diff options
Diffstat (limited to 'application/controllers')
-rw-r--r-- | application/controllers/file.php | 10 | ||||
-rw-r--r-- | application/controllers/user.php | 65 |
2 files changed, 70 insertions, 5 deletions
diff --git a/application/controllers/file.php b/application/controllers/file.php index c133539f7..7629b809b 100644 --- a/application/controllers/file.php +++ b/application/controllers/file.php @@ -282,7 +282,7 @@ class File extends CI_Controller { "lexer" => $lexer )); $this->session->set_flashdata("uri", "file/claim_id"); - $this->muser->require_access(); + $this->muser->require_access("apikey"); } foreach ($ids as $id) { @@ -444,7 +444,7 @@ class File extends CI_Controller { function upload_history() { - $this->muser->require_access(); + $this->muser->require_access("apikey"); $user = $this->muser->get_userid(); @@ -523,7 +523,7 @@ class File extends CI_Controller { function do_delete() { - $this->muser->require_access(); + $this->muser->require_access("apikey"); $ids = $this->input->post("ids"); $errors = array(); @@ -563,7 +563,7 @@ class File extends CI_Controller { function delete() { - $this->muser->require_access(); + $this->muser->require_access("apikey"); if (!is_cli_client()) { echo "Not a listed cli client, please use the history to delete uploads.\n"; @@ -634,7 +634,7 @@ class File extends CI_Controller { { // desktop clients get a cookie to claim the ID later if (is_cli_client()) { - $this->muser->require_access(); + $this->muser->require_access("apikey"); } $ids = array(); diff --git a/application/controllers/user.php b/application/controllers/user.php index 21b58cf93..f1dbe5c31 100644 --- a/application/controllers/user.php +++ b/application/controllers/user.php @@ -84,6 +84,71 @@ class User extends CI_Controller { } } + function create_apikey() + { + $this->muser->require_access(); + + $userid = $this->muser->get_userid(); + $comment = $this->input->post("comment"); + + + if (strlen($comment) > 255 || !preg_match("/^[a-zA-Z0-9 -@,]*$/", $comment)) { + // display better error for + show_error("Comment invalid. Only 255 chars of a-zA-Z0-9, @, -, space and comma allowed"); + } + + $key = random_alphanum(32); + + $this->db->query(" + INSERT INTO `apikeys` + (`key`, `user`, `comment`) + VALUES (?, ?, ?) + ", array($key, $userid, $comment)); + + if (is_cli_client()) { + echo "$key\n"; + } else { + redirect("user/apikeys"); + } + } + + function delete_apikey() + { + $this->muser->require_access(); + + $userid = $this->muser->get_userid(); + $key = $this->input->post("key"); + + var_dump($userid, $key); + + $this->db->query(" + DELETE FROM `apikeys` + WHERE `user` = ? + AND `key` = ? + ", array($userid, $key)); + + redirect("user/apikeys"); + } + + function apikeys() + { + $this->muser->require_access(); + + $userid = $this->muser->get_userid(); + + $query = $this->db->query(" + SELECT `key`, UNIX_TIMESTAMP(`created`) `created`, `comment` + FROM `apikeys` + WHERE `user` = ? order by created desc + ", array($userid))->result_array(); + + $this->data["query"] = $query; + + $this->load->view('header', $this->data); + $this->load->view($this->var->view_dir.'apikeys', $this->data); + $this->load->view('footer', $this->data); + } + function create_invitation_key() { $this->duser->require_implemented("can_register_new_users"); |