nas
/
todo_api
Observar 2
Favorito 1
Fork 0
Código Issues 1 Pull requests 0 Versões 0 Wiki Atividade
api de gestion de ticket, basé sur php-crud-api. Le but est de décorrélé les outils de gestion des données, afin
Você não pode selecionar mais de 25 tópicos Os tópicos devem começar com uma letra ou um número, podem incluir traços ('-') e podem ter até 35 caracteres.
181 Commits
1 Branch
Tag: 15ecfea8cd
Branches Tags
${ item.name }
Criar branch ${ searchTerm }
de 15ecfea8cd
${ noResults }
todo_api/api.php

api.php 23KB
Histórico Original

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682683684685686687688689690691692693694695696697698699700701702703704705706707708709710711712713714715716717718719720721722723724725726727728729730731732733734735736737738739740741742743744745746747748749750751752753754755756757758759760761 
  1. <?php

  2. 

  3. class MySQL_CRUD_API extends REST_CRUD_API {

  4. 

  5. 	protected $queries = array(

  6. 		'reflect_table'=>'SELECT "TABLE_NAME" FROM "INFORMATION_SCHEMA"."TABLES" WHERE "TABLE_NAME" LIKE ? AND "TABLE_SCHEMA" = ?',

  7. 		'reflect_pk'=>'SELECT "COLUMN_NAME" FROM "INFORMATION_SCHEMA"."COLUMNS" WHERE "COLUMN_KEY" = \'PRI\' AND "TABLE_NAME" = ? AND "TABLE_SCHEMA" = ?',

  8. 		'reflect_belongs_to'=>'SELECT

  9. 				"TABLE_NAME","COLUMN_NAME",

  10. 				"REFERENCED_TABLE_NAME","REFERENCED_COLUMN_NAME"

  11. 			FROM

  12. 				"INFORMATION_SCHEMA"."KEY_COLUMN_USAGE"

  13. 			WHERE

  14. 				"TABLE_NAME" = ? AND

  15. 				"REFERENCED_TABLE_NAME" IN ? AND

  16. 				"TABLE_SCHEMA" = ? AND

  17. 				"REFERENCED_TABLE_SCHEMA" = ?',

  18. 		'reflect_has_many'=>'SELECT

  19. 				"TABLE_NAME","COLUMN_NAME",

  20. 				"REFERENCED_TABLE_NAME","REFERENCED_COLUMN_NAME"

  21. 			FROM

  22. 				"INFORMATION_SCHEMA"."KEY_COLUMN_USAGE"

  23. 			WHERE

  24. 				"TABLE_NAME" IN ? AND

  25. 				"REFERENCED_TABLE_NAME" = ? AND

  26. 				"TABLE_SCHEMA" = ? AND

  27. 				"REFERENCED_TABLE_SCHEMA" = ?',

  28. 		'reflect_habtm'=>'SELECT

  29. 				k1."TABLE_NAME", k1."COLUMN_NAME",

  30. 				k1."REFERENCED_TABLE_NAME", k1."REFERENCED_COLUMN_NAME",

  31. 				k2."TABLE_NAME", k2."COLUMN_NAME",

  32. 				k2."REFERENCED_TABLE_NAME", k2."REFERENCED_COLUMN_NAME"

  33. 			FROM

  34. 				"INFORMATION_SCHEMA"."KEY_COLUMN_USAGE" k1, "INFORMATION_SCHEMA"."KEY_COLUMN_USAGE" k2

  35. 			WHERE

  36. 				k1."TABLE_SCHEMA" = ? AND

  37. 				k2."TABLE_SCHEMA" = ? AND

  38. 				k1."REFERENCED_TABLE_SCHEMA" = ? AND

  39. 				k2."REFERENCED_TABLE_SCHEMA" = ? AND

  40. 				k1."TABLE_NAME" = k2."TABLE_NAME" AND

  41. 				k1."REFERENCED_TABLE_NAME" = ? AND

  42. 				k2."REFERENCED_TABLE_NAME" IN ?'

  43. 	);

  44. 	

  45. 	protected function connectDatabase($hostname,$username,$password,$database,$port,$socket,$charset) {

  46. 		$db = mysqli_connect($hostname,$username,$password,$database,$port,$socket);

  47. 		if (mysqli_connect_errno()) {

  48. 			throw new \Exception('Connect failed. '.mysqli_connect_error());

  49. 		}

  50. 		if (!mysqli_set_charset($db,$charset)) {

  51. 			throw new \Exception('Error setting charset. '.mysqli_error($db));

  52. 		}

  53. 		if (!mysqli_query($db,'SET SESSION sql_mode = \'ANSI_QUOTES\';')) {

  54. 			throw new \Exception('Error setting ANSI quotes. '.mysqli_error($db));

  55. 		}

  56. 		return $db;

  57. 	}

  58. 	

  59. 	protected function query($db,$sql,$params) {

  60. 		$sql = preg_replace_callback('/\!|\?/', function ($matches) use (&$db,&$params) {

  61. 			$param = array_shift($params);

  62. 			if ($matches[0]=='!') return preg_replace('/[^a-zA-Z0-9\-_=<>]/','',$param);

  63. 			if (is_array($param)) return '('.implode(',',array_map(function($v) use (&$db) {

  64. 				return "'".mysqli_real_escape_string($db,$v)."'";

  65. 			},$param)).')';

  66. 			return "'".mysqli_real_escape_string($db,$param)."'";

  67. 		}, $sql);

  68. 		//echo "\n$sql\n";

  69. 		return mysqli_query($db,$sql);

  70. 	}

  71. 	

  72. 	protected function fetch_assoc($result) {

  73. 		return mysqli_fetch_assoc($result);

  74. 	}

  75. 	

  76. 	protected function fetch_row($result) {

  77. 		return mysqli_fetch_row($result);

  78. 	}

  79. 

  80. 	protected function insert_id($db,$result) {

  81. 		return mysqli_insert_id($db);

  82. 	}

  83. 		

  84. 	protected function affected_rows($db,$result) {

  85. 		return mysqli_affected_rows($db);

  86. 	}

  87. 	

  88. 	protected function close($result) {

  89. 		return mysqli_free_result($result);

  90. 	}

  91. 	

  92. 	protected function fetch_fields($result) {

  93. 		return mysqli_fetch_fields($result);

  94. 	}

  95. 	

  96. 	protected function add_limit_to_sql($sql,$limit,$offset) {

  97. 		return "$sql LIMIT $limit OFFSET $offset";

  98. 	}

  99. 	

  100. 	protected function is_binary_type($field) {

  101. 		//echo "$field->name: $field->type ($field->flags)\n";

  102. 		return ($field->flags & 128);

  103. 	}

  104. 

  105. }

  106. 

  107. class SQLSRV_CRUD_API extends REST_CRUD_API {

  108. 

  109. 	protected $queries = array(

  110. 		'reflect_table'=>'SELECT "TABLE_NAME" FROM "INFORMATION_SCHEMA"."TABLES" WHERE "TABLE_NAME" LIKE ? AND "TABLE_CATALOG" = ?',

  111. 		'reflect_pk'=>'SELECT "COLUMN_NAME" FROM "INFORMATION_SCHEMA"."COLUMNS" WHERE "COLUMN_KEY" = \'PRI\' AND "TABLE_NAME" = ? AND "TABLE_CATALOG" = ?',

  112. 		'reflect_belongs_to'=>'SELECT

  113. 				"TABLE_NAME","COLUMN_NAME",

  114. 				"REFERENCED_TABLE_NAME","REFERENCED_COLUMN_NAME"

  115. 			FROM

  116. 				"INFORMATION_SCHEMA"."KEY_COLUMN_USAGE"

  117. 			WHERE

  118. 				"TABLE_NAME" = ? AND

  119. 				"REFERENCED_TABLE_NAME" IN ? AND

  120. 				"TABLE_CATALOG" = ? AND

  121. 				"REFERENCED_TABLE_CATALOG" = ?',

  122. 		'reflect_has_many'=>'SELECT

  123. 				"TABLE_NAME","COLUMN_NAME",

  124. 				"REFERENCED_TABLE_NAME","REFERENCED_COLUMN_NAME"

  125. 			FROM

  126. 				"INFORMATION_SCHEMA"."KEY_COLUMN_USAGE"

  127. 			WHERE

  128. 				"TABLE_NAME" IN ? AND

  129. 				"REFERENCED_TABLE_NAME" = ? AND

  130. 				"TABLE_CATALOG" = ? AND

  131. 				"REFERENCED_TABLE_CATALOG" = ?',

  132. 		'reflect_habtm'=>'SELECT

  133. 				k1."TABLE_NAME", k1."COLUMN_NAME",

  134. 				k1."REFERENCED_TABLE_NAME", k1."REFERENCED_COLUMN_NAME",

  135. 				k2."TABLE_NAME", k2."COLUMN_NAME",

  136. 				k2."REFERENCED_TABLE_NAME", k2."REFERENCED_COLUMN_NAME"

  137. 			FROM

  138. 				"INFORMATION_SCHEMA"."KEY_COLUMN_USAGE" k1, "INFORMATION_SCHEMA"."KEY_COLUMN_USAGE" k2

  139. 			WHERE

  140. 				k1."TABLE_CATALOG" = ? AND

  141. 				k2."TABLE_CATALOG" = ? AND

  142. 				k1."REFERENCED_TABLE_CATALOG" = ? AND

  143. 				k2."REFERENCED_TABLE_CATALOG" = ? AND

  144. 				k1."TABLE_NAME" = k2."TABLE_NAME" AND

  145. 				k1."REFERENCED_TABLE_NAME" = ? AND

  146. 				k2."REFERENCED_TABLE_NAME" IN ?'

  147. 	);

  148. 

  149. 	protected function connectDatabase($hostname,$username,$password,$database,$port,$socket,$charset) {

  150. 		$connectionInfo = array();

  151. 		if ($port) $hostname.=','.$port;

  152. 		if ($username) $connectionInfo['UID']=$username;

  153. 		if ($password) $connectionInfo['PWD']=$password;

  154. 		if ($database) $connectionInfo['Database']=$database;

  155. 		if ($charset) $connectionInfo['CharacterSet']=$charset;

  156. 		$connectionInfo['QuotedId']=1;

  157. 

  158. 		$db = sqlsrv_connect($hostname, $connectionInfo);

  159. 		if (!$db) {

  160. 			throw new \Exception('Connect failed. '.print_r( sqlsrv_errors(), true));

  161. 		}

  162. 		if ($socket) {

  163. 			throw new \Exception('Socket connection is not supported.');

  164. 		}

  165. 		return $db;

  166. 	}

  167. 

  168. 	protected function query($db,$sql,$params) {

  169. 		$sql = preg_replace_callback('/\!|\?/', function ($matches) use (&$db,&$params) {

  170. 			static $i=-1;

  171. 			$i++;

  172. 			$param = $params[$i];

  173. 			if ($matches[0]=='!') return preg_replace('/[^a-zA-Z0-9\-_=<>]/','',$param);

  174. 			if (is_array($param)) {

  175. 				$params = array_splice($params, $i, 1, $param);

  176. 				return '('.implode(',',split('',str_repeat('?',count($param)))).')';

  177. 			}

  178. 			return '?';

  179. 		}, $sql);

  180. 		return sqlsrv_query($db,$sql,$params);

  181. 	}

  182. 

  183. 	protected function fetch_assoc($result) {

  184. 		return sqlsrv_fetch_array($result, SQLSRV_FETCH_ASSOC);

  185. 	}

  186. 

  187. 	protected function fetch_row($result) {

  188. 		return sqlsrv_fetch_array($result, SQLSRV_FETCH_NUMERIC);

  189. 	}

  190. 

  191. 	protected function insert_id($db) {

  192. 		$result = sqlsrv_query($db, 'SELECT SCOPE_IDENTITY()');

  193. 		$data = sqlsrv_fetch_array($result, SQLSRV_FETCH_NUMERIC);

  194. 		return $data[0];

  195. 	}

  196. 

  197. 	protected function affected_rows($db,$result) {

  198. 		return sqlsrv_rows_affected($result);

  199. 	}

  200. 

  201. 	protected function close($result) {

  202. 		return sqlsrv_free_stmt($result);

  203. 	}

  204. 

  205. 	protected function fetch_fields($result) {

  206. 		//var_dump(sqlsrv_field_metadata($result));

  207. 		return array_map(function($a){ 

  208. 			$p = array();

  209. 			foreach ($a as $k=>$v) {

  210. 				$p[strtolower($k)] = $v;

  211. 			}

  212. 			return (object)$p;

  213. 		},sqlsrv_field_metadata($result));

  214. 	}

  215. 

  216. 	protected function add_limit_to_sql($sql,$limit,$offset) {

  217. 		return "$sql OFFSET $offset ROWS FETCH NEXT $limit ROWS ONLY";

  218. 	}

  219. 	

  220. 	protected function is_binary_type($field) {

  221. 		return ($field->type>=-4 && $field->type<=-2);

  222. 	}

  223. 

  224. }

  225. 

  226. class REST_CRUD_API {

  227. 

  228. 	protected $config;

  229. 

  230. 	protected function mapMethodToAction($method,$key) {

  231. 		switch ($method) {

  232. 			case 'GET': return $key?'read':'list';

  233. 			case 'PUT': return 'update';

  234. 			case 'POST': return 'create';

  235. 			case 'DELETE': return 'delete';

  236. 			default: $this->exitWith404('method');

  237. 		}

  238. 	}

  239. 

  240. 	protected function parseRequestParameter(&$request,$characters,$default) {

  241. 		if (!count($request)) return $default;

  242. 		$value = array_shift($request);

  243. 		return $characters?preg_replace("/[^$characters]/",'',$value):$value;

  244. 	}

  245. 

  246. 	protected function parseGetParameter($get,$name,$characters,$default) {

  247. 		$value = isset($get[$name])?$get[$name]:$default;

  248. 		return $characters?preg_replace("/[^$characters]/",'',$value):$value;

  249. 	}

  250. 

  251. 	protected function parseGetParameterArray($get,$name,$characters,$default) {

  252. 		$values = isset($get[$name])?$get[$name]:$default;

  253. 		if (!is_array($values)) $values = array($values);

  254. 		if ($characters) {

  255. 			foreach ($values as &$value) {

  256. 				$value = preg_replace("/[^$characters]/",'',$value);

  257. 			}

  258. 		}

  259. 		return $values;

  260. 	}

  261. 	

  262. 	protected function applyPermissions($database, $tables, $action, $permissions, $multidb) {

  263. 		if (in_array(strtolower($database), array('information_schema','mysql','sys'))) return array();

  264. 		$results = array();

  265. 		$permissions = array_change_key_case($permissions,CASE_LOWER);

  266. 		foreach ($tables as $table) {

  267. 			$result = false;

  268. 			$options = $multidb?array("*.*","$database.*","$database.$table"):array("*","$table");

  269. 			$options = array_map('strtolower', $options);

  270. 			foreach ($options as $option) {

  271. 				if (isset($permissions[$option])) {

  272. 					$result = strpos($permissions[$option],$action[0])!==false;

  273. 				}

  274. 			}

  275. 			if ($result) $results[] = $table;				

  276. 		} 

  277. 		return $results;

  278. 	}

  279. 

  280. 	protected function processTableParameter($database,$table,$db) {

  281. 		$tablelist = explode(',',$table);

  282. 		$tables = array();

  283. 		foreach ($tablelist as $table) {

  284. 			$table = str_replace('*','%',$table);

  285. 			if ($result = $this->query($db,$this->queries['reflect_table'],array($table,$database))) {

  286. 				while ($row = $this->fetch_row($result)) $tables[] = $row[0];

  287. 				$this->close($result);

  288. 			}

  289. 		}

  290. 		return $tables;

  291. 	}

  292. 

  293. 	protected function findSinglePrimaryKey($table,$database,$db) {

  294. 		$keys = array();

  295. 		if ($result = $this->query($db,$this->queries['reflect_pk'],array($table[0],$database))) {

  296. 			while ($row = $this->fetch_row($result)) $keys[] = $row[0];

  297. 			$this->close($result);

  298. 		}

  299. 		return count($keys)==1?$keys[0]:false;

  300. 	}

  301. 

  302. 	protected function exitWith404($type) {

  303. 		if (isset($_SERVER['REQUEST_METHOD'])) {

  304. 			header('Content-Type:',true,404);

  305. 			die("Not found ($type)");

  306. 		} else {

  307. 			throw new \Exception("Not found ($type)");

  308. 		}

  309. 	}

  310. 

  311. 	protected function startOutput($callback) {

  312. 		if (isset($_SERVER['REQUEST_METHOD'])) {

  313. 			if ($callback) {

  314. 				header('Content-Type: application/javascript');

  315. 				echo $callback.'(';

  316. 			} else {

  317. 				header('Content-Type: application/json');

  318. 			}

  319. 		}

  320. 	}

  321. 

  322. 	protected function endOutput($callback) {

  323. 		if ($callback) {

  324. 			echo ');';

  325. 		}

  326. 	}

  327. 

  328. 	protected function processKeyParameter($key,$table,$database,$db) {

  329. 		if ($key) {

  330. 			$key = array($key,$this->findSinglePrimaryKey($table,$database,$db));

  331. 			if ($key[1]===false) $this->exitWith404('1pk');

  332. 		}

  333. 		return $key;

  334. 	}

  335. 

  336. 	protected function processOrderParameter($order,$table,$database,$db) {

  337. 		if ($order) {

  338. 			$order = explode(',',$order,2);

  339. 			if (count($order)<2) $order[1]='ASC';

  340. 			$order[1] = strtoupper($order[1])=='DESC'?'DESC':'ASC';

  341. 		}

  342. 		return $order;

  343. 	}

  344. 

  345. 	protected function processFilterParameter($filter,$db) {

  346. 		if ($filter) {

  347. 			$filter = explode(',',$filter,3);

  348. 			if (count($filter)==3) {

  349. 				$match = $filter[1];

  350. 				$filter[1] = 'LIKE';

  351. 				if ($match=='cs') $filter[2] = '%'.addcslashes($filter[2], '%_').'%';

  352. 				if ($match=='sw') $filter[2] = addcslashes($filter[2], '%_').'%';

  353. 				if ($match=='ew') $filter[2] = '%'.addcslashes($filter[2], '%_');

  354. 				if ($match=='eq') $filter[1] = '=';

  355. 				if ($match=='ne') $filter[1] = '!=';

  356. 				if ($match=='lt') $filter[1] = '<';

  357. 				if ($match=='le') $filter[1] = '<=';

  358. 				if ($match=='ge') $filter[1] = '>=';

  359. 				if ($match=='gt') $filter[1] = '>';

  360. 				if ($match=='in') {

  361. 					$filter[1] = 'IN';

  362. 					$filter[2] = explode(',',$filter[2]);

  363. 

  364. 				}

  365. 			} else {

  366. 				$filter = false;

  367. 			}

  368. 		}

  369. 		return $filter;

  370. 	}

  371. 

  372. 	protected function processPageParameter($page) {

  373. 		if ($page) {

  374. 			$page = explode(',',$page,2);

  375. 			if (count($page)<2) $page[1]=20;

  376. 			$page[0] = ($page[0]-1)*$page[1];

  377. 		}

  378. 		return $page;

  379. 	}

  380. 

  381. 	protected function retrieveObject($key,$table,$db) {

  382. 		if (!$key) return false;

  383. 		if ($result = $this->query($db,'SELECT * FROM "!" WHERE "!" = ?',array($table[0],$key[1],$key[0]))) {

  384. 			$object = $this->fetch_assoc($result);

  385. 			$this->close($result);

  386. 		}

  387. 		return $object;

  388. 	}

  389. 

  390. 	protected function createObject($input,$table,$db) {

  391. 		if (!$input) return false;

  392. 		$keys = implode('","',split('', str_repeat('!', count($input))));

  393. 		$values = implode(',',split('', str_repeat('?', count($input))));

  394. 		$params = array_merge(array_keys((array)$input),array_values((array)$input));

  395. 		array_unshift($params, $table[0]);

  396. 		$result = $this->query($db,'INSERT INTO "!" ("'.$keys.'") VALUES ('.$values.')',$params);

  397. 		return $this->insert_id($db,$result);

  398. 	}

  399. 

  400. 	protected function updateObject($key,$input,$table,$db) {

  401. 		if (!$input) return false;

  402. 		$params = array();

  403. 		$sql = 'UPDATE "!" SET ';

  404. 		$params[] = $database;

  405. 		$params[] = $table[0];

  406. 		foreach (array_keys((array)$input) as $i=>$k) {

  407. 			if ($i) $sql .= ',';

  408. 			$v = $input->$k;

  409. 			$sql .= '"!"=?';

  410. 			$params[] = $k;

  411. 			$params[] = $v;

  412. 		}

  413. 		$sql .= ' WHERE "!"=?';

  414. 		$params[] = $key[1];

  415. 		$params[] = $key[0];

  416. 		$result = $this->query($db,$sql,$params);

  417. 		return $this->affected_rows($db, $result);

  418. 	}

  419. 

  420. 	protected function deleteObject($key,$table,$db) {

  421. 		$result = $this->query($db,'DELETE FROM "!" WHERE "!" = ?',array($table[0],$key[1],$key[0]));

  422. 		return $this->affected_rows($db, $result);

  423. 	}

  424. 

  425. 	protected function findRelations($tables,$database,$db) {

  426. 		$collect = array();

  427. 		$select = array();

  428. 		if (count($tables)>1) {

  429. 			$table0 = array_shift($tables);

  430. 			

  431. 			$result = $this->query($db,$this->queries['reflect_belongs_to'],array($table0,$tables,$database,$database));

  432. 			while ($row = $this->fetch_row($result)) {

  433. 				$collect[$row[0]][$row[1]]=array();

  434. 				$select[$row[2]][$row[3]]=array($row[0],$row[1]);

  435. 			}

  436. 			$result = $this->query($db,$this->queries['reflect_has_many'],array($tables,$table0,$database,$database));

  437. 			while ($row = $this->fetch_row($result)) {

  438. 				$collect[$row[2]][$row[3]]=array();

  439. 				$select[$row[0]][$row[1]]=array($row[2],$row[3]);

  440. 			}

  441. 			$result = $this->query($db,$this->queries['reflect_habtm'],array($database,$database,$database,$database,$table0,$tables));

  442. 			while ($row = $this->fetch_row($result)) {

  443. 				$collect[$row[2]][$row[3]]=array();

  444. 				$select[$row[0]][$row[1]]=array($row[2],$row[3]);

  445. 				$collect[$row[4]][$row[5]]=array();

  446. 				$select[$row[6]][$row[7]]=array($row[4],$row[5]);

  447. 			}

  448. 		}

  449. 		return array($collect,$select);

  450. 	}

  451. 

  452. 	protected function getParameters($config) {

  453. 		extract($config);

  454. 		$table     = $this->parseRequestParameter($request, 'a-zA-Z0-9\-_*,', false);

  455. 		$key       = $this->parseRequestParameter($request, 'a-zA-Z0-9\-,', false); // auto-increment or uuid

  456. 		$action    = $this->mapMethodToAction($method,$key);

  457. 		$callback  = $this->parseGetParameter($get, 'callback', 'a-zA-Z0-9\-_', false);

  458. 		$page      = $this->parseGetParameter($get, 'page', '0-9,', false);

  459. 		$filters   = $this->parseGetParameterArray($get, 'filter', false, false);

  460. 		$order     = $this->parseGetParameter($get, 'order', 'a-zA-Z0-9\-_*,', false);

  461. 		$transform = $this->parseGetParameter($get, 'transform', '1', false);

  462. 

  463. 		$table    = $this->processTableParameter($database,$table,$db);

  464. 		$key      = $this->processKeyParameter($key,$table,$database,$db);

  465. 		foreach ($filters as &$filter) {

  466. 			$filter   = $this->processFilterParameter($filter,$db);

  467. 		}

  468. 		$page     = $this->processPageParameter($page);

  469. 		$order    = $this->processOrderParameter($order,$table,$database,$db);

  470. 

  471. 		$table  = $this->applyPermissions($database,$table,$action,$permissions,$multidb);

  472. 		if (empty($table)) $this->exitWith404('entity');

  473. 		

  474. 		$object = $this->retrieveObject($key,$table,$database,$db);

  475. 		$input  = json_decode(file_get_contents($post));

  476. 

  477. 		list($collect,$select) = $this->findRelations($table,$database,$db);

  478. 

  479. 		return compact('action','database','table','key','callback','page','filters','order','transform','db','object','input','collect','select');

  480. 	}

  481. 

  482. 	protected function listCommand($parameters) {

  483. 		extract($parameters);

  484. 		$this->startOutput($callback);

  485. 		echo '{';

  486. 		$tables = $table;

  487. 		$table = array_shift($tables);

  488. 		// first table

  489. 		$count = false;

  490. 		echo '"'.$table.'":{';

  491. 		if (is_array($order) && is_array($page)) {

  492. 			$params = array();

  493. 			$sql = 'SELECT COUNT(*) FROM "!"';

  494. 			$params[] = $table;

  495. 			foreach ($filters as $i=>$filter) {

  496. 				if (is_array($filter)) {

  497. 					$sql .= $i==0?' WHERE ':' AND ';

  498. 					$sql .= '"!" ! ?';

  499. 					$params[] = $filter[0];

  500. 					$params[] = $filter[1];

  501. 					$params[] = $filter[2];

  502. 				}

  503. 			}

  504. 			if ($result = $this->query($db,$sql,$params)) {

  505. 				while ($pages = $this->fetch_row($result)) {

  506. 					$count = $pages[0];

  507. 				}

  508. 			}

  509. 		}

  510. 		$params = array();

  511. 		$sql = 'SELECT * FROM "!"';

  512. 		$params[] = $table;

  513. 		foreach ($filters as $i=>$filter) {

  514. 			if (is_array($filter)) {

  515. 				$sql .= $i==0?' WHERE ':' AND ';

  516. 				$sql .= '"!" ! ?';

  517. 				$params[] = $filter[0];

  518. 				$params[] = $filter[1];

  519. 				$params[] = $filter[2];

  520. 			}

  521. 		}

  522. 		if (is_array($order)) {

  523. 			$sql .= ' ORDER BY "!" !';

  524. 			$params[] = $order[0];

  525. 			$params[] = $order[1];

  526. 		}

  527. 		if (is_array($order) && is_array($page)) {

  528. 			$sql = $this->add_limit_to_sql($sql,$page[1],$page[0]);

  529. 		}

  530. 		if ($result = $this->query($db,$sql,$params)) {

  531. 			echo '"columns":';

  532. 			$fields = array();

  533. 			$base64 = array();

  534. 			foreach ($this->fetch_fields($result) as $field) {

  535. 				$base64[] = $this->is_binary_type($field);

  536. 				$fields[] = $field->name;

  537. 			}

  538. 			echo json_encode($fields);

  539. 			$fields = array_flip($fields);

  540. 			echo ',"records":[';

  541. 			$first_row = true;

  542. 			while ($row = $this->fetch_row($result)) {

  543. 				if ($first_row) $first_row = false;

  544. 				else echo ',';

  545. 				if (isset($collect[$table])) {

  546. 					foreach (array_keys($collect[$table]) as $field) {

  547. 						$collect[$table][$field][] = $row[$fields[$field]];

  548. 					}

  549. 				}

  550. 				foreach ($base64 as $k=>$v) {

  551. 					if ($v) {

  552. 						$row[$k] = base64_encode($row[$k]);

  553. 					}

  554. 				}

  555. 				echo json_encode($row);

  556. 			}

  557. 			$this->close($result);

  558. 			echo ']';

  559. 		}

  560. 		if ($count) echo ',"results":'.$count;

  561. 		echo '}';

  562. 		// prepare for other tables

  563. 		foreach (array_keys($collect) as $t) {

  564. 			if ($t!=$table && !in_array($t,$tables)) {

  565. 				array_unshift($tables,$t);

  566. 			}

  567. 		}

  568. 		// other tables

  569. 		foreach ($tables as $t=>$table) {

  570. 			echo ',';

  571. 			echo '"'.$table.'":{';

  572. 			$params = array();

  573. 			$sql = 'SELECT * FROM "!"';

  574. 			$params[] = $table;

  575. 			if (isset($select[$table])) {

  576. 				$first_row = true;

  577. 				echo '"relations":{';

  578. 				foreach ($select[$table] as $field => $path) {

  579. 					$values = $collect[$path[0]][$path[1]];

  580. 					$sql .= $first_row?' WHERE ':' OR ';

  581. 					$sql .= '"!" IN ?';

  582. 					$params[] = $field;

  583. 					$params[] = $values;

  584. 					if ($first_row) $first_row = false;

  585. 					else echo ',';

  586. 					echo '"'.$field.'":"'.implode('.',$path).'"';

  587. 				}

  588. 				echo '}';

  589. 			}

  590. 			if ($result = $this->query($db,$sql,$params)) {

  591. 				echo ',"columns":';

  592. 				$fields = array();

  593. 				$base64 = array();

  594. 				foreach ($this->fetch_fields($result) as $field) {

  595. 					$base64[] = $this->is_binary_type($field);

  596. 					$fields[] = $field->name;

  597. 				}

  598. 				echo json_encode($fields);

  599. 				$fields = array_flip($fields);

  600. 				echo ',"records":[';

  601. 				$first_row = true;

  602. 				while ($row = $this->fetch_row($result)) {

  603. 					if ($first_row) $first_row = false;

  604. 					else echo ',';

  605. 					if (isset($collect[$table])) {

  606. 						foreach (array_keys($collect[$table]) as $field) {

  607. 							$collect[$table][$field][]=$row[$fields[$field]];

  608. 						}

  609. 					}

  610. 					foreach ($base64 as $k=>$v) {

  611. 						if ($v) {

  612. 							$row[$k] = base64_encode($row[$k]);

  613. 						}

  614. 					}

  615. 					echo json_encode($row);

  616. 				}

  617. 				$this->close($result);

  618. 				echo ']';

  619. 			}

  620. 			echo '}';

  621. 		}

  622. 		echo '}';

  623. 		$this->endOutput($callback);

  624. 	}

  625. 

  626. 	protected function readCommand($parameters) {

  627. 		extract($parameters);

  628. 		if (!$object) $this->exitWith404('object');

  629. 		$this->startOutput($callback);

  630. 		echo json_encode($object);

  631. 		$this->endOutput($callback);

  632. 	}

  633. 

  634. 	protected function createCommand($parameters) {

  635. 		extract($parameters);

  636. 		if (!$input) $this->exitWith404('input');

  637. 		$this->startOutput($callback);

  638. 		echo json_encode($this->createObject($input,$table,$db));

  639. 		$this->endOutput($callback);

  640. 	}

  641. 

  642. 	protected function updateCommand($parameters) {

  643. 		extract($parameters);

  644. 		if (!$input) $this->exitWith404('subject');

  645. 		$this->startOutput($callback);

  646. 		echo json_encode($this->updateObject($key,$input,$table,$db));

  647. 		$this->endOutput($callback);

  648. 	}

  649. 

  650. 	protected function deleteCommand($parameters) {

  651. 		extract($parameters);

  652. 		$this->startOutput($callback);

  653. 		echo json_encode($this->deleteObject($key,$table,$db));

  654. 		$this->endOutput($callback);

  655. 	}

  656. 

  657. 	protected function listCommandTransform($parameters) {

  658. 		if ($parameters['transform']) {

  659. 			ob_start();

  660. 		}

  661. 		$this->listCommand($parameters);

  662. 		if ($parameters['transform']) {

  663. 			$content = ob_get_contents();

  664. 			ob_end_clean();

  665. 			$data = json_decode($content,true);

  666. 			echo json_encode(self::mysql_crud_api_transform($data));

  667. 		}

  668. 	}

  669. 

  670. 	public function __construct($config) {

  671. 		extract($config);

  672. 

  673. 		$hostname = isset($hostname)?$hostname:null;

  674. 		$username = isset($username)?$username:'root';

  675. 		$password = isset($password)?$password:null;

  676. 		$database = isset($database)?$database:false;

  677. 		$port = isset($port)?$port:null;

  678. 		$socket = isset($socket)?$socket:null;

  679. 		$charset = isset($charset)?$charset:'utf8';

  680. 

  681. 		$permissions = isset($permissions)?$permissions:array('*'=>'crudl');

  682. 		

  683. 		$db = isset($db)?$db:null;

  684. 		$method = isset($method)?$method:$_SERVER['REQUEST_METHOD'];

  685. 		$request = isset($request)?$request:(isset($_SERVER['PATH_INFO'])?$_SERVER['PATH_INFO']:'');

  686. 		$get = isset($get)?$get:$_GET;

  687. 		$post = isset($post)?$post:'php://input';

  688. 

  689. 		$request = explode('/', trim($request,'/'));

  690. 

  691. 		$multidb   = !$database;

  692. 		if ($multidb) {

  693. 			$database  = $this->parseRequestParameter($request, 'a-zA-Z0-9\-_,', false);

  694. 		}

  695. 		if (!$db) {

  696. 			$db = $this->connectDatabase($hostname,$username,$password,$database,$port,$socket,$charset);

  697. 		}

  698. 

  699. 		$this->config = compact('method', 'request', 'get', 'post', 'multidb', 'database', 'permissions', 'db');

  700. 	}

  701. 

  702. 	public static function mysql_crud_api_transform(&$tables) {

  703. 		$get_objects = function (&$tables,$table_name,$where_index=false,$match_value=false) use (&$get_objects) {

  704. 			$objects = array();

  705. 			foreach ($tables[$table_name]['records'] as $record) {

  706. 				if ($where_index===false || $record[$where_index]==$match_value) {

  707. 					$object = array();

  708. 					foreach ($tables[$table_name]['columns'] as $index=>$column) {

  709. 						$object[$column] = $record[$index];

  710. 						foreach ($tables as $relation=>$reltable) {

  711. 							if (isset($reltable['relations'])) {

  712. 								foreach ($reltable['relations'] as $key=>$target) {

  713. 									if ($target == "$table_name.$column") {

  714. 										$column_indices = array_flip($reltable['columns']);

  715. 										$object[$relation] = $get_objects($tables,$relation,$column_indices[$key],$record[$index]);

  716. 									}

  717. 								}

  718. 							}

  719. 						}

  720. 					}

  721. 					$objects[] = $object;

  722. 				}

  723. 			}

  724. 			return $objects;

  725. 		};

  726. 		$tree = array();

  727. 		foreach ($tables as $name=>$table) {

  728. 			if (!isset($table['relations'])) {

  729. 				$tree[$name] = $get_objects($tables,$name);

  730. 				if (isset($table['results'])) {

  731. 					$tree['_results'] = $table['results'];

  732. 				}

  733. 			}

  734. 		}

  735. 		return $tree;

  736. 	}

  737. 

  738. 	public function executeCommand() {

  739. 		$parameters = $this->getParameters($this->config);

  740. 		switch($parameters['action']){

  741. 			case 'list': $this->listCommandTransform($parameters); break;

  742. 			case 'read': $this->readCommand($parameters); break;

  743. 			case 'create': $this->createCommand($parameters); break;

  744. 			case 'update': $this->updateCommand($parameters); break;

  745. 			case 'delete': $this->deleteCommand($parameters); break;

  746. 		}

  747. 	}

  748. 

  749. }

  750. 

  751. // only execute this when running in stand-alone mode

  752. if(count(get_required_files())<2) {

  753. 	$api = new SQLSRV_CRUD_API(array(

  754. 		'hostname'=>'(local)',

  755. 		'username'=>'',

  756. 		'password'=>'',

  757. 		'database'=>'xxx',

  758. 		'charset'=>'UTF-8'

  759. 	));

  760. 	$api->executeCommand();

  761. }