Implement API (#1)
This commit is contained in:
Sven Seeberg
parent
feced8a6f5
commit
9213890410
|
|
@ -3,3 +3,9 @@ host = localhost
|
|||
database = abstimmidd
|
||||
user = abstimmidd
|
||||
password = changeme
|
||||
|
||||
[argon2]
|
||||
memory = 4096
|
||||
time = 1000
|
||||
threads = 1
|
||||
length = 32
|
||||
|
|
|
|||
|
|
@ -10,4 +10,6 @@ CREATE TABLE IF NOT EXISTS hashes (
|
|||
ON DELETE CASCADE,
|
||||
vote_round INT NOT NULL,
|
||||
name VARCHAR(128) NOT NULL,
|
||||
hash VARCHAR(32) NULL,
|
||||
UNIQUE(event, vote_round, name)
|
||||
);
|
||||
|
|
|
|||
70
functions.php
Normal file
70
functions.php
Normal file
|
|
@ -0,0 +1,70 @@
|
|||
<?php
|
||||
function init() {
|
||||
$cfg = parse_ini_file ( 'config.ini', $process_sections = true);
|
||||
$cfg['mysqli'] = new mysqli($cfg['database']['host'], $cfg['database']['user'], $cfg['database']['password'], $cfg['database']['database']);
|
||||
$cfg['database']['password'] = '';
|
||||
return $cfg;
|
||||
}
|
||||
|
||||
function get_voting_ids($cfg) {
|
||||
$body = json_decode(file_get_contents('php://input'));
|
||||
$event_id = get_event_id($cfg, $body->event_token);
|
||||
$vote_round = $body->round;
|
||||
$result = [];
|
||||
if (!$event_id) {
|
||||
return ["error" => "event not found"];
|
||||
}
|
||||
foreach($body->user_names as $name) {
|
||||
$hash = get_hash($cfg, $event_id, $vote_round, $name);
|
||||
$result[] = ["round" => $vote_round, "user_name" => $name, "hash" => $hash];
|
||||
}
|
||||
return $result;
|
||||
}
|
||||
|
||||
function get_event_id($cfg, $token) {
|
||||
$query = "SELECT id FROM events WHERE token=? LIMIT 1";
|
||||
$stmt = $cfg['mysqli']->prepare($query);
|
||||
$stmt->bind_param('s', $token);
|
||||
$stmt->bind_result($event_id);
|
||||
$stmt->execute();
|
||||
$stmt->fetch();
|
||||
$stmt->close();
|
||||
return $event_id;
|
||||
}
|
||||
|
||||
function save_hash($cfg, $event_id, $vote_round, $name, $hash) {
|
||||
$query = "INSERT INTO hashes (event, vote_round, name, hash) VALUES (?, ?, ?, ?)";
|
||||
$stmt = $cfg['mysqli']->prepare($query);
|
||||
$stmt->bind_param("iiss", $event_id, $vote_round, $name, $hash);
|
||||
$stmt->execute();
|
||||
$stmt->close();
|
||||
}
|
||||
|
||||
function create_hash($cfg, $vote_round, $name) {
|
||||
// The PHP password_hash function does not provide the required options
|
||||
$voute_round = (int)$vote_round;
|
||||
$name = addslashes($name);
|
||||
$hash = shell_exec("echo -n '$name' | argon2 'Abstimmung $vote_round' -p ".$cfg["argon2"]["threads"]." -k ".$cfg["argon2"]["memory"]." -t ".$cfg["argon2"]["time"]." -l ".$cfg["argon2"]["length"]." -id -r");
|
||||
return str_replace(array("\n", "\r"), '', $hash);
|
||||
}
|
||||
|
||||
function get_hash($cfg, $event_id, $vote_round, $name) {
|
||||
$hash = get_hash_db($cfg, $event_id, $vote_round, $name);
|
||||
if (sizeof($hash) != 32) {
|
||||
$hash = create_hash($cfg, $vote_round, $name);
|
||||
save_hash($cfg, $event_id, $vote_round, $name, $hash);
|
||||
}
|
||||
return $hash;
|
||||
}
|
||||
|
||||
function get_hash_db($cfg, $event_id, $vote_round, $name) {
|
||||
$query = "SELECT hash FROM hashes WHERE event=? AND vote_round=? AND name=? LIMIT 1";
|
||||
$stmt = $cfg['mysqli']->prepare($query);
|
||||
$stmt->bind_param('iis', $event_id, $vote_round, $name);
|
||||
$stmt->bind_result($hash);
|
||||
$stmt->execute();
|
||||
$stmt->fetch();
|
||||
$stmt->close();
|
||||
return $hash;
|
||||
}
|
||||
?>
|
||||
15
php-public/index.php
Normal file
15
php-public/index.php
Normal file
|
|
@ -0,0 +1,15 @@
|
|||
<?php
|
||||
require_once("../functions.php");
|
||||
|
||||
$cfg = init();
|
||||
header('Content-Type: application/json');
|
||||
|
||||
if($_SERVER["REQUEST_URI"] == '/get_ids') {
|
||||
$data = get_voting_ids($cfg);
|
||||
echo json_encode($data);
|
||||
}
|
||||
else {
|
||||
echo json_encode(array("error" => "no route"));
|
||||
}
|
||||
|
||||
?>
|
||||
Loading…
Reference in a new issue