A lot of code cleanup and code sanitation done.
This commit is contained in:
@@ -6,8 +6,8 @@ use JetBrains\PhpStorm\NoReturn;
|
||||
|
||||
class API
|
||||
{
|
||||
public $conn;
|
||||
public $pdo;
|
||||
public mixed $conn;
|
||||
public mixed $pdo;
|
||||
|
||||
# The user uuid that requested the API
|
||||
protected $user_uuid;
|
||||
@@ -21,7 +21,7 @@ class API
|
||||
protected $content_type;
|
||||
|
||||
# The original posted data to the API, this data is NOT sanitized and validated, never use this data for queries!
|
||||
public $postedData;
|
||||
public mixed $postedData;
|
||||
|
||||
# The validated and sanitized data can be uses for the API actions
|
||||
public $data;
|
||||
@@ -32,7 +32,7 @@ class API
|
||||
# The return url that the frontend request will forward to after the api call is done. if set to false it will only output
|
||||
# the json response with an http code. API calls always respond with json. $return_url can be set to supply the form with an input
|
||||
# with the name _return and value of the url to return to.
|
||||
public $return_url;
|
||||
public mixed $return_url;
|
||||
|
||||
# Used for the query builder base
|
||||
public $baseQuery = false;
|
||||
@@ -46,8 +46,8 @@ class API
|
||||
|
||||
public function __construct()
|
||||
{
|
||||
require_once $_SERVER['DOCUMENT_ROOT'] . '/bin/php/db_connect.php';
|
||||
include_once $_SERVER['DOCUMENT_ROOT'] . '/bin/php/Functions/globalFunctions.php';
|
||||
require_once "{$_SERVER['DOCUMENT_ROOT']}/bin/php/db_connect.php";
|
||||
require_once "{$_SERVER['DOCUMENT_ROOT']}/bin/php/Functions/globalFunctions.php";
|
||||
|
||||
# Setup Database connection
|
||||
$this->conn = $GLOBALS['conn'];
|
||||
@@ -100,7 +100,7 @@ class API
|
||||
|
||||
}
|
||||
|
||||
private function InitUserTypeFrontend()
|
||||
private function InitUserTypeFrontend(): void
|
||||
{
|
||||
$this->user_uuid = $_SESSION['user']['user_uuid'];
|
||||
$this->user_type = 'frontend';
|
||||
@@ -265,8 +265,11 @@ class API
|
||||
{
|
||||
switch ($rules['type']) {
|
||||
case 'string':
|
||||
case 'password':
|
||||
case 'html':
|
||||
if (!is_string($value)) return false;
|
||||
return $this->isValidLength($value, $rules);
|
||||
|
||||
case 'slugify':
|
||||
if (!is_string($value) || !preg_match('/^[a-z0-9]+(-[a-z0-9]+)*$/', $value)) return false;
|
||||
return $this->isValidLength($value, $rules);
|
||||
@@ -290,14 +293,6 @@ class API
|
||||
if (!filter_var($value, FILTER_VALIDATE_EMAIL)) return false;
|
||||
return $this->isValidLength($value, $rules);
|
||||
|
||||
case 'password':
|
||||
if (!is_string($value)) return false;
|
||||
return $this->isValidLength($value, $rules);
|
||||
|
||||
case 'html':
|
||||
if (!is_string($value)) return false;
|
||||
return $this->isValidLength($value, $rules);
|
||||
|
||||
case 'int':
|
||||
if (!is_int($value) && !ctype_digit($value)) return false;
|
||||
$value = (int)$value;
|
||||
|
||||
@@ -10,13 +10,13 @@ require_once 'API.php';
|
||||
class API_inserve extends API
|
||||
{
|
||||
|
||||
private $inserve_url;
|
||||
private string $inserve_url;
|
||||
|
||||
private $inserve_token;
|
||||
private string $inserve_token;
|
||||
|
||||
public $inserve_source_uuid;
|
||||
public string $inserve_source_uuid;
|
||||
|
||||
public $inserve_custom_data;
|
||||
public array $inserve_custom_data;
|
||||
|
||||
private $ch;
|
||||
|
||||
|
||||
@@ -8,7 +8,7 @@ use bin\php\Classes\mailBuilder;
|
||||
use JetBrains\PhpStorm\NoReturn;
|
||||
|
||||
require_once 'API.php';
|
||||
require_once $_SERVER['DOCUMENT_ROOT'] . '/bin/php/Classes/mailBuilder.php';
|
||||
require_once "{$_SERVER['DOCUMENT_ROOT']}/bin/php/Classes/mailBuilder.php";
|
||||
|
||||
class API_users extends API
|
||||
{
|
||||
|
||||
@@ -32,7 +32,7 @@ class API_usersavatar extends API
|
||||
user_profile_picture_thumbnail = ?
|
||||
WHERE user_uuid = ?";
|
||||
|
||||
$stmt = $stmt = $this->prepareStatement($query);
|
||||
$stmt = $this->prepareStatement($query);
|
||||
$stmt->bind_param("sss",
|
||||
$this->data['user_profile_picture'],
|
||||
$this->data['user_profile_picture_thumbnail'],
|
||||
|
||||
@@ -115,7 +115,7 @@ class imageProcessor
|
||||
return in_array($mime, ['image/png', 'image/webp']);
|
||||
}
|
||||
|
||||
private function setTransparentCanvas($image, $width, $height)
|
||||
private function setTransparentCanvas($image, $width, $height): void
|
||||
{
|
||||
// Enable alpha blending and preserve alpha channel
|
||||
imagealphablending($image, false);
|
||||
@@ -125,7 +125,6 @@ class imageProcessor
|
||||
$transparent = imagecolorallocatealpha($image, 0, 0, 0, 127);
|
||||
imagefilledrectangle($image, 0, 0, $width, $height, $transparent);
|
||||
|
||||
return $image;
|
||||
}
|
||||
|
||||
private function resizeToFitRestrictions($mime, $width, $height)
|
||||
|
||||
@@ -3,7 +3,7 @@
|
||||
use api\classes\API_devices;
|
||||
|
||||
session_start();
|
||||
require_once $_SERVER['DOCUMENT_ROOT'] . '/api/classes/API_devices.php';
|
||||
require_once "{$_SERVER['DOCUMENT_ROOT']}/api/classes/API_devices.php";
|
||||
|
||||
$API_devices = new API_devices();
|
||||
|
||||
|
||||
@@ -3,8 +3,8 @@
|
||||
use api\classes\API_devices;
|
||||
|
||||
session_start();
|
||||
require_once $_SERVER['DOCUMENT_ROOT'] . '/api/classes/API_devices.php';
|
||||
require_once $_SERVER['DOCUMENT_ROOT'] . '/api/classes/imageProcessor.php';
|
||||
require_once "{$_SERVER['DOCUMENT_ROOT']}/api/classes/API_devices.php";
|
||||
require_once "{$_SERVER['DOCUMENT_ROOT']}/api/classes/imageProcessor.php";
|
||||
|
||||
$API_devices = new API_devices();
|
||||
|
||||
|
||||
@@ -4,8 +4,8 @@ use api\classes\API_platforms;
|
||||
use api\classes\imageProcessor;
|
||||
|
||||
session_start();
|
||||
require_once $_SERVER['DOCUMENT_ROOT'] . '/api/classes/API_platforms.php';
|
||||
require_once $_SERVER['DOCUMENT_ROOT'] . '/api/classes/imageProcessor.php';
|
||||
require_once "{$_SERVER['DOCUMENT_ROOT']}/api/classes/API_platforms.php";
|
||||
require_once "{$_SERVER['DOCUMENT_ROOT']}/api/classes/imageProcessor.php";
|
||||
|
||||
$API_platforms = new API_platforms();
|
||||
|
||||
|
||||
4
pub/api/v1/autop/vendors/index.php
vendored
4
pub/api/v1/autop/vendors/index.php
vendored
@@ -4,8 +4,8 @@ use api\classes\API_vendors;
|
||||
use api\classes\imageProcessor;
|
||||
|
||||
session_start();
|
||||
require_once $_SERVER['DOCUMENT_ROOT'] . '/api/classes/API_vendors.php';
|
||||
require_once $_SERVER['DOCUMENT_ROOT'] . '/api/classes/imageProcessor.php';
|
||||
require_once "{$_SERVER['DOCUMENT_ROOT']}/api/classes/API_vendors.php";
|
||||
require_once "{$_SERVER['DOCUMENT_ROOT']}/api/classes/imageProcessor.php";
|
||||
|
||||
$API_vendors = new API_vendors();
|
||||
|
||||
|
||||
@@ -4,7 +4,7 @@ use api\classes\API_companies;
|
||||
|
||||
session_start();
|
||||
|
||||
require_once $_SERVER['DOCUMENT_ROOT'] . '/api/classes/API_companies.php';
|
||||
require_once "{$_SERVER['DOCUMENT_ROOT']}/api/classes/API_companies.php";
|
||||
|
||||
# Check permissions
|
||||
$API_companies = new API_companies();
|
||||
|
||||
@@ -4,8 +4,8 @@ use api\classes\API_permissions;
|
||||
use api\classes\API_usergroups;
|
||||
|
||||
session_start();
|
||||
require_once $_SERVER['DOCUMENT_ROOT'] . '/api/classes/API_permissions.php';
|
||||
require_once $_SERVER['DOCUMENT_ROOT'] . '/api/classes/API_usergroups.php';
|
||||
require_once "{$_SERVER['DOCUMENT_ROOT']}/api/classes/API_permissions.php";
|
||||
require_once "{$_SERVER['DOCUMENT_ROOT']}/api/classes/API_usergroups.php";
|
||||
|
||||
$API_permissions = new API_permissions();
|
||||
$API_usergroups = new API_usergroups();
|
||||
|
||||
@@ -4,8 +4,8 @@ use api\classes\API_mailsettings;
|
||||
use bin\php\Classes\mailBuilder;
|
||||
|
||||
session_start();
|
||||
require_once $_SERVER['DOCUMENT_ROOT'] . '/api/classes/API_mailsettings.php';
|
||||
require_once $_SERVER['DOCUMENT_ROOT'] . '/bin/php/Classes/mailBuilder.php';
|
||||
require_once "{$_SERVER['DOCUMENT_ROOT']}/api/classes/API_mailsettings.php";
|
||||
require_once "{$_SERVER['DOCUMENT_ROOT']}/bin/php/Classes/mailBuilder.php";
|
||||
|
||||
$API_mailsettings = new API_mailsettings();
|
||||
|
||||
|
||||
@@ -3,7 +3,7 @@
|
||||
use api\classes\API_system_modules;
|
||||
|
||||
session_start();
|
||||
require_once $_SERVER['DOCUMENT_ROOT'] . '/api/classes/API_system_modules.php';
|
||||
require_once "{$_SERVER['DOCUMENT_ROOT']}/api/classes/API_system_modules.php";
|
||||
|
||||
$API_system_modules = new API_system_modules();
|
||||
|
||||
|
||||
@@ -4,7 +4,7 @@ use api\classes\API_permissions;
|
||||
|
||||
session_start();
|
||||
|
||||
require_once $_SERVER['DOCUMENT_ROOT'] . '/api/classes/API_permissions.php';
|
||||
require_once "{$_SERVER['DOCUMENT_ROOT']}/api/classes/API_permissions.php";
|
||||
|
||||
$API_permissions = new API_permissions();
|
||||
|
||||
|
||||
@@ -3,7 +3,7 @@
|
||||
use api\classes\API_system_sources;
|
||||
|
||||
session_start();
|
||||
require_once $_SERVER['DOCUMENT_ROOT'] . '/api/classes/API_system_sources.php';
|
||||
require_once "{$_SERVER['DOCUMENT_ROOT']}/api/classes/API_system_sources.php";
|
||||
|
||||
$API_system_sources = new API_system_sources();
|
||||
|
||||
|
||||
@@ -3,7 +3,7 @@
|
||||
use api\classes\API_usergroups;
|
||||
|
||||
session_start();
|
||||
require_once $_SERVER['DOCUMENT_ROOT'] . '/api/classes/API_usergroups.php';
|
||||
require_once "{$_SERVER['DOCUMENT_ROOT']}/api/classes/API_usergroups.php";
|
||||
|
||||
|
||||
$API_usergroups = new API_usergroups();
|
||||
|
||||
@@ -3,7 +3,7 @@
|
||||
use api\classes\API_users;
|
||||
|
||||
session_start();
|
||||
require_once $_SERVER['DOCUMENT_ROOT'] . '/api/classes/API_users.php';
|
||||
require_once "{$_SERVER['DOCUMENT_ROOT']}/api/classes/API_users.php";
|
||||
|
||||
$API_users = new API_users();
|
||||
|
||||
|
||||
@@ -4,7 +4,7 @@ use api\classes\API_servers;
|
||||
|
||||
session_start();
|
||||
|
||||
require_once $_SERVER['DOCUMENT_ROOT'] . '/api/classes/API_servers.php';
|
||||
require_once "{$_SERVER['DOCUMENT_ROOT']}/api/classes/API_servers.php";
|
||||
|
||||
$API_servers = new API_servers();
|
||||
|
||||
|
||||
@@ -4,7 +4,7 @@ use api\classes\API_inserve;
|
||||
|
||||
session_start();
|
||||
|
||||
require_once $_SERVER['DOCUMENT_ROOT'] . '/api/classes/API_inserve.php';
|
||||
require_once "{$_SERVER['DOCUMENT_ROOT']}/api/classes/API_inserve.php";
|
||||
|
||||
$API_inserve = new API_inserve();
|
||||
$API_inserve->setupConnection();
|
||||
|
||||
@@ -4,7 +4,7 @@ use api\classes\API_inserve;
|
||||
|
||||
session_start();
|
||||
|
||||
require_once $_SERVER['DOCUMENT_ROOT'] . '/api/classes/API_inserve.php';
|
||||
require_once "{$_SERVER['DOCUMENT_ROOT']}/api/classes/API_inserve.php";
|
||||
|
||||
|
||||
$API_inserve = new API_inserve();
|
||||
|
||||
@@ -4,7 +4,7 @@ use api\classes\API_inserve;
|
||||
|
||||
session_start();
|
||||
|
||||
require_once $_SERVER['DOCUMENT_ROOT'] . '/api/classes/API_inserve.php';
|
||||
require_once "{$_SERVER['DOCUMENT_ROOT']}/api/classes/API_inserve.php";
|
||||
|
||||
$API_inserve = new API_inserve();
|
||||
$API_inserve->setupConnection();
|
||||
@@ -20,7 +20,7 @@ if ($API_inserve->request_method === 'POST' || $API_inserve->request_method ===
|
||||
do {
|
||||
$result = $API_inserve->companies($page);
|
||||
|
||||
if (!isset($result['data']) || empty($result['data'])) {
|
||||
if (empty($result['data'])) {
|
||||
break;
|
||||
}
|
||||
|
||||
|
||||
@@ -4,7 +4,7 @@ use api\classes\API_inserve;
|
||||
|
||||
session_start();
|
||||
|
||||
require_once $_SERVER['DOCUMENT_ROOT'] . '/api/classes/API_inserve.php';
|
||||
require_once "{$_SERVER['DOCUMENT_ROOT']}/api/classes/API_inserve.php";
|
||||
|
||||
|
||||
$API_inserve = new API_inserve();
|
||||
|
||||
@@ -4,7 +4,7 @@ use api\classes\API_inserve;
|
||||
|
||||
session_start();
|
||||
|
||||
require_once $_SERVER['DOCUMENT_ROOT'] . '/api/classes/API_inserve.php';
|
||||
require_once "{$_SERVER['DOCUMENT_ROOT']}/api/classes/API_inserve.php";
|
||||
|
||||
|
||||
$API_inserve = new API_inserve();
|
||||
|
||||
@@ -5,7 +5,7 @@ use api\classes\API_users;
|
||||
|
||||
|
||||
session_start();
|
||||
require_once $_SERVER['DOCUMENT_ROOT'] . '/api/classes/API_apitoken.php';
|
||||
require_once "{$_SERVER['DOCUMENT_ROOT']}/api/classes/API_apitoken.php";
|
||||
|
||||
$API_apitoken = new API_apitoken();
|
||||
|
||||
|
||||
@@ -4,8 +4,8 @@
|
||||
use api\classes\API_usersavatar;
|
||||
|
||||
session_start();
|
||||
require_once $_SERVER['DOCUMENT_ROOT'] . '/api/classes/API_usersavatar.php';
|
||||
require_once $_SERVER['DOCUMENT_ROOT'] . '/api/classes/imageProcessor.php';
|
||||
require_once "{$_SERVER['DOCUMENT_ROOT']}/api/classes/API_usersavatar.php";
|
||||
require_once "{$_SERVER['DOCUMENT_ROOT']}/api/classes/imageProcessor.php";
|
||||
|
||||
$API_usersavatar = new API_usersavatar();
|
||||
|
||||
|
||||
@@ -1,8 +1,8 @@
|
||||
<?php
|
||||
session_start();
|
||||
require_once $_SERVER['DOCUMENT_ROOT'] . '/api/classes/API_mfa.php';
|
||||
require $_SERVER['DOCUMENT_ROOT'] . '/../vendor/autoload.php';
|
||||
include_once $_SERVER['DOCUMENT_ROOT'] . '/login/php/authFunctions.php';
|
||||
require_once "{$_SERVER['DOCUMENT_ROOT']}'/api/classes/API_mfa.php";
|
||||
require_once "{$_SERVER['DOCUMENT_ROOT']}/../vendor/autoload.php";
|
||||
require_once "{$_SERVER['DOCUMENT_ROOT']}/login/php/authFunctions.php";
|
||||
|
||||
|
||||
use api\classes\API_mfa;
|
||||
|
||||
@@ -5,9 +5,9 @@ use api\classes\API_users;
|
||||
use bin\php\Classes\mailBuilder;
|
||||
|
||||
session_start();
|
||||
require_once $_SERVER['DOCUMENT_ROOT'] . '/api/classes/API_resetpassword.php';
|
||||
require_once $_SERVER['DOCUMENT_ROOT'] . '/bin/php/Classes/mailBuilder.php';
|
||||
require_once $_SERVER['DOCUMENT_ROOT'] . '/api/classes/API_users.php';
|
||||
require_once "{$_SERVER['DOCUMENT_ROOT']}/api/classes/API_resetpassword.php";
|
||||
require_once "{$_SERVER['DOCUMENT_ROOT']}/bin/php/Classes/mailBuilder.php";
|
||||
require_once "{$_SERVER['DOCUMENT_ROOT']}/api/classes/API_users.php";
|
||||
|
||||
|
||||
$API_resetpassword = new API_resetpassword();
|
||||
|
||||
Reference in New Issue
Block a user