Checks if the types of returned expressions are compatible with the documented types.
1 | <?php |
||
2 | /** |
||
3 | * A library for managing users of the web services API |
||
4 | */ |
||
5 | |||
6 | // API key functions ///////////////////////////////////////////////////////////////////// |
||
7 | |||
8 | /** |
||
9 | * Generate a new API user for a site, returning a new keypair on success. |
||
10 | * |
||
11 | * @return stdClass object or false |
||
12 | */ |
||
13 | function create_api_user() { |
||
14 | $dbprefix = elgg_get_config('dbprefix'); |
||
15 | $public = _elgg_services()->crypto->getRandomString(40, ElggCrypto::CHARS_HEX); |
||
16 | $secret = _elgg_services()->crypto->getRandomString(40, ElggCrypto::CHARS_HEX); |
||
17 | |||
18 | $insert = insert_data("INSERT into {$dbprefix}api_users |
||
19 | (api_key, secret) values |
||
20 | ('$public', '$secret')"); |
||
21 | |||
22 | if ($insert) { |
||
23 | return get_api_user($public); |
||
0 ignored issues
–
show
Bug
Best Practice
introduced
by
Loading history...
|
|||
24 | } |
||
25 | |||
26 | return false; |
||
0 ignored issues
–
show
|
|||
27 | } |
||
28 | |||
29 | /** |
||
30 | * Find an API User's details based on the provided public api key. |
||
31 | * These users are not users in the traditional sense. |
||
32 | * |
||
33 | * @param string $api_key The API Key |
||
34 | * |
||
35 | * @return mixed stdClass representing the database row or false. |
||
36 | */ |
||
37 | function get_api_user($api_key) { |
||
38 | 1 | $dbprefix = elgg_get_config('dbprefix'); |
|
39 | 1 | $api_key = sanitise_string($api_key); |
|
40 | |||
41 | 1 | $query = "SELECT * from {$dbprefix}api_users" |
|
42 | 1 | . " where api_key='$api_key' and active=1"; |
|
43 | |||
44 | 1 | return get_data_row($query); |
|
45 | } |
||
46 | |||
47 | /** |
||
48 | * Revoke an api user key. |
||
49 | * |
||
50 | * @param string $api_key The API Key (public). |
||
51 | * |
||
52 | * @return bool |
||
53 | */ |
||
54 | function remove_api_user($api_key) { |
||
55 | $dbprefix = elgg_get_config('dbprefix'); |
||
56 | $keypair = get_api_user($api_key); |
||
57 | if ($keypair) { |
||
58 | return delete_data("DELETE from {$dbprefix}api_users where id={$keypair->id}"); |
||
59 | } |
||
60 | |||
61 | return false; |
||
62 | } |
||
63 |