summaryrefslogtreecommitdiffstats
path: root/application/controllers
diff options
context:
space:
mode:
Diffstat (limited to 'application/controllers')
-rw-r--r--application/controllers/file.php10
-rw-r--r--application/controllers/user.php65
2 files changed, 70 insertions, 5 deletions
diff --git a/application/controllers/file.php b/application/controllers/file.php
index c133539f7..7629b809b 100644
--- a/application/controllers/file.php
+++ b/application/controllers/file.php
@@ -282,7 +282,7 @@ class File extends CI_Controller {
"lexer" => $lexer
));
$this->session->set_flashdata("uri", "file/claim_id");
- $this->muser->require_access();
+ $this->muser->require_access("apikey");
}
foreach ($ids as $id) {
@@ -444,7 +444,7 @@ class File extends CI_Controller {
function upload_history()
{
- $this->muser->require_access();
+ $this->muser->require_access("apikey");
$user = $this->muser->get_userid();
@@ -523,7 +523,7 @@ class File extends CI_Controller {
function do_delete()
{
- $this->muser->require_access();
+ $this->muser->require_access("apikey");
$ids = $this->input->post("ids");
$errors = array();
@@ -563,7 +563,7 @@ class File extends CI_Controller {
function delete()
{
- $this->muser->require_access();
+ $this->muser->require_access("apikey");
if (!is_cli_client()) {
echo "Not a listed cli client, please use the history to delete uploads.\n";
@@ -634,7 +634,7 @@ class File extends CI_Controller {
{
// desktop clients get a cookie to claim the ID later
if (is_cli_client()) {
- $this->muser->require_access();
+ $this->muser->require_access("apikey");
}
$ids = array();
diff --git a/application/controllers/user.php b/application/controllers/user.php
index 21b58cf93..f1dbe5c31 100644
--- a/application/controllers/user.php
+++ b/application/controllers/user.php
@@ -84,6 +84,71 @@ class User extends CI_Controller {
}
}
+ function create_apikey()
+ {
+ $this->muser->require_access();
+
+ $userid = $this->muser->get_userid();
+ $comment = $this->input->post("comment");
+
+
+ if (strlen($comment) > 255 || !preg_match("/^[a-zA-Z0-9 -@,]*$/", $comment)) {
+ // display better error for
+ show_error("Comment invalid. Only 255 chars of a-zA-Z0-9, @, -, space and comma allowed");
+ }
+
+ $key = random_alphanum(32);
+
+ $this->db->query("
+ INSERT INTO `apikeys`
+ (`key`, `user`, `comment`)
+ VALUES (?, ?, ?)
+ ", array($key, $userid, $comment));
+
+ if (is_cli_client()) {
+ echo "$key\n";
+ } else {
+ redirect("user/apikeys");
+ }
+ }
+
+ function delete_apikey()
+ {
+ $this->muser->require_access();
+
+ $userid = $this->muser->get_userid();
+ $key = $this->input->post("key");
+
+ var_dump($userid, $key);
+
+ $this->db->query("
+ DELETE FROM `apikeys`
+ WHERE `user` = ?
+ AND `key` = ?
+ ", array($userid, $key));
+
+ redirect("user/apikeys");
+ }
+
+ function apikeys()
+ {
+ $this->muser->require_access();
+
+ $userid = $this->muser->get_userid();
+
+ $query = $this->db->query("
+ SELECT `key`, UNIX_TIMESTAMP(`created`) `created`, `comment`
+ FROM `apikeys`
+ WHERE `user` = ? order by created desc
+ ", array($userid))->result_array();
+
+ $this->data["query"] = $query;
+
+ $this->load->view('header', $this->data);
+ $this->load->view($this->var->view_dir.'apikeys', $this->data);
+ $this->load->view('footer', $this->data);
+ }
+
function create_invitation_key()
{
$this->duser->require_implemented("can_register_new_users");