imageData = base64_decode($base64);
if ($imageData === false) { if ($imageData === false) {
throw new Exception('Invalid base64 image data.'); throw new \RuntimeException('Invalid base64 image data.');
} }
# Create image directly from string (no file) # Create image directly from string (no file)
$srcImage = imagecreatefromstring($imageData); $srcImage = imagecreatefromstring($imageData);
if (!$srcImage) { if (!$srcImage) {
throw new Exception('Failed to create image from string.'); throw new \RuntimeException('Failed to create image from string.');
} }
# Now you can get dimensions directly # Now you can get dimensions directly
@@ -53,7 +56,6 @@ class imageProcessor
$height = imagesy($srcImage); $height = imagesy($srcImage);
# Store $srcImage in a class property, continue processing in-memory # Store $srcImage in a class property, continue processing in-memory
$this->imageResource = $srcImage;
$this->imageInfo = [ $this->imageInfo = [
'mime' => $mimeType, 'mime' => $mimeType,
'width' => $width, 'width' => $width,
@@ -74,11 +76,11 @@ class imageProcessor
$fileSizeKB = filesize($this->imageTmpPath) / 1024; $fileSizeKB = filesize($this->imageTmpPath) / 1024;
if (!in_array($mime, $this->imageRestrictions['allowed_types'])) { if (!in_array($mime, $this->imageRestrictions['allowed_types'])) {
throw new Exception("Invalid image type: $mime"); throw new \RuntimeException("Invalid image type: $mime");
} }
if ($fileSizeKB > $this->imageRestrictions['max_size_kb']) { if ($fileSizeKB > $this->imageRestrictions['max_size_kb']) {
throw new Exception("Image exceeds max file size."); throw new \RuntimeException("Image exceeds max file size.");
} }
# Resize to fit within min/max bounds # Resize to fit within min/max bounds
@@ -137,7 +139,7 @@ class imageProcessor
'image/jpeg' => imagecreatefromjpeg($this->imageTmpPath), 'image/jpeg' => imagecreatefromjpeg($this->imageTmpPath),
'image/png' => imagecreatefrompng($this->imageTmpPath), 'image/png' => imagecreatefrompng($this->imageTmpPath),
'image/webp' => imagecreatefromwebp($this->imageTmpPath), 'image/webp' => imagecreatefromwebp($this->imageTmpPath),
default => throw new Exception("Unsupported image type.") default => throw new \RuntimeException("Unsupported image type.")
}; };
# Determine new size # Determine new size

View File

@@ -94,7 +94,7 @@ if ($API_devices->request_method === 'POST') {
$requestedPath = realpath($_SERVER['DOCUMENT_ROOT'] . $relativePath); $requestedPath = realpath($_SERVER['DOCUMENT_ROOT'] . $relativePath);
// Validate resolved path // Validate resolved path
if (!$requestedPath || strpos($requestedPath, $root) !== 0) { if (!$requestedPath || !str_starts_with($requestedPath, $root)) {
http_response_code(403); http_response_code(403);
echo json_encode(['status' => 'error', 'message' => 'Access denied']); echo json_encode(['status' => 'error', 'message' => 'Access denied']);
exit; exit;

View File

@@ -32,8 +32,6 @@ if ($API_office_stompjes->request_method === 'GET') {
$API_office_stompjes->addStomp(); $API_office_stompjes->addStomp();
$API_office_stompjes->apiOutput($code = 200, ['success' => 'stomp added successfully.']);
} elseif ($API_office_stompjes->request_method === 'DELETE') { } elseif ($API_office_stompjes->request_method === 'DELETE') {
# Only superuser can delete permission due to fact that the backend needs programming when setting a permission # Only superuser can delete permission due to fact that the backend needs programming when setting a permission

View File

@@ -24,7 +24,7 @@ if ($API_mailsettings->request_method === 'PUT') {
'mail_smtp_pass' => ['type' => 'string'] 'mail_smtp_pass' => ['type' => 'string']
]; ];
# check if the password is changed # check if the password is changed
$updatePassword = str_contains($API_mailsettings->postedData['mail_smtp_pass'], '******') ? false : true; $updatePassword = !str_contains($API_mailsettings->postedData['mail_smtp_pass'], '******');
if ($updatePassword) { if ($updatePassword) {
if (strlen($API_mailsettings->postedData['mail_smtp_pass']) < 12) { if (strlen($API_mailsettings->postedData['mail_smtp_pass']) < 12) {
$API_mailsettings->apiOutput(400, ['error' => 'Password too short']); $API_mailsettings->apiOutput(400, ['error' => 'Password too short']);

View File

@@ -9,9 +9,7 @@ require_once $_SERVER['DOCUMENT_ROOT'] . '/api/classes/imageProcessor.php';
$API_usersavatar = new API_usersavatar(); $API_usersavatar = new API_usersavatar();
if ($API_usersavatar->request_method === 'GET') { if ($API_usersavatar->request_method === 'POST') {
} elseif ($API_usersavatar->request_method === 'POST') {
# Reset a users password and send an email the user to set a new password # Reset a users password and send an email the user to set a new password
$API_usersavatar->postedData['user_profile_picture'] = $API_usersavatar->createUserImage(['min_width' => 500, 'max_width' => 1000, 'min_height' => 500, 'max_height' => 1000, 'square' => true, 'allowed_types' => ['image/png'], 'max_size_kb' => 1024, 'transparent' => true]); $API_usersavatar->postedData['user_profile_picture'] = $API_usersavatar->createUserImage(['min_width' => 500, 'max_width' => 1000, 'min_height' => 500, 'max_height' => 1000, 'square' => true, 'allowed_types' => ['image/png'], 'max_size_kb' => 1024, 'transparent' => true]);
@@ -34,8 +32,4 @@ if ($API_usersavatar->request_method === 'GET') {
$API_usersavatar->apiOutput(200, ['success' => 'Avatar was successfully changed.']); $API_usersavatar->apiOutput(200, ['success' => 'Avatar was successfully changed.']);
} elseif ($API_usersavatar->request_method === 'PUT') {
} elseif ($API_usersavatar->request_method === 'DELETE') {
} }

View File

@@ -11,9 +11,7 @@ use RobThree\Auth\Providers\Qr\EndroidQrCodeWithLogoProvider;
$API_mfa = new API_mfa(); $API_mfa = new API_mfa();
if ($API_mfa->request_method === 'GET') { if ($API_mfa->request_method === 'POST') {
} elseif ($API_mfa->request_method === 'POST') {
# Set up a new MFA secret its posted from mfaSetup.php where it generated a secret # Set up a new MFA secret its posted from mfaSetup.php where it generated a secret
if (checkLoginAttempts() > 10) { if (checkLoginAttempts() > 10) {
@@ -49,8 +47,6 @@ if ($API_mfa->request_method === 'GET') {
$API_mfa->enableMFA(); $API_mfa->enableMFA();
} elseif ($API_mfa->request_method === 'PUT') {
} elseif ($API_mfa->request_method === 'DELETE') { } elseif ($API_mfa->request_method === 'DELETE') {
# Delete a mfa code for a user # Delete a mfa code for a user

View File

@@ -12,9 +12,7 @@ require_once $_SERVER['DOCUMENT_ROOT'] . '/api/classes/API_users.php';
$API_resetpassword = new API_resetpassword(); $API_resetpassword = new API_resetpassword();
if ($API_resetpassword->request_method === 'GET') { if ($API_resetpassword->request_method === 'POST') {
} elseif ($API_resetpassword->request_method === 'POST') {
# Reset a users password and send a mail to the user to set a new password # Reset a users password and send a mail to the user to set a new password
$API_resetpassword->checkPermissions('admin-access-admins-resetpassword', 'RW'); $API_resetpassword->checkPermissions('admin-access-admins-resetpassword', 'RW');
@@ -71,8 +69,4 @@ The Sentri gnomes
$mail->sendMail(); $mail->sendMail();
$API_resetpassword->apiOutput(200, ['success' => 'Password reset link sent successfully.']); $API_resetpassword->apiOutput(200, ['success' => 'Password reset link sent successfully.']);
} elseif ($API_resetpassword->request_method === 'PUT') {
} elseif ($API_resetpassword->request_method === 'DELETE') {
} }