1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
|
<?php
/**
* AurJSON
*
* This file contains the AurRPC remote handling class
* @author eliott <eliott@cactuswax.net>
* @version $Id$
* @copyright cactuswax.net, 12 October, 2007
* @package rpc
**/
/**
* This class defines a remote interface for fetching data
* from the AUR using JSON formatted elements.
* @package rpc
* @subpackage classes
**/
class AurJSON {
private $dbh = false;
private $exposed_methods = array('search','info');
/**
* Handles post data, and routes the request.
* @param string $post_data The post data to parse and handle.
* @return string The JSON formatted response data.
**/
public function handle($http_data) {
// set content type header to json
header('content-type: application/json');
// set up db connection.
$this->dbh = db_connect();
// handle error states
if ( !isset($http_data['type']) || !isset($http_data['arg']) ) {
return $this->json_error('No request type/data specified.');
}
// do the routing
if ( in_array($http_data['type'], $this->exposed_methods) ) {
// ugh. this works. I hate you php.
$json = call_user_func_array(array(&$this,$http_data['type']),$http_data['arg']);
// allow rpc callback for XDomainAjax
if ( isset($http_data['callback']) ) {
return $http_data['callback'] . "({$json})";
}
else {
return $json;
}
}
else {
return $this->json_error('Incorrect request type specified.');
}
}
/**
* Returns a JSON formatted error string.
*
* @param $msg The error string to return
* @return mixed A json formatted error response.
**/
private function json_error($msg){
return $this->json_results('error',$msg);
}
/**
* Returns a JSON formatted result data.
* @param $type The response method type.
* @param $data The result data to return
* @return mixed A json formatted result response.
**/
private function json_results($type,$data){
return json_encode( array('type' => $type, 'results' => $data) );
}
/**
* Performs a fulltext mysql search of the package database.
* @param $keyword_string A string of keywords to search with.
* @return mixed Returns an array of package matches.
**/
private function search($keyword_string) {
$query = sprintf(
"SELECT Name,ID FROM Packages WHERE MATCH(Name,Description) AGAINST('%s' IN BOOLEAN MODE)",
mysql_real_escape_string($keyword_string, $this->dbh) );
$result = db_query($query, $this->dbh);
if ( $result && (mysql_num_rows($result) > 0) ) {
$search_data = array();
while ( $row = mysql_fetch_assoc($result) ) {
$elem = array(
'Name' => $row['Name'],
'ID' => $row['ID'] );
array_push($search_data,$elem);
}
mysql_free_result($result);
return $this->json_results('search',$search_data);
}
else {
return $this->json_error('No results found');
}
}
/**
* Returns the info on a specific package id.
* @param $package_id The ID of the package to fetch info.
* @return mixed Returns an array of value data containing the package data
**/
private function info($package_id) {
// using sprintf to coerce the package_id to an int
// should handle sql injection issues, since sprintf will
// bork if not an int, or convert the string to a number
$query = sprintf("SELECT ID,Name,Version,Description,URL,URLPath,License,NumVotes,OutOfDate FROM Packages WHERE ID=%d",$package_id);
$result = db_query($query, $this->dbh);
if ( $result && (mysql_num_rows($result) > 0) ) {
$row = mysql_fetch_assoc($result);
mysql_free_result($result);
return $this->json_results('info',$row);
}
else {
return $this->json_error('No result found');
}
}
}
?>
|
