-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathpost.php
141 lines (113 loc) · 3.73 KB
/
post.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
<?php
// import useful functions
require_once './classes/HTTPException.php';
require_once './utils.php';
cors();
$method = sec($_SERVER['REQUEST_METHOD']);
if ($method === 'GET') {
http_error(400, "Incorrect request type, expected POST, not $method");
}
$inputJSON = json_decode(file_get_contents('php://input'), true);
if (!$inputJSON)
http_error(400, 'No JSON body provided');
$token = check_key_json('token', $inputJSON);
if (!$token)
http_error(400, 'No token provided');
if (file_exists('./tokens.php') == false)
http_error(501, 'Developer didn\'t implement a tokens.php file');
// add tokens
require_once './tokens.php';
if (!$db_tokens)
http_error(400, 'Developer is dumb and forgot to create tokens');
// verifying token
if (!in_array($token, $db_tokens))
http_error(403, 'Invalid token');
$collection = check_key_json('collection', $inputJSON);
if (!check($collection))
http_error(400, 'No collection provided');
if (file_exists('./config.php') == false)
http_error(501, 'Developer didn\'t implement a config.php file');
// import db config
require_once './config.php';
// HTTPExceptions get properly handled in the catch
try {
// checking good collection
if (!array_key_exists($collection, $database_list))
http_error(404, "Collection not found: $collection");
$db = $database_list[$collection];
$command = check_key_json('command', $inputJSON);
if ($command === false)
http_error(400, 'No command provided');
$available_commands = [
'write_raw',
'add',
'addBulk',
'remove',
'removeBulk',
'set',
'setBulk',
'editField',
'editFieldBulk'
];
if (!in_array($command, $available_commands))
http_error(404, "Command not found: $command. Available commands: " . join(', ', $available_commands));
$valueKeyName = ($command != 'setBulk' && $command != 'addBulk') ? 'value' : 'values';
$value = check_key_json($valueKeyName, $inputJSON, false);
if ($value === false)
http_error(400, "No $valueKeyName provided");
switch ($command) {
case 'write_raw':
$db->write_raw($value);
http_success("Successful $command command");
break;
case 'add':
$newId = $db->add($value);
http_message($newId, 'id', 200);
break;
case 'addBulk':
$id_array = $db->addBulk($value);
http_message($id_array, 'ids', 200);
break;
case 'remove':
$db->remove($value);
http_success("Successful $command command");
break;
case 'removeBulk':
$db->removeBulk($value);
http_success("Successful $command command");
break;
case 'set':
$dbKey = check_key_json('key', $inputJSON);
if ($dbKey === false)
http_error(400, 'No key provided');
$db->set($dbKey, $value);
http_success("Successful $command command");
break;
case 'setBulk':
$dbKey = check_key_json('keys', $inputJSON, false);
if ($dbKey === false)
http_error(400, 'No keys provided');
$db->setBulk($dbKey, $value);
http_success("Successful $command command");
break;
case 'editField':
$res = $db->editField($value);
if ($res === false)
http_error(400, 'Incorrect data provided');
http_success("Successful $command command");
break;
case 'editFieldBulk':
$res = $db->editFieldBulk($value);
if ($res === false)
http_error(400, 'Incorrect data provided');
http_success("Successful $command command");
break;
default:
break;
}
http_error(404, "No request handler found for command $command");
} catch(HTTPException $e) {
http_error($e->getCode(), $e->getMessage());
} catch(Exception $e) {
http_error(400, $e->getMessage());
}