summaryrefslogtreecommitdiffstats
path: root/web/lib
diff options
context:
space:
mode:
Diffstat (limited to 'web/lib')
-rw-r--r--web/lib/aurjson.class.php145
1 files changed, 145 insertions, 0 deletions
diff --git a/web/lib/aurjson.class.php b/web/lib/aurjson.class.php
new file mode 100644
index 00000000..ce59ed7d
--- /dev/null
+++ b/web/lib/aurjson.class.php
@@ -0,0 +1,145 @@
+<?php
+/**
+ * AurJSON
+ *
+ * This file contains the AurRPC remote handling class
+ * @author eliott <eliott@cactuswax.net>
+ * @version $Id$
+ * @copyright cactuswax.net, 12 October, 2007
+ * @package rpc
+ **/
+
+/**
+ * This class defines a remote interface for fetching data
+ * from the AUR using JSON formatted elements.
+ * @package rpc
+ * @subpackage classes
+ **/
+class AurJSON {
+ private $dbh = false;
+ private $exposed_methods = array('search','info');
+
+ /**
+ * Returns the usage data for the exposed json api.
+ * @return string The usage data in plain format.
+ **/
+ public function usage() {
+ $usage = 'The methods currently allowed are: <br />';
+ $usage .= '<ul>';
+ foreach ($this->exposed_methods as $methodname) {
+ $usage .= "<li>{$methodname}</li>";
+ }
+ $usage .= '</ul><br />';
+ $usage .= 'Each method requires the following HTTP GET syntax:<br />';
+ $usage .= '&nbsp;&nbsp; type=_methodname_&arg=_data_ <br /><br />';
+ $usage .= 'Where _methodname_ is the name of an exposed method, and _data_ is the data supplied as part of the call.<br />';
+ $usage .= 'The _ characters are included only in this example as placeholders. Do not use them in an actual query.<br /><br />';
+ $usage .= 'If you need jsonp type callback specification, you can provide an additional variable "callback".<br />';
+ $usage .= 'Example URL: <br />&nbsp;&nbsp; http://aur-url/rpc.php?type=search&args=foobar&callback=jsonp1192244621103';
+ return $usage;
+ }
+
+ /**
+ * Handles post data, and routes the request.
+ * @param string $post_data The post data to parse and handle.
+ * @return string The JSON formatted response data.
+ **/
+ public function handle($http_data) {
+ // set content type header to json
+ //header('content-type: application/json');
+ // set up db connection.
+ $this->dbh = db_connect();
+
+ // handle error states
+ if ( !isset($http_data['type']) || !isset($http_data['arg']) ) {
+ return $this->json_error('No request type/data specified.');
+ }
+
+ // do the routing
+ if ( in_array($http_data['type'], $this->exposed_methods) ) {
+ // ugh. this works. I hate you php.
+ $json = call_user_func_array(array(&$this,$http_data['type']),$http_data['arg']);
+ // allow rpc callback for XDomainAjax
+ if ( isset($http_data['callback']) ) {
+ return $http_data['callback'] . "({$json})";
+ }
+ else {
+ return $json;
+ }
+ }
+ else {
+ return $this->json_error('Incorrect request type specified.');
+ }
+ }
+
+ /**
+ * Returns a JSON formatted error string.
+ *
+ * @param $msg The error string to return
+ * @return mixed A json formatted error response.
+ **/
+ private function json_error($msg){
+ return $this->json_results('error',$msg);
+ }
+
+ /**
+ * Returns a JSON formatted result data.
+ * @param $type The response method type.
+ * @param $data The result data to return
+ * @return mixed A json formatted result response.
+ **/
+ private function json_results($type,$data){
+ return json_encode( array('type' => $type, 'results' => $data) );
+ }
+
+ /**
+ * Performs a fulltext mysql search of the package database.
+ * @param $keyword_string A string of keywords to search with.
+ * @return mixed Returns an array of package matches.
+ **/
+ private function search($keyword_string) {
+ $query = sprintf(
+ "SELECT Name,ID FROM Packages WHERE MATCH(Name,Description) AGAINST('%s' IN BOOLEAN MODE)",
+ mysql_real_escape_string($keyword_string, $this->dbh) );
+
+ $result = db_query($query, $this->dbh);
+
+ if ( $result && (mysql_num_rows($result) > 0) ) {
+ $search_data = array();
+ while ( $row = mysql_fetch_assoc($result) ) {
+ $elem = array(
+ 'Name' => $row['Name'],
+ 'ID' => $row['ID'] );
+ array_push($search_data,$elem);
+ }
+ mysql_free_result($result);
+ return $this->json_results('search',$search_data);
+ }
+ else {
+ return $this->json_error('No results found');
+ }
+ }
+
+ /**
+ * Returns the info on a specific package id.
+ * @param $package_id The ID of the package to fetch info.
+ * @return mixed Returns an array of value data containing the package data
+ **/
+ private function info($package_id) {
+ // using sprintf to coerce the package_id to an int
+ // should handle sql injection issues, since sprintf will
+ // bork if not an int, or convert the string to a number
+ $query = sprintf("SELECT ID,Name,Version,Description,URL,URLPath,License,NumVotes,OutOfDate,Safe FROM Packages WHERE ID=%d",$package_id);
+ $result = db_query($query, $this->dbh);
+
+ if ( $result && (mysql_num_rows($result) > 0) ) {
+ $row = mysql_fetch_assoc($result);
+ mysql_free_result($result);
+ return $this->json_results('info',$row);
+ }
+ else {
+ return $this->json_error('No result found');
+ }
+ }
+}
+?>