Maurits van der Schee преди 9 години
родител
ревизия
9e070ff0ca
променени са 4 файла, в които са добавени 81 реда и са изтрити 81 реда
  1. 4
    4
      .htaccess
  2. 58
    0
      list.php
  3. 19
    30
      read.php
  4. 0
    47
      read_key.php

+ 4
- 4
.htaccess Целия файл

@@ -3,11 +3,11 @@ RewriteBase /api/
3 3
 
4 4
 RewriteCond %{REQUEST_METHOD} GET
5 5
 RewriteCond %{REQUEST_FILENAME} !-f
6
-RewriteRule ^(.*)/(.*)$ read_key.php?table=$1&key=$2 [L,QSA]
6
+RewriteRule ^(.*)/(.*)$ read.php?table=$1&key=$2 [L,QSA]
7 7
 
8 8
 RewriteCond %{REQUEST_METHOD} GET
9 9
 RewriteCond %{REQUEST_FILENAME} !-f
10
-RewriteRule ^(.*)$ read.php?table=$1 [L,QSA]
10
+RewriteRule ^(.*)$ list.php?table=$1 [L,QSA]
11 11
 
12 12
 RewriteCond %{REQUEST_METHOD} POST
13 13
 RewriteCond %{REQUEST_FILENAME} !-f
@@ -15,8 +15,8 @@ RewriteRule ^(.*)$ create.php?table=$1 [L,QSA]
15 15
 
16 16
 RewriteCond %{REQUEST_METHOD} PUT
17 17
 RewriteCond %{REQUEST_FILENAME} !-f
18
-RewriteRule ^(.*)/(.*)$ update_key.php?table=$1&key=$2 [L,QSA]
18
+RewriteRule ^(.*)/(.*)$ update.php?table=$1&key=$2 [L,QSA]
19 19
 
20 20
 RewriteCond %{REQUEST_METHOD} DELETE
21 21
 RewriteCond %{REQUEST_FILENAME} !-f
22
-RewriteRule ^(.*)/(.*)$ delete_key.php?table=$1&key=$2 [L,QSA]
22
+RewriteRule ^(.*)/(.*)$ delete.php?table=$1&key=$2 [L,QSA]

+ 58
- 0
list.php Целия файл

@@ -0,0 +1,58 @@
1
+<?php
2
+include "config.php";
3
+
4
+$table = str_replace('*','%',preg_replace('/[^a-zA-Z0-9\-_*,]/','',isset($_GET["table"])?$_GET["table"]:'*'));
5
+$callback = preg_replace('/[^a-zA-Z0-9\-_]/','',isset($_GET["callback"])?$_GET["callback"]:false);
6
+
7
+$mysqli = new mysqli($config["hostname"], $config["username"], $config["password"], $config["database"]);
8
+
9
+if ($mysqli->connect_errno) die('Connect failed: '.$mysqli->connect_error);
10
+
11
+$tablelist = explode(',',$table);
12
+$tables = array();
13
+
14
+foreach ($tablelist as $table) {
15
+    if ($result = $mysqli->query("SELECT `TABLE_NAME` FROM `INFORMATION_SCHEMA`.`TABLES` WHERE `TABLE_NAME` LIKE '$table' AND `TABLE_SCHEMA` = '$config[database]'")) {
16
+        while ($row = $result->fetch_row()) $tables[] = $row[0];
17
+        $result->close();
18
+    }
19
+}
20
+
21
+if ($config["read_whitelist"]) $tables = array_intersect($tables, $config["read_whitelist"]);
22
+if ($config["read_blacklist"]) $tables = array_diff($tables, $config["read_blacklist"]);
23
+
24
+if (empty($tables)) {
25
+    die(header("Content-Type:",true,404));
26
+} if ($callback) {
27
+    header("Content-Type: application/javascript");
28
+    echo $callback.'(';
29
+} else {
30
+    header("Content-Type: application/json");
31
+}
32
+
33
+echo '{';
34
+$first_table = true;
35
+foreach ($tables as $table) {
36
+    if ($first_table) $first_table = false;
37
+    else echo ',';
38
+    echo '"'.$table.'":{"columns":';
39
+    if ($result = $mysqli->query("SELECT * FROM `$table`")) {
40
+        $fields = array();
41
+        foreach ($result->fetch_fields() as $field) $fields[] = $field->name;
42
+        echo json_encode($fields);
43
+        echo ',"records":[';
44
+        $first_row = true;
45
+        while ($row = $result->fetch_row()) {
46
+            if ($first_row) $first_row = false;
47
+            else echo ',';
48
+            echo json_encode($row);
49
+        }
50
+        $result->close();
51
+    }
52
+    echo ']}';
53
+}
54
+echo '}';
55
+
56
+if ($callback) {
57
+    echo ');';
58
+}

+ 19
- 30
read.php Целия файл

@@ -1,27 +1,32 @@
1 1
 <?php
2 2
 include "config.php";
3 3
 
4
-$table = str_replace('*','%',preg_replace('/[^a-zA-Z0-9\-_*,]/','',isset($_GET["table"])?$_GET["table"]:'*'));
4
+$key = preg_replace('/[^a-zA-Z0-9\-_]/','',isset($_GET["key"])?$_GET["key"]:false);
5
+$table = preg_replace('/[^a-zA-Z0-9\-_]/','',isset($_GET["table"])?$_GET["table"]:false);
5 6
 $callback = preg_replace('/[^a-zA-Z0-9\-_]/','',isset($_GET["callback"])?$_GET["callback"]:false);
6 7
 
7 8
 $mysqli = new mysqli($config["hostname"], $config["username"], $config["password"], $config["database"]);
8 9
 
9 10
 if ($mysqli->connect_errno) die('Connect failed: '.$mysqli->connect_error);
10 11
 
11
-$tablelist = explode(',',$table);
12 12
 $tables = array();
13 13
 
14
-foreach ($tablelist as $table) {
15
-    if ($result = $mysqli->query("SELECT `TABLE_NAME` FROM `INFORMATION_SCHEMA`.`TABLES` WHERE `TABLE_NAME` LIKE '$table' AND `TABLE_SCHEMA` = '$config[database]'")) {
16
-        while ($row = $result->fetch_row()) $tables[] = $row[0];
17
-        $result->close();
18
-    }
14
+if ($result = $mysqli->query("SELECT `TABLE_NAME` FROM `INFORMATION_SCHEMA`.`TABLES` WHERE `TABLE_NAME` = '$table' AND `TABLE_SCHEMA` = '$config[database]'")) {
15
+    while ($row = $result->fetch_row()) $tables[] = $row[0];
16
+    $result->close();
17
+}
18
+
19
+$keys = array();
20
+
21
+if ($result = $mysqli->query("SELECT `COLUMN_NAME` FROM `INFORMATION_SCHEMA`.`COLUMNS` WHERE `COLUMN_KEY` = 'PRI' AND `TABLE_NAME` = '$table' AND `TABLE_SCHEMA` = '$config[database]'")) {
22
+	while ($row = $result->fetch_row()) $keys[] = $row[0];
23
+	$result->close();
19 24
 }
20 25
 
21 26
 if ($config["read_whitelist"]) $tables = array_intersect($tables, $config["read_whitelist"]);
22 27
 if ($config["read_blacklist"]) $tables = array_diff($tables, $config["read_blacklist"]);
23 28
 
24
-if (empty($tables)) {
29
+if (empty($tables) || empty($keys)) {
25 30
     die(header("Content-Type:",true,404));
26 31
 } if ($callback) {
27 32
     header("Content-Type: application/javascript");
@@ -30,29 +35,13 @@ if (empty($tables)) {
30 35
     header("Content-Type: application/json");
31 36
 }
32 37
 
33
-echo '{';
34
-$first_table = true;
35
-foreach ($tables as $table) {
36
-    if ($first_table) $first_table = false;
37
-    else echo ',';
38
-    echo '"'.$table.'":{"columns":';
39
-    if ($result = $mysqli->query("SELECT * FROM `$table`")) {
40
-        $fields = array();
41
-        foreach ($result->fetch_fields() as $field) $fields[] = $field->name;
42
-        echo json_encode($fields);
43
-        echo ',"records":[';
44
-        $first_row = true;
45
-        while ($row = $result->fetch_row()) {
46
-            if ($first_row) $first_row = false;
47
-            else echo ',';
48
-            echo json_encode($row);
49
-        }
50
-        $result->close();
51
-    }
52
-    echo ']}';
38
+if ($result = $mysqli->query("SELECT * FROM `$tables[0]` WHERE `$keys[0]` = '$key'")) {
39
+	$value = $result->fetch_assoc();
40
+    if ($value) echo json_encode($value);
41
+    else die(header("Content-Type:",true,404));
42
+    $result->close();
53 43
 }
54
-echo '}';
55 44
 
56 45
 if ($callback) {
57 46
     echo ');';
58
-}
47
+}

+ 0
- 47
read_key.php Целия файл

@@ -1,47 +0,0 @@
1
-<?php
2
-include "config.php";
3
-
4
-$key = preg_replace('/[^a-zA-Z0-9\-_]/','',isset($_GET["key"])?$_GET["key"]:false);
5
-$table = preg_replace('/[^a-zA-Z0-9\-_]/','',isset($_GET["table"])?$_GET["table"]:false);
6
-$callback = preg_replace('/[^a-zA-Z0-9\-_]/','',isset($_GET["callback"])?$_GET["callback"]:false);
7
-
8
-$mysqli = new mysqli($config["hostname"], $config["username"], $config["password"], $config["database"]);
9
-
10
-if ($mysqli->connect_errno) die('Connect failed: '.$mysqli->connect_error);
11
-
12
-$tables = array();
13
-
14
-if ($result = $mysqli->query("SELECT `TABLE_NAME` FROM `INFORMATION_SCHEMA`.`TABLES` WHERE `TABLE_NAME` = '$table' AND `TABLE_SCHEMA` = '$config[database]'")) {
15
-    while ($row = $result->fetch_row()) $tables[] = $row[0];
16
-    $result->close();
17
-}
18
-
19
-$keys = array();
20
-
21
-if ($result = $mysqli->query("SELECT `COLUMN_NAME` FROM `INFORMATION_SCHEMA`.`COLUMNS` WHERE `COLUMN_KEY` = 'PRI' AND `TABLE_NAME` = '$table' AND `TABLE_SCHEMA` = '$config[database]'")) {
22
-	while ($row = $result->fetch_row()) $keys[] = $row[0];
23
-	$result->close();
24
-}
25
-
26
-if ($config["read_whitelist"]) $tables = array_intersect($tables, $config["read_whitelist"]);
27
-if ($config["read_blacklist"]) $tables = array_diff($tables, $config["read_blacklist"]);
28
-
29
-if (empty($tables) || empty($keys)) {
30
-    die(header("Content-Type:",true,404));
31
-} if ($callback) {
32
-    header("Content-Type: application/javascript");
33
-    echo $callback.'(';
34
-} else {
35
-    header("Content-Type: application/json");
36
-}
37
-
38
-if ($result = $mysqli->query("SELECT * FROM `$tables[0]` WHERE `$keys[0]` = '$key'")) {
39
-	$value = $result->fetch_assoc();
40
-    if ($value) echo json_encode($value);
41
-    else die(header("Content-Type:",true,404));
42
-    $result->close();
43
-}
44
-
45
-if ($callback) {
46
-    echo ');';
47
-}

Loading…
Отказ
Запис