Typos in API code fixed
This commit is contained in:
@@ -11,7 +11,7 @@ if ($API_devices->request_method === 'POST') {
|
||||
|
||||
$API_devices->checkPermissions('admin-devices-files', 'RW');
|
||||
|
||||
# when called from the frontend will not be forwarding to a url since when its called from the frontend it doesnt need a redirection
|
||||
# when called from the frontend will not be forwarding to a url since when it's called from the frontend it doesn't need a redirection
|
||||
$API_devices->return_url = false;
|
||||
|
||||
$device_slugify = isset($_POST['device_slugify']) ? preg_replace('/[^a-zA-Z0-9_-]/', '_', $_POST['device_slugify']) : '';
|
||||
@@ -61,7 +61,7 @@ if ($API_devices->request_method === 'POST') {
|
||||
|
||||
if (move_uploaded_file($_FILES['file']['tmp_name'], $destination)) {
|
||||
chmod($destination, 0644); // Set safe permissions
|
||||
$API_devices->apiOutput(200, ['success' => 'File uploaded succcessfully']);
|
||||
$API_devices->apiOutput(200, ['success' => 'File uploaded successfully']);
|
||||
} else {
|
||||
$API_devices->apiOutput(500, ['error' => 'Failed to move uploaded file']);
|
||||
}
|
||||
@@ -70,7 +70,7 @@ if ($API_devices->request_method === 'POST') {
|
||||
|
||||
$API_devices->checkPermissions('admin-devices-files', 'RW');
|
||||
|
||||
# when called from the frontend will not be forwarding to a url since when its called from the frontend it doesnt need a redirection
|
||||
# when called from the frontend will not be forwarding to a url since when it's called from the frontend it doesn't need a redirection
|
||||
$API_devices->return_url = false;
|
||||
|
||||
$relativePath = $_POST['file_name'] ?? '';
|
||||
|
||||
@@ -16,7 +16,7 @@ if ($API_devices->request_method === 'GET') {
|
||||
|
||||
} elseif ($API_devices->request_method === 'POST') {
|
||||
|
||||
# create an new device
|
||||
# create a new device
|
||||
|
||||
$API_devices->checkPermissions('admin-devices', 'RW');
|
||||
|
||||
@@ -106,7 +106,7 @@ if ($API_devices->request_method === 'GET') {
|
||||
|
||||
$API_devices->checkPermissions('admin-devices', 'RW');
|
||||
|
||||
# when called from the frontend will not be forwarding to a url since when its called from the frontend it doesnt need a redirection
|
||||
# when called from the frontend will not be forwarding to a url since when it's called from the frontend it doesn't need a redirection
|
||||
$API_devices->return_url = false;
|
||||
|
||||
$requiredFields = ['device_uuid' => ['type' => 'uuid']];
|
||||
|
||||
@@ -17,7 +17,7 @@ if (!$GLOBALS['modules_enabled']['customers']) {
|
||||
if ($API_companies->request_method === 'PUT') {
|
||||
$API_companies->checkPermissions('customer-companies', 'RW');
|
||||
|
||||
# when called from the frontend will not be forwarding to a url since when its called from the frontend it doesnt need a redirection
|
||||
# when called from the frontend will not be forwarding to a url since when it's called from the frontend it doesn't need a redirection
|
||||
$API_companies->return_url = false;
|
||||
|
||||
$requiredFields = [
|
||||
|
||||
@@ -4,7 +4,7 @@ use api\classes\API_office_stompjes;
|
||||
|
||||
session_start();
|
||||
|
||||
require_once $_SERVER['DOCUMENT_ROOT'] . '/api/classes/API_office_stompjes.php';
|
||||
require_once "{$_SERVER['DOCUMENT_ROOT']}/api/classes/API_office_stompjes.php";
|
||||
|
||||
$API_office_stompjes = new API_office_stompjes();
|
||||
|
||||
@@ -30,15 +30,16 @@ if ($API_office_stompjes->request_method === 'GET') {
|
||||
|
||||
$API_office_stompjes->validateData($requiredFields);
|
||||
|
||||
$modules = $API_office_stompjes->addStomp();
|
||||
$API_office_stompjes->addStomp();
|
||||
|
||||
$API_office_stompjes->apiOutput($code = 200, ['success' => 'stomp added successfully.']);
|
||||
|
||||
} elseif ($API_office_stompjes->request_method === 'DELETE') {
|
||||
|
||||
# Only superuser can delete permission due to fact that the backend needs programming when setting a permission
|
||||
$API_office_stompjes->checkPermissions('office-stompjes', 'RW');
|
||||
|
||||
# when called from the frontend will not be forwarding to a url since when its called from the frontend it doesnt need a redirection
|
||||
# when called from the frontend will not be forwarding to a url since when it's called from the frontend it doesn't need a redirection
|
||||
$API_office_stompjes->return_url = false;
|
||||
|
||||
$requiredFields = ['stomp_uuid' => ['type' => 'uuid']];
|
||||
|
||||
@@ -18,7 +18,7 @@ if ($API_permissions->request_method === 'GET') {
|
||||
$API_permissions->apiOutput($code = 200, ['success' => $permissions]);
|
||||
|
||||
} elseif ($API_permissions->request_method === 'PUT') {
|
||||
# when called from the frontend will not be forwarding to a url since when its called from the frontend it doesnt need a redirection
|
||||
# when called from the frontend will not be forwarding to a url since when it's called from the frontend it doesn't need a redirection
|
||||
$API_permissions->return_url = false;
|
||||
|
||||
$API_permissions->checkPermissions('admin-access-control-permissions', 'RW');
|
||||
|
||||
@@ -61,7 +61,7 @@ if ($API_permissions->request_method === 'GET') {
|
||||
$API_permissions->apiOutput(401, ['error' => 'You are not authorized to access this resource.']);
|
||||
}
|
||||
|
||||
# when called from the frontend will not be forwarding to a url since when its called from the frontend it doesnt need a redirection
|
||||
# when called from the frontend will not be forwarding to a url since when it's called from the frontend it doesn't need a redirection
|
||||
$API_permissions->return_url = false;
|
||||
|
||||
$requiredFields = ['permission_uuid' => ['type' => 'uuid']];
|
||||
|
||||
@@ -65,7 +65,7 @@ if ($API_apitoken->request_method === 'GET') {
|
||||
|
||||
} elseif ($API_apitoken->request_method === 'DELETE') {
|
||||
|
||||
# Deletes an API token, requies DELETE with 'api_token_uuid' first retrieve the uuid of the user with getToken then check
|
||||
# Deletes an API token, requires DELETE with 'api_token_uuid' first retrieve the uuid of the user with getToken then check
|
||||
# if the user is another user or itself
|
||||
|
||||
# This api call, when called from the frontend will not be forwarding to a url.
|
||||
|
||||
@@ -12,7 +12,7 @@ $API_usersavatar = new API_usersavatar();
|
||||
if ($API_usersavatar->request_method === 'GET') {
|
||||
|
||||
} elseif ($API_usersavatar->request_method === 'POST') {
|
||||
# Reset a users password and send a email to the user to set a new password
|
||||
# Reset a users password and send an email the user to set a new password
|
||||
|
||||
$API_usersavatar->postedData['user_profile_picture'] = $API_usersavatar->createUserImage(['min_width' => 500, 'max_width' => 1000, 'min_height' => 500, 'max_height' => 1000, 'square' => true, 'allowed_types' => ['image/png'], 'max_size_kb' => 1024, 'transparent' => true]);
|
||||
$API_usersavatar->postedData['user_profile_picture_thumbnail'] = $API_usersavatar->createUserImage(['min_width' => 64, 'max_width' => 64, 'min_height' => 64, 'max_height' => 64, 'square' => true, 'allowed_types' => ['image/png'], 'max_size_kb' => 1024, 'transparent' => true]);
|
||||
|
||||
@@ -14,7 +14,7 @@ $API_mfa = new API_mfa();
|
||||
if ($API_mfa->request_method === 'GET') {
|
||||
|
||||
} elseif ($API_mfa->request_method === 'POST') {
|
||||
# Setup a new MFA secret its posted from mfaSetup.php where it generated a secret
|
||||
# Set up a new MFA secret its posted from mfaSetup.php where it generated a secret
|
||||
|
||||
if (checkLoginAttempts() > 10) {
|
||||
echo 'too many attempts, please try again later.';
|
||||
@@ -30,7 +30,7 @@ if ($API_mfa->request_method === 'GET') {
|
||||
|
||||
$API_mfa->postedData['user_uuid'] = $_SESSION['user']['user_uuid'];
|
||||
$API_mfa->postedData['user_two_factor_secret'] = $_SESSION['mfasetup']['secret'];
|
||||
$API_mfa->postedData['verificationCode'] = linkVerificationPosts(); # The code is entered in six loose posts this wil link it togheter
|
||||
$API_mfa->postedData['verificationCode'] = linkVerificationPosts(); # The code is entered in six loose posts this wil link it together
|
||||
|
||||
$requiredFields = [
|
||||
'user_uuid' => ['type' => 'uuid'],
|
||||
|
||||
@@ -15,16 +15,16 @@ $API_resetpassword = new API_resetpassword();
|
||||
if ($API_resetpassword->request_method === 'GET') {
|
||||
|
||||
} elseif ($API_resetpassword->request_method === 'POST') {
|
||||
# Reset a users password and send a email to the user to set a new password
|
||||
# Reset a users password and send a mail to the user to set a new password
|
||||
|
||||
$API_resetpassword->checkPermissions('admin-access-admins-resetpassword', 'RW');
|
||||
|
||||
# The user will need to verify their email, the password field cannot be NULL so set an random password for now till the user resets it on when verifing there email
|
||||
# The user will need to verify their email, the password field cannot be NULL so set a random password for now till the user resets it on when verifying there email
|
||||
$random_string = substr(str_shuffle(str_repeat('abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ01', 64)), 0, rand(50, 64));
|
||||
$user_password = password_hash($random_string, PASSWORD_BCRYPT, ["cost" => 12]);
|
||||
$API_resetpassword->postedData['user_password'] = $user_password;
|
||||
|
||||
# Password reset token that will be send to the user
|
||||
# Password reset token that will be sent to the user
|
||||
$API_resetpassword->postedData['user_password_reset_token'] = bin2hex(random_bytes(32));
|
||||
$API_resetpassword->postedData['user_password_reset_expires'] = time() + 86400;
|
||||
|
||||
|
||||
Reference in New Issue
Block a user