nas
/
todo_api
ウォッチ 2
スターをつける 1
フォーク 0
コード 課題 1 プルリクエスト 0 リリース 0 Wiki アクティビティ
api de gestion de ticket, basé sur php-crud-api. Le but est de décorrélé les outils de gestion des données, afin
選択できるのは25トピックまでです。 トピックは、先頭が英数字で、英数字とダッシュ('-')を使用した35文字以内のものにしてください。
206 コミット
1 ブランチ
ツリー: 5e38ff5d0f
ブランチ タグ
${ item.name }
ブランチ ${ searchTerm } を作成
'5e38ff5d0f' から
${ noResults }
todo_api/api.php

api.php 25KB
履歴 Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682683684685686687688689690691692693694695696697698699700701702703704705706707708709710711712713714715716717718719720721722723724725726727728729730731732733734735736737738739740741742743744745746747748749750751752753754755756757758759760761762763764765766767768769770771772773774775776777778779780781782783784 
  1. <?php

  2. 

  3. class MySQL_CRUD_API extends REST_CRUD_API {

  4. 

  5. 	protected $queries = array(

  6. 		'reflect_table'=>'SELECT "TABLE_NAME" FROM "INFORMATION_SCHEMA"."TABLES" WHERE "TABLE_NAME" LIKE ? AND "TABLE_SCHEMA" = ?',

  7. 		'reflect_pk'=>'SELECT "COLUMN_NAME" FROM "INFORMATION_SCHEMA"."COLUMNS" WHERE "COLUMN_KEY" = \'PRI\' AND "TABLE_NAME" = ? AND "TABLE_SCHEMA" = ?',

  8. 		'reflect_belongs_to'=>'SELECT

  9. 				"TABLE_NAME","COLUMN_NAME",

  10. 				"REFERENCED_TABLE_NAME","REFERENCED_COLUMN_NAME"

  11. 			FROM

  12. 				"INFORMATION_SCHEMA"."KEY_COLUMN_USAGE"

  13. 			WHERE

  14. 				"TABLE_NAME" = ? AND

  15. 				"REFERENCED_TABLE_NAME" IN ? AND

  16. 				"TABLE_SCHEMA" = ? AND

  17. 				"REFERENCED_TABLE_SCHEMA" = ?',

  18. 		'reflect_has_many'=>'SELECT

  19. 				"TABLE_NAME","COLUMN_NAME",

  20. 				"REFERENCED_TABLE_NAME","REFERENCED_COLUMN_NAME"

  21. 			FROM

  22. 				"INFORMATION_SCHEMA"."KEY_COLUMN_USAGE"

  23. 			WHERE

  24. 				"TABLE_NAME" IN ? AND

  25. 				"REFERENCED_TABLE_NAME" = ? AND

  26. 				"TABLE_SCHEMA" = ? AND

  27. 				"REFERENCED_TABLE_SCHEMA" = ?',

  28. 		'reflect_habtm'=>'SELECT

  29. 				k1."TABLE_NAME", k1."COLUMN_NAME",

  30. 				k1."REFERENCED_TABLE_NAME", k1."REFERENCED_COLUMN_NAME",

  31. 				k2."TABLE_NAME", k2."COLUMN_NAME",

  32. 				k2."REFERENCED_TABLE_NAME", k2."REFERENCED_COLUMN_NAME"

  33. 			FROM

  34. 				"INFORMATION_SCHEMA"."KEY_COLUMN_USAGE" k1, "INFORMATION_SCHEMA"."KEY_COLUMN_USAGE" k2

  35. 			WHERE

  36. 				k1."TABLE_SCHEMA" = ? AND

  37. 				k2."TABLE_SCHEMA" = ? AND

  38. 				k1."REFERENCED_TABLE_SCHEMA" = ? AND

  39. 				k2."REFERENCED_TABLE_SCHEMA" = ? AND

  40. 				k1."TABLE_NAME" = k2."TABLE_NAME" AND

  41. 				k1."REFERENCED_TABLE_NAME" = ? AND

  42. 				k2."REFERENCED_TABLE_NAME" IN ?'

  43. 	);

  44. 	

  45. 	protected function connectDatabase($hostname,$username,$password,$database,$port,$socket,$charset) {

  46. 		$db = mysqli_connect($hostname,$username,$password,$database,$port,$socket);

  47. 		if (mysqli_connect_errno()) {

  48. 			throw new \Exception('Connect failed. '.mysqli_connect_error());

  49. 		}

  50. 		if (!mysqli_set_charset($db,$charset)) {

  51. 			throw new \Exception('Error setting charset. '.mysqli_error($db));

  52. 		}

  53. 		if (!mysqli_query($db,'SET SESSION sql_mode = \'ANSI_QUOTES\';')) {

  54. 			throw new \Exception('Error setting ANSI quotes. '.mysqli_error($db));

  55. 		}

  56. 		return $db;

  57. 	}

  58. 	

  59. 	protected function query($db,$sql,$params) {

  60. 		$sql = preg_replace_callback('/\!|\?/', function ($matches) use (&$db,&$params) {

  61. 			$param = array_shift($params);

  62. 			if ($matches[0]=='!') return preg_replace('/[^a-zA-Z0-9\-_=<>]/','',$param);

  63. 			if (is_array($param)) return '('.implode(',',array_map(function($v) use (&$db) {

  64. 				return "'".mysqli_real_escape_string($db,$v)."'";

  65. 			},$param)).')';

  66. 			return "'".mysqli_real_escape_string($db,$param)."'";

  67. 		}, $sql);

  68. 		//echo "\n$sql\n";

  69. 		return mysqli_query($db,$sql);

  70. 	}

  71. 	

  72. 	protected function fetch_assoc($result) {

  73. 		return mysqli_fetch_assoc($result);

  74. 	}

  75. 	

  76. 	protected function fetch_row($result) {

  77. 		return mysqli_fetch_row($result);

  78. 	}

  79. 

  80. 	protected function insert_id($db,$result) {

  81. 		return mysqli_insert_id($db);

  82. 	}

  83. 		

  84. 	protected function affected_rows($db,$result) {

  85. 		return mysqli_affected_rows($db);

  86. 	}

  87. 	

  88. 	protected function close($result) {

  89. 		return mysqli_free_result($result);

  90. 	}

  91. 	

  92. 	protected function fetch_fields($result) {

  93. 		return mysqli_fetch_fields($result);

  94. 	}

  95. 	

  96. 	protected function add_limit_to_sql($sql,$limit,$offset) {

  97. 		return "$sql LIMIT $limit OFFSET $offset";

  98. 	}

  99. 	

  100. 	protected function likeEscape($string) {

  101. 		return addcslashes($string,'%_');

  102. 	}

  103. 	

  104. 	protected function is_binary_type($field) {

  105. 		//echo "$field->name: $field->type ($field->flags)\n";

  106. 		return (($field->flags & 128) && ($field->type==252));

  107. 	}

  108. 

  109. }

  110. 

  111. class SQLSRV_CRUD_API extends REST_CRUD_API {

  112. 

  113. 	protected $queries = array(

  114. 		'reflect_table'=>'SELECT "TABLE_NAME" FROM "INFORMATION_SCHEMA"."TABLES" WHERE "TABLE_NAME" LIKE ? AND "TABLE_CATALOG" = ?',

  115. 		'reflect_pk'=>'SELECT "COLUMN_NAME" FROM "INFORMATION_SCHEMA"."COLUMNS" WHERE "COLUMN_KEY" = \'PRI\' AND "TABLE_NAME" = ? AND "TABLE_CATALOG" = ?',

  116. 		'reflect_belongs_to'=>'SELECT

  117. 				"TABLE_NAME","COLUMN_NAME",

  118. 				"REFERENCED_TABLE_NAME","REFERENCED_COLUMN_NAME"

  119. 			FROM

  120. 				"INFORMATION_SCHEMA"."KEY_COLUMN_USAGE"

  121. 			WHERE

  122. 				"TABLE_NAME" = ? AND

  123. 				"REFERENCED_TABLE_NAME" IN ? AND

  124. 				"TABLE_CATALOG" = ? AND

  125. 				"REFERENCED_TABLE_CATALOG" = ?',

  126. 		'reflect_has_many'=>'SELECT

  127. 				"TABLE_NAME","COLUMN_NAME",

  128. 				"REFERENCED_TABLE_NAME","REFERENCED_COLUMN_NAME"

  129. 			FROM

  130. 				"INFORMATION_SCHEMA"."KEY_COLUMN_USAGE"

  131. 			WHERE

  132. 				"TABLE_NAME" IN ? AND

  133. 				"REFERENCED_TABLE_NAME" = ? AND

  134. 				"TABLE_CATALOG" = ? AND

  135. 				"REFERENCED_TABLE_CATALOG" = ?',

  136. 		'reflect_habtm'=>'SELECT

  137. 				k1."TABLE_NAME", k1."COLUMN_NAME",

  138. 				k1."REFERENCED_TABLE_NAME", k1."REFERENCED_COLUMN_NAME",

  139. 				k2."TABLE_NAME", k2."COLUMN_NAME",

  140. 				k2."REFERENCED_TABLE_NAME", k2."REFERENCED_COLUMN_NAME"

  141. 			FROM

  142. 				"INFORMATION_SCHEMA"."KEY_COLUMN_USAGE" k1, "INFORMATION_SCHEMA"."KEY_COLUMN_USAGE" k2

  143. 			WHERE

  144. 				k1."TABLE_CATALOG" = ? AND

  145. 				k2."TABLE_CATALOG" = ? AND

  146. 				k1."REFERENCED_TABLE_CATALOG" = ? AND

  147. 				k2."REFERENCED_TABLE_CATALOG" = ? AND

  148. 				k1."TABLE_NAME" = k2."TABLE_NAME" AND

  149. 				k1."REFERENCED_TABLE_NAME" = ? AND

  150. 				k2."REFERENCED_TABLE_NAME" IN ?'

  151. 	);

  152. 

  153. 	protected function connectDatabase($hostname,$username,$password,$database,$port,$socket,$charset) {

  154. 		$connectionInfo = array();

  155. 		if ($port) $hostname.=','.$port;

  156. 		if ($username) $connectionInfo['UID']=$username;

  157. 		if ($password) $connectionInfo['PWD']=$password;

  158. 		if ($database) $connectionInfo['Database']=$database;

  159. 		if ($charset) $connectionInfo['CharacterSet']=$charset;

  160. 		$connectionInfo['QuotedId']=1;

  161. 

  162. 		$db = sqlsrv_connect($hostname, $connectionInfo);

  163. 		if (!$db) {

  164. 			throw new \Exception('Connect failed. '.print_r( sqlsrv_errors(), true));

  165. 		}

  166. 		if ($socket) {

  167. 			throw new \Exception('Socket connection is not supported.');

  168. 		}

  169. 		return $db;

  170. 	}

  171. 

  172. 	protected function query($db,$sql,$params) {

  173. 		$args = array();

  174. 		$sql = preg_replace_callback('/\!|\?/', function ($matches) use (&$db,&$params,&$args) {

  175. 			static $i=-1;

  176. 			$i++;

  177. 			$param = $params[$i];

  178. 			if ($matches[0]=='!') {

  179. 				return preg_replace('/[^a-zA-Z0-9\-_=<>]/','',$param);

  180. 			}

  181. 			if (is_array($param)) {

  182. 				$args = array_merge($args,$param);

  183. 				return '('.implode(',',str_split(str_repeat('?',count($param)))).')';

  184. 			}

  185. 			$args[] = $param;

  186. 			return '?';

  187. 		}, $sql);

  188. 		//echo "\n$sql\n";

  189. 		//var_dump($args);

  190. 		return sqlsrv_query($db,$sql,$args);

  191. 	}

  192. 

  193. 	protected function fetch_assoc($result) {

  194. 		return sqlsrv_fetch_array($result, SQLSRV_FETCH_ASSOC);

  195. 	}

  196. 

  197. 	protected function fetch_row($result) {

  198. 		return sqlsrv_fetch_array($result, SQLSRV_FETCH_NUMERIC);

  199. 	}

  200. 

  201. 	protected function insert_id($db) {

  202. 		$result = sqlsrv_query($db, 'SELECT SCOPE_IDENTITY()');

  203. 		$data = sqlsrv_fetch_array($result, SQLSRV_FETCH_NUMERIC);

  204. 		return $data[0];

  205. 	}

  206. 

  207. 	protected function affected_rows($db,$result) {

  208. 		return sqlsrv_rows_affected($result);

  209. 	}

  210. 

  211. 	protected function close($result) {

  212. 		return sqlsrv_free_stmt($result);

  213. 	}

  214. 

  215. 	protected function fetch_fields($result) {

  216. 		//var_dump(sqlsrv_field_metadata($result));

  217. 		return array_map(function($a){ 

  218. 			$p = array();

  219. 			foreach ($a as $k=>$v) {

  220. 				$p[strtolower($k)] = $v;

  221. 			}

  222. 			return (object)$p;

  223. 		},sqlsrv_field_metadata($result));

  224. 	}

  225. 

  226. 	protected function add_limit_to_sql($sql,$limit,$offset) {

  227. 		return "$sql OFFSET $offset ROWS FETCH NEXT $limit ROWS ONLY";

  228. 	}

  229. 	

  230. 	protected function likeEscape($string) {

  231. 		return str_replace(array('%','_'),array('[%]','[_]'),$string);

  232. 	}

  233. 	

  234. 	protected function is_binary_type($field) {

  235. 		return ($field->type>=-4 && $field->type<=-2);

  236. 	}

  237. 

  238. }

  239. 

  240. class REST_CRUD_API {

  241. 

  242. 	protected $config;

  243. 

  244. 	protected function mapMethodToAction($method,$key) {

  245. 		switch ($method) {

  246. 			case 'GET': return $key?'read':'list';

  247. 			case 'PUT': return 'update';

  248. 			case 'POST': return 'create';

  249. 			case 'DELETE': return 'delete';

  250. 			default: $this->exitWith404('method');

  251. 		}

  252. 	}

  253. 

  254. 	protected function parseRequestParameter(&$request,$characters,$default) {

  255. 		if (!count($request)) return $default;

  256. 		$value = array_shift($request);

  257. 		return $characters?preg_replace("/[^$characters]/",'',$value):$value;

  258. 	}

  259. 

  260. 	protected function parseGetParameter($get,$name,$characters,$default) {

  261. 		$value = isset($get[$name])?$get[$name]:$default;

  262. 		return $characters?preg_replace("/[^$characters]/",'',$value):$value;

  263. 	}

  264. 

  265. 	protected function parseGetParameterArray($get,$name,$characters,$default) {

  266. 		$values = isset($get[$name])?$get[$name]:$default;

  267. 		if (!is_array($values)) $values = array($values);

  268. 		if ($characters) {

  269. 			foreach ($values as &$value) {

  270. 				$value = preg_replace("/[^$characters]/",'',$value);

  271. 			}

  272. 		}

  273. 		return $values;

  274. 	}

  275. 	

  276. 	protected function applyPermissions($database, $tables, $action, $permissions, $multidb) {

  277. 		if (in_array(strtolower($database), array('information_schema','mysql','sys'))) return array();

  278. 		$results = array();

  279. 		$permissions = array_change_key_case($permissions,CASE_LOWER);

  280. 		foreach ($tables as $table) {

  281. 			$result = false;

  282. 			$options = $multidb?array("*.*","$database.*","$database.$table"):array("*","$table");

  283. 			$options = array_map('strtolower', $options);

  284. 			foreach ($options as $option) {

  285. 				if (isset($permissions[$option])) {

  286. 					$result = strpos($permissions[$option],$action[0])!==false;

  287. 				}

  288. 			}

  289. 			if ($result) $results[] = $table;				

  290. 		} 

  291. 		return $results;

  292. 	}

  293. 

  294. 	protected function processTableParameter($database,$table,$db) {

  295. 		$tablelist = explode(',',$table);

  296. 		$tables = array();

  297. 		foreach ($tablelist as $table) {

  298. 			$table = str_replace('*','%',$table);

  299. 			if ($result = $this->query($db,$this->queries['reflect_table'],array($table,$database))) {

  300. 				while ($row = $this->fetch_row($result)) $tables[] = $row[0];

  301. 				$this->close($result);

  302. 			}

  303. 		}

  304. 		return $tables;

  305. 	}

  306. 

  307. 	protected function findSinglePrimaryKey($table,$database,$db) {

  308. 		$keys = array();

  309. 		if ($result = $this->query($db,$this->queries['reflect_pk'],array($table[0],$database))) {

  310. 			while ($row = $this->fetch_row($result)) $keys[] = $row[0];

  311. 			$this->close($result);

  312. 		}

  313. 		return count($keys)==1?$keys[0]:false;

  314. 	}

  315. 

  316. 	protected function exitWith404($type) {

  317. 		if (isset($_SERVER['REQUEST_METHOD'])) {

  318. 			header('Content-Type:',true,404);

  319. 			die("Not found ($type)");

  320. 		} else {

  321. 			throw new \Exception("Not found ($type)");

  322. 		}

  323. 	}

  324. 

  325. 	protected function startOutput($callback) {

  326. 		if (isset($_SERVER['REQUEST_METHOD'])) {

  327. 			header('Access-Control-Allow-Origin: *');

  328. 			if ($callback) {

  329. 				header('Content-Type: application/javascript');

  330. 				echo $callback.'(';

  331. 			} else {

  332. 				header('Content-Type: application/json');

  333. 			}

  334. 		}

  335. 	}

  336. 

  337. 	protected function endOutput($callback) {

  338. 		if ($callback) {

  339. 			echo ');';

  340. 		}

  341. 	}

  342. 

  343. 	protected function processKeyParameter($key,$table,$database,$db) {

  344. 		if ($key) {

  345. 			$key = array($key,$this->findSinglePrimaryKey($table,$database,$db));

  346. 			if ($key[1]===false) $this->exitWith404('1pk');

  347. 		}

  348. 		return $key;

  349. 	}

  350. 

  351. 	protected function processOrderParameter($order,$table,$database,$db) {

  352. 		if ($order) {

  353. 			$order = explode(',',$order,2);

  354. 			if (count($order)<2) $order[1]='ASC';

  355. 			$order[1] = strtoupper($order[1])=='DESC'?'DESC':'ASC';

  356. 		}

  357. 		return $order;

  358. 	}

  359. 

  360. 	protected function processFilterParameter($filter,$db) {

  361. 		if ($filter) {

  362. 			$filter = explode(',',$filter,3);

  363. 			if (count($filter)==3) {

  364. 				$match = $filter[1];

  365. 				$filter[1] = 'LIKE';

  366. 				if ($match=='cs') $filter[2] = '%'.$this->likeEscape($filter[2]).'%';

  367. 				if ($match=='sw') $filter[2] = $this->likeEscape($filter[2]).'%';

  368. 				if ($match=='ew') $filter[2] = '%'.$this->likeEscape($filter[2]);

  369. 				if ($match=='eq') $filter[1] = '=';

  370. 				if ($match=='ne') $filter[1] = '<>';

  371. 				if ($match=='lt') $filter[1] = '<';

  372. 				if ($match=='le') $filter[1] = '<=';

  373. 				if ($match=='ge') $filter[1] = '>=';

  374. 				if ($match=='gt') $filter[1] = '>';

  375. 				if ($match=='in') {

  376. 					$filter[1] = 'IN';

  377. 					$filter[2] = explode(',',$filter[2]);

  378. 

  379. 				}

  380. 			} else {

  381. 				$filter = false;

  382. 			}

  383. 		}

  384. 		return $filter;

  385. 	}

  386. 

  387. 	protected function processPageParameter($page) {

  388. 		if ($page) {

  389. 			$page = explode(',',$page,2);

  390. 			if (count($page)<2) $page[1]=20;

  391. 			$page[0] = ($page[0]-1)*$page[1];

  392. 		}

  393. 		return $page;

  394. 	}

  395. 

  396. 	protected function retrieveObject($key,$table,$db) {

  397. 		if (!$key) return false;

  398. 		if ($result = $this->query($db,'SELECT * FROM "!" WHERE "!" = ?',array($table[0],$key[1],$key[0]))) {

  399. 			$object = $this->fetch_assoc($result);

  400. 			$this->close($result);

  401. 		}

  402. 		return $object;

  403. 	}

  404. 

  405. 	protected function createObject($input,$table,$db) {

  406. 		if (!$input) return false;

  407. 		$keys = implode('","',str_split(str_repeat('!', count($input))));

  408. 		$values = implode(',',str_split(str_repeat('?', count($input))));

  409. 		$params = array_merge(array_keys((array)$input),array_values((array)$input));

  410. 		array_unshift($params, $table[0]);

  411. 		$result = $this->query($db,'INSERT INTO "!" ("'.$keys.'") VALUES ('.$values.')',$params);

  412. 		return $this->insert_id($db,$result);

  413. 	}

  414. 

  415. 	protected function updateObject($key,$input,$table,$db) {

  416. 		if (!$input) return false;

  417. 		$params = array();

  418. 		$sql = 'UPDATE "!" SET ';

  419. 		$params[] = $table[0];

  420. 		foreach (array_keys($input) as $i=>$k) {

  421. 			if ($i) $sql .= ',';

  422. 			$v = $input[$k];

  423. 			$sql .= '"!"=?';

  424. 			$params[] = $k;

  425. 			$params[] = $v;

  426. 		}

  427. 		$sql .= ' WHERE "!"=?';

  428. 		$params[] = $key[1];

  429. 		$params[] = $key[0];

  430. 		$result = $this->query($db,$sql,$params);

  431. 		return $this->affected_rows($db, $result);

  432. 	}

  433. 

  434. 	protected function deleteObject($key,$table,$db) {

  435. 		$result = $this->query($db,'DELETE FROM "!" WHERE "!" = ?',array($table[0],$key[1],$key[0]));

  436. 		return $this->affected_rows($db, $result);

  437. 	}

  438. 

  439. 	protected function findRelations($tables,$database,$db) {

  440. 		$collect = array();

  441. 		$select = array();

  442. 		if (count($tables)>1) {

  443. 			$table0 = array_shift($tables);

  444. 			

  445. 			$result = $this->query($db,$this->queries['reflect_belongs_to'],array($table0,$tables,$database,$database));

  446. 			while ($row = $this->fetch_row($result)) {

  447. 				$collect[$row[0]][$row[1]]=array();

  448. 				$select[$row[2]][$row[3]]=array($row[0],$row[1]);

  449. 			}

  450. 			$result = $this->query($db,$this->queries['reflect_has_many'],array($tables,$table0,$database,$database));

  451. 			while ($row = $this->fetch_row($result)) {

  452. 				$collect[$row[2]][$row[3]]=array();

  453. 				$select[$row[0]][$row[1]]=array($row[2],$row[3]);

  454. 			}

  455. 			$result = $this->query($db,$this->queries['reflect_habtm'],array($database,$database,$database,$database,$table0,$tables));

  456. 			while ($row = $this->fetch_row($result)) {

  457. 				$collect[$row[2]][$row[3]]=array();

  458. 				$select[$row[0]][$row[1]]=array($row[2],$row[3]);

  459. 				$collect[$row[4]][$row[5]]=array();

  460. 				$select[$row[6]][$row[7]]=array($row[4],$row[5]);

  461. 			}

  462. 		}

  463. 		return array($collect,$select);

  464. 	}

  465. 

  466. 	protected function getParameters($config) {

  467. 		extract($config);

  468. 		$table     = $this->parseRequestParameter($request, 'a-zA-Z0-9\-_*,', false);

  469. 		$key       = $this->parseRequestParameter($request, 'a-zA-Z0-9\-,', false); // auto-increment or uuid

  470. 		$action    = $this->mapMethodToAction($method,$key);

  471. 		$callback  = $this->parseGetParameter($get, 'callback', 'a-zA-Z0-9\-_', false);

  472. 		$page      = $this->parseGetParameter($get, 'page', '0-9,', false);

  473. 		$filters   = $this->parseGetParameterArray($get, 'filter', false, false);

  474. 		$satisfy   = $this->parseGetParameter($get, 'satisfy', 'a-z', 'all');

  475. 		$columns   = $this->parseGetParameter($get, 'columns', 'a-zA-Z0-9\-_,', false);

  476. 		$order     = $this->parseGetParameter($get, 'order', 'a-zA-Z0-9\-_*,', false);

  477. 		$transform = $this->parseGetParameter($get, 'transform', '1', false);

  478. 		

  479. 		$table    = $this->processTableParameter($database,$table,$db);

  480. 		$key      = $this->processKeyParameter($key,$table,$database,$db);

  481. 		foreach ($filters as &$filter) $filter = $this->processFilterParameter($filter,$db);

  482. 		if ($columns) $columns = explode(',',$columns);

  483. 		$page     = $this->processPageParameter($page);

  484. 		$order    = $this->processOrderParameter($order,$table,$database,$db);

  485. 		

  486. 		$table  = $this->applyPermissions($database,$table,$action,$permissions,$multidb);

  487. 		if (empty($table)) $this->exitWith404('entity');

  488. 		

  489. 		$object = $this->retrieveObject($key,$table,$db);

  490. 		$input  = json_decode(file_get_contents($post),true);

  491. 		

  492. 		list($collect,$select) = $this->findRelations($table,$database,$db);

  493. 

  494. 		return compact('action','database','table','key','callback','page','filters','satisfy','columns','order','transform','db','object','input','collect','select');

  495. 	}

  496. 

  497. 	protected function listCommand($parameters) {

  498. 		extract($parameters);

  499. 		$this->startOutput($callback);

  500. 		echo '{';

  501. 		$tables = $table;

  502. 		$table = array_shift($tables);

  503. 		// first table

  504. 		$count = false;

  505. 		echo '"'.$table.'":{';

  506. 		if (is_array($order) && is_array($page)) {

  507. 			$params = array();

  508. 			$sql = 'SELECT COUNT(*) FROM "!"';

  509. 			$params[] = $table;

  510. 			foreach ($filters as $i=>$filter) {

  511. 				if (is_array($filter)) {

  512. 					$sql .= $i==0?' WHERE ':($satisfy=='all'?' AND ':' OR ');

  513. 					$sql .= '"!" ! ?';

  514. 					$params[] = $filter[0];

  515. 					$params[] = $filter[1];

  516. 					$params[] = $filter[2];

  517. 				}

  518. 			}

  519. 			if ($result = $this->query($db,$sql,$params)) {

  520. 				while ($pages = $this->fetch_row($result)) {

  521. 					$count = $pages[0];

  522. 				}

  523. 			}

  524. 		}

  525. 		$params = array();

  526. 		$sql = 'SELECT ';

  527. 		if (is_array($columns)) {

  528. 			$sql .= '"'.implode('","',$columns).'"';

  529. 		} else {

  530. 			$sql .= '*';

  531. 		}

  532. 		$sql .= ' FROM "!"';

  533. 		$params[] = $table;

  534. 		foreach ($filters as $i=>$filter) {

  535. 			if (is_array($filter)) {

  536. 				$sql .= $i==0?' WHERE ':($satisfy=='all'?' AND ':' OR ');

  537. 				$sql .= '"!" ! ?';

  538. 				$params[] = $filter[0];

  539. 				$params[] = $filter[1];

  540. 				$params[] = $filter[2];

  541. 			}

  542. 		}

  543. 		if (is_array($order)) {

  544. 			$sql .= ' ORDER BY "!" !';

  545. 			$params[] = $order[0];

  546. 			$params[] = $order[1];

  547. 		}

  548. 		if (is_array($order) && is_array($page)) {

  549. 			$sql = $this->add_limit_to_sql($sql,$page[1],$page[0]);

  550. 		}

  551. 		if ($result = $this->query($db,$sql,$params)) {

  552. 			echo '"columns":';

  553. 			$fields = array();

  554. 			$base64 = array();

  555. 			foreach ($this->fetch_fields($result) as $field) {

  556. 				$base64[] = $this->is_binary_type($field);

  557. 				$fields[] = $field->name;

  558. 			}

  559. 			echo json_encode($fields);

  560. 			$fields = array_flip($fields);

  561. 			echo ',"records":[';

  562. 			$first_row = true;

  563. 			while ($row = $this->fetch_row($result)) {

  564. 				if ($first_row) $first_row = false;

  565. 				else echo ',';

  566. 				if (isset($collect[$table])) {

  567. 					foreach (array_keys($collect[$table]) as $field) {

  568. 						$collect[$table][$field][] = $row[$fields[$field]];

  569. 					}

  570. 				}

  571. 				foreach ($base64 as $k=>$v) {

  572. 					if ($v) {

  573. 						$row[$k] = base64_encode($row[$k]);

  574. 					}

  575. 				}

  576. 				echo json_encode($row);

  577. 			}

  578. 			$this->close($result);

  579. 			echo ']';

  580. 			if ($count) echo ',';

  581. 		}

  582. 		if ($count) echo '"results":'.$count;

  583. 		echo '}';

  584. 		// prepare for other tables

  585. 		foreach (array_keys($collect) as $t) {

  586. 			if ($t!=$table && !in_array($t,$tables)) {

  587. 				array_unshift($tables,$t);

  588. 			}

  589. 		}

  590. 		// other tables

  591. 		foreach ($tables as $t=>$table) {

  592. 			echo ',';

  593. 			echo '"'.$table.'":{';

  594. 			$params = array();

  595. 			$sql = 'SELECT * FROM "!"';

  596. 			$params[] = $table;

  597. 			if (isset($select[$table])) {

  598. 				$first_row = true;

  599. 				echo '"relations":{';

  600. 				foreach ($select[$table] as $field => $path) {

  601. 					$values = $collect[$path[0]][$path[1]];

  602. 					$sql .= $first_row?' WHERE ':' OR ';

  603. 					$sql .= '"!" IN ?';

  604. 					$params[] = $field;

  605. 					$params[] = $values;

  606. 					if ($first_row) $first_row = false;

  607. 					else echo ',';

  608. 					echo '"'.$field.'":"'.implode('.',$path).'"';

  609. 				}

  610. 				echo '}';

  611. 			}

  612. 			if ($result = $this->query($db,$sql,$params)) {

  613. 				echo ',"columns":';

  614. 				$fields = array();

  615. 				$base64 = array();

  616. 				foreach ($this->fetch_fields($result) as $field) {

  617. 					$base64[] = $this->is_binary_type($field);

  618. 					$fields[] = $field->name;

  619. 				}

  620. 				echo json_encode($fields);

  621. 				$fields = array_flip($fields);

  622. 				echo ',"records":[';

  623. 				$first_row = true;

  624. 				while ($row = $this->fetch_row($result)) {

  625. 					if ($first_row) $first_row = false;

  626. 					else echo ',';

  627. 					if (isset($collect[$table])) {

  628. 						foreach (array_keys($collect[$table]) as $field) {

  629. 							$collect[$table][$field][]=$row[$fields[$field]];

  630. 						}

  631. 					}

  632. 					foreach ($base64 as $k=>$v) {

  633. 						if ($v) {

  634. 							$row[$k] = base64_encode($row[$k]);

  635. 						}

  636. 					}

  637. 					echo json_encode($row);

  638. 				}

  639. 				$this->close($result);

  640. 				echo ']';

  641. 			}

  642. 			echo '}';

  643. 		}

  644. 		echo '}';

  645. 		$this->endOutput($callback);

  646. 	}

  647. 

  648. 	protected function readCommand($parameters) {

  649. 		extract($parameters);

  650. 		if (!$object) $this->exitWith404('object');

  651. 		$this->startOutput($callback);

  652. 		echo json_encode($object);

  653. 		$this->endOutput($callback);

  654. 	}

  655. 

  656. 	protected function createCommand($parameters) {

  657. 		extract($parameters);

  658. 		if (!$input) $this->exitWith404('input');

  659. 		$this->startOutput($callback);

  660. 		echo json_encode($this->createObject($input,$table,$db));

  661. 		$this->endOutput($callback);

  662. 	}

  663. 

  664. 	protected function updateCommand($parameters) {

  665. 		extract($parameters);

  666. 		if (!$input) $this->exitWith404('subject');

  667. 		$this->startOutput($callback);

  668. 		echo json_encode($this->updateObject($key,$input,$table,$db));

  669. 		$this->endOutput($callback);

  670. 	}

  671. 

  672. 	protected function deleteCommand($parameters) {

  673. 		extract($parameters);

  674. 		$this->startOutput($callback);

  675. 		echo json_encode($this->deleteObject($key,$table,$db));

  676. 		$this->endOutput($callback);

  677. 	}

  678. 

  679. 	protected function listCommandTransform($parameters) {

  680. 		if ($parameters['transform']) {

  681. 			ob_start();

  682. 		}

  683. 		$this->listCommand($parameters);

  684. 		if ($parameters['transform']) {

  685. 			$content = ob_get_contents();

  686. 			ob_end_clean();

  687. 			$data = json_decode($content,true);

  688. 			echo json_encode(self::mysql_crud_api_transform($data));

  689. 		}

  690. 	}

  691. 

  692. 	public function __construct($config) {

  693. 		extract($config);

  694. 

  695. 		$hostname = isset($hostname)?$hostname:null;

  696. 		$username = isset($username)?$username:'root';

  697. 		$password = isset($password)?$password:null;

  698. 		$database = isset($database)?$database:false;

  699. 		$port = isset($port)?$port:null;

  700. 		$socket = isset($socket)?$socket:null;

  701. 		$charset = isset($charset)?$charset:'utf8';

  702. 

  703. 		$permissions = isset($permissions)?$permissions:array('*'=>'crudl');

  704. 		

  705. 		$db = isset($db)?$db:null;

  706. 		$method = isset($method)?$method:$_SERVER['REQUEST_METHOD'];

  707. 		$request = isset($request)?$request:(isset($_SERVER['PATH_INFO'])?$_SERVER['PATH_INFO']:'');

  708. 		$get = isset($get)?$get:$_GET;

  709. 		$post = isset($post)?$post:'php://input';

  710. 

  711. 		$request = explode('/', trim($request,'/'));

  712. 

  713. 		$multidb   = !$database;

  714. 		if ($multidb) {

  715. 			$database  = $this->parseRequestParameter($request, 'a-zA-Z0-9\-_,', false);

  716. 		}

  717. 		if (!$db) {

  718. 			$db = $this->connectDatabase($hostname,$username,$password,$database,$port,$socket,$charset);

  719. 		}

  720. 

  721. 		$this->config = compact('method', 'request', 'get', 'post', 'multidb', 'database', 'permissions', 'db');

  722. 	}

  723. 

  724. 	public static function mysql_crud_api_transform(&$tables) {

  725. 		$get_objects = function (&$tables,$table_name,$where_index=false,$match_value=false) use (&$get_objects) {

  726. 			$objects = array();

  727. 			foreach ($tables[$table_name]['records'] as $record) {

  728. 				if ($where_index===false || $record[$where_index]==$match_value) {

  729. 					$object = array();

  730. 					foreach ($tables[$table_name]['columns'] as $index=>$column) {

  731. 						$object[$column] = $record[$index];

  732. 						foreach ($tables as $relation=>$reltable) {

  733. 							if (isset($reltable['relations'])) {

  734. 								foreach ($reltable['relations'] as $key=>$target) {

  735. 									if ($target == "$table_name.$column") {

  736. 										$column_indices = array_flip($reltable['columns']);

  737. 										$object[$relation] = $get_objects($tables,$relation,$column_indices[$key],$record[$index]);

  738. 									}

  739. 								}

  740. 							}

  741. 						}

  742. 					}

  743. 					$objects[] = $object;

  744. 				}

  745. 			}

  746. 			return $objects;

  747. 		};

  748. 		$tree = array();

  749. 		foreach ($tables as $name=>$table) {

  750. 			if (!isset($table['relations'])) {

  751. 				$tree[$name] = $get_objects($tables,$name);

  752. 				if (isset($table['results'])) {

  753. 					$tree['_results'] = $table['results'];

  754. 				}

  755. 			}

  756. 		}

  757. 		return $tree;

  758. 	}

  759. 

  760. 	public function executeCommand() {

  761. 		$parameters = $this->getParameters($this->config);

  762. 		switch($parameters['action']){

  763. 			case 'list': $this->listCommandTransform($parameters); break;

  764. 			case 'read': $this->readCommand($parameters); break;

  765. 			case 'create': $this->createCommand($parameters); break;

  766. 			case 'update': $this->updateCommand($parameters); break;

  767. 			case 'delete': $this->deleteCommand($parameters); break;

  768. 		}

  769. 	}

  770. 

  771. }

  772. 

  773. // only execute this when running in stand-alone mode

  774. if(count(get_required_files())<2) {

  775. 	header('Access-Control-Allow-Origin: *');

  776. 	$api = new SQLSRV_CRUD_API(array(

  777. 		'hostname'=>'(local)',

  778. 		'username'=>'',

  779. 		'password'=>'',

  780. 		'database'=>'xxx',

  781. 		'charset'=>'UTF-8'

  782. 	));

  783. 	$api->executeCommand();

  784. }