summaryrefslogtreecommitdiffstats
path: root/application
diff options
context:
space:
mode:
authorFlorian Pritz <bluewind@xinu.at>2015-02-03 11:18:28 +0100
committerFlorian Pritz <bluewind@xinu.at>2015-02-03 11:18:28 +0100
commitd9c895ce4f53b180fc11c3b5a172c4cf787b1279 (patch)
tree6757ed1622b79519279fcf50eda88118fa6ca5c8 /application
parent9ea78213f8e505b5fde7372106adc1947d1f7de2 (diff)
Remove unstable json api
Signed-off-by: Florian Pritz <bluewind@xinu.at>
Diffstat (limited to 'application')
-rw-r--r--application/controllers/file.php20
-rw-r--r--application/controllers/user.php9
-rw-r--r--application/core/MY_Controller.php29
-rw-r--r--application/errors/error_general.php11
4 files changed, 2 insertions, 67 deletions
diff --git a/application/controllers/file.php b/application/controllers/file.php
index e35978a1e..63f6a71b5 100644
--- a/application/controllers/file.php
+++ b/application/controllers/file.php
@@ -9,13 +9,6 @@
class File extends MY_Controller {
- protected $json_enabled_functions = array(
- "upload_history",
- "do_upload",
- "do_delete",
- "do_multipaste",
- );
-
function __construct()
{
parent::__construct();
@@ -470,10 +463,6 @@ class File extends MY_Controller {
}
}
- if (static_storage("response_type") == "json") {
- return send_json_reply($this->data["urls"]);
- }
-
if (is_cli_client()) {
$redirect = false;
}
@@ -740,15 +729,6 @@ class File extends MY_Controller {
);
}
- if (static_storage("response_type") == "json") {
- return send_json_reply(array(
- "errors" => $errors,
- "deleted" => $deleted,
- "total_count" => $total_count,
- "deleted_count" => $deleted_count,
- ));
- }
-
$this->data["errors"] = $errors;
$this->data["deleted_count"] = $deleted_count;
$this->data["total_count"] = $total_count;
diff --git a/application/controllers/user.php b/application/controllers/user.php
index 62569e1f1..aba2a8ec1 100644
--- a/application/controllers/user.php
+++ b/application/controllers/user.php
@@ -8,11 +8,6 @@
*/
class User extends MY_Controller {
- protected $json_enabled_functions = array(
- "create_apikey",
- "apikeys",
- );
-
function __construct()
{
@@ -93,10 +88,6 @@ class User extends MY_Controller {
$key = \service\user::create_apikey($userid, $comment, $access_level);
- if (static_storage("response_type") == "json") {
- return send_json_reply(array("new_key" => $key));
- }
-
if (is_cli_client()) {
echo "$key\n";
} else {
diff --git a/application/core/MY_Controller.php b/application/core/MY_Controller.php
index fc08b10ae..0f71a7fdc 100644
--- a/application/core/MY_Controller.php
+++ b/application/core/MY_Controller.php
@@ -11,9 +11,6 @@ class MY_Controller extends CI_Controller {
public $data = array();
public $var;
- protected $json_enabled_functions = array(
- );
-
function __construct()
{
parent::__construct();
@@ -46,33 +43,11 @@ class MY_Controller extends CI_Controller {
$this->load->helper(array('form', 'filebin'));
$this->load->library('customautoloader');
- // TODO: proper accept header handling or is this enough?
- if (isset($_SERVER["HTTP_ACCEPT"])) {
- if ($_SERVER["HTTP_ACCEPT"] == "application/json") {
- static_storage("response_type", "json");
- }
- }
-
- // Allow for easier testing in browser
- if ($this->input->get("json") !== false) {
- static_storage("response_type", "json");
- }
-
- // TODO: this should probably call a function in the controller that does the checking
- // instead of checking if the controller name == "api"
- if (static_storage("response_type") == "json"
- && $this->uri->segment(1) != "api"
- && ! in_array($this->uri->rsegment(2), $this->json_enabled_functions)) {
- show_error("Function not JSON enabled");
- }
-
if ($this->uri->segment(1) == "api") {
is_cli_client(true);
}
- if ($this->input->post("apikey") !== false
- || ($this->input->post("username") !== false
- && $this->input->post("password") !== false)) {
+ if ($this->input->post("apikey") !== false || is_cli_client()) {
/* This relies on the authentication code always verifying the supplied
* apikey. If the key is not verified/logged in an attacker could simply
* add an empty "apikey" field to the CSRF form to circumvent the
@@ -119,7 +94,7 @@ class MY_Controller extends CI_Controller {
$this->security->csrf_verify();
}
- if ($this->config->item("environment") == "development" && static_storage("response_type") != "json") {
+ if ($this->config->item("environment") == "development") {
$this->output->enable_profiler(true);
}
diff --git a/application/errors/error_general.php b/application/errors/error_general.php
index 844dfb74d..87d5b62f6 100644
--- a/application/errors/error_general.php
+++ b/application/errors/error_general.php
@@ -15,17 +15,6 @@ if (class_exists("CI_Controller") && !isset($GLOBALS["is_error_page"])) {
is_cli_client(true);
}
- if (static_storage("response_type") == "json") {
- $message = str_replace("</p>", "</p>\n", $message);
- $array = array(
- "status" => "error",
- "message" => strip_tags($message),
- );
- header('Content-type: application/json');
- echo json_encode($array);
- exit();
- }
-
if (is_cli_client()) {
$message = str_replace("</p>", "</p>\n", $message);
$message = strip_tags($message);