Skip to content
Snippets Groups Projects
apikeys.inc.php 5.79 KiB
Newer Older
  • Learn to ignore specific revisions
  • Jared Hancock's avatar
    Jared Hancock committed
    <?php
    
    if(!defined('OSTADMININC') || !$thisstaff->isAdmin()) die('Access Denied');
    
    Jared Hancock's avatar
    Jared Hancock committed
    
    $qstr='';
    $sql='SELECT * FROM '.API_KEY_TABLE.' WHERE 1';
    $sortOptions=array('key'=>'apikey','status'=>'isactive','ip'=>'ipaddr','date'=>'created','created'=>'created','updated'=>'updated');
    $orderWays=array('DESC'=>'DESC','ASC'=>'ASC');
    
    $sort=($_REQUEST['sort'] && $sortOptions[strtolower($_REQUEST['sort'])])?strtolower($_REQUEST['sort']):'key';
    
    Jared Hancock's avatar
    Jared Hancock committed
    //Sorting options...
    if($sort && $sortOptions[$sort]) {
        $order_column =$sortOptions[$sort];
    }
    $order_column=$order_column?$order_column:'key.created';
    
    if($_REQUEST['order'] && $orderWays[strtoupper($_REQUEST['order'])]) {
        $order=$orderWays[strtoupper($_REQUEST['order'])];
    }
    $order=$order?$order:'DESC';
    
    if($order_column && strpos($order_column,',')){
        $order_column=str_replace(','," $order,",$order_column);
    }
    $x=$sort.'_sort';
    $$x=' class="'.strtolower($order).'" ';
    $order_by="$order_column $order ";
    
    $total=db_count('SELECT count(*) FROM '.API_KEY_TABLE.' ');
    $page=($_GET['p'] && is_numeric($_GET['p']))?$_GET['p']:1;
    
    $pageNav=new Pagenate($total,$page,PAGE_LIMIT);
    
    Jared Hancock's avatar
    Jared Hancock committed
    $pageNav->setURL('apikeys.php',$qstr.'&sort='.urlencode($_REQUEST['sort']).'&order='.urlencode($_REQUEST['order']));
    //Ok..lets roll...create the actual query
    $qstr.='&order='.($order=='DESC'?'ASC':'DESC');
    $query="$sql ORDER BY $order_by LIMIT ".$pageNav->getStart().",".$pageNav->getLimit();
    $res=db_query($query);
    if($res && ($num=db_num_rows($res)))
        $showing=$pageNav->showing().' API Keys';
    else
        $showing='No API keys found!';
    
    ?>
    
    
    Jared Hancock's avatar
    Jared Hancock committed
    <div style="width:700px;padding-top:5px; float:left;">
    
    Jared Hancock's avatar
    Jared Hancock committed
     <h2>API Keys</h2>
    </div>
    <div style="float:right;text-align:right;padding-top:5px;padding-right:5px;">
     <b><a href="apikeys.php?a=add" class="Icon newapi">Add New API Key</a></b></div>
    <div class="clear"></div>
    
    <form action="apikeys.php" method="POST" name="keys">
    
     <?php csrf_token(); ?>
    
    Jared Hancock's avatar
    Jared Hancock committed
     <input type="hidden" name="do" value="mass_process" >
    
    <input type="hidden" id="action" name="a" value="" >
    
    Jared Hancock's avatar
    Jared Hancock committed
     <table class="list" border="0" cellspacing="1" cellpadding="0" width="940">
        <caption><?php echo $showing; ?></caption>
        <thead>
            <tr>
                <th width="7">&nbsp;</th>        
                <th width="320"><a <?php echo $key_sort; ?> href="apikeys.php?<?php echo $qstr; ?>&sort=key">API Key</a></th>
                <th width="120"><a  <?php echo $ip_sort; ?> href="apikeys.php?<?php echo $qstr; ?>&sort=ip">IP Addr.</a></th>
    
                <th width="100"><a  <?php echo $status_sort; ?> href="apikeys.php?<?php echo $qstr; ?>&sort=status">Status</a></th>
                <th width="150" nowrap><a  <?php echo $date_sort; ?>href="apikeys.php?<?php echo $qstr; ?>&sort=date">Date Added</a></th>
    
    Jared Hancock's avatar
    Jared Hancock committed
                <th width="150" nowrap><a  <?php echo $updated_sort; ?>href="apikeys.php?<?php echo $qstr; ?>&sort=updated">Last Updated</a></th>
            </tr>
        </thead>
        <tbody>
        <?php
            $total=0;
            $ids=($errors && is_array($_POST['ids']))?$_POST['ids']:null;
            if($res && db_num_rows($res)):
                while ($row = db_fetch_array($res)) {
                    $sel=false;
    
                    if($ids && in_array($row['id'],$ids))
    
    Jared Hancock's avatar
    Jared Hancock committed
                        $sel=true;
                    ?>
                <tr id="<?php echo $row['id']; ?>">
                    <td width=7px>
    
                      <input type="checkbox" class="ckb" name="ids[]" value="<?php echo $row['id']; ?>" 
                                <?php echo $sel?'checked="checked"':''; ?>> </td>
    
    Jared Hancock's avatar
    Jared Hancock committed
                    <td>&nbsp;<a href="apikeys.php?id=<?php echo $row['id']; ?>"><?php echo Format::htmlchars($row['apikey']); ?></a></td>
                    <td><?php echo $row['ipaddr']; ?></td>
    
                    <td><?php echo $row['isactive']?'Active':'<b>Disabled</b>'; ?></td>
                    <td>&nbsp;<?php echo Format::db_date($row['created']); ?></td>
    
    Jared Hancock's avatar
    Jared Hancock committed
                    <td>&nbsp;<?php echo Format::db_datetime($row['updated']); ?></td>
                </tr>
                <?php
                } //end of while.
            endif; ?>
        <tfoot>
         <tr>
            <td colspan="7">
                <?php if($res && $num){ ?>
                Select:&nbsp;
    
                <a id="selectAll" href="#ckb">All</a>&nbsp;&nbsp;
                <a id="selectNone" href="#ckb">None</a>&nbsp;&nbsp;
                <a id="selectToggle" href="#ckb">Toggle</a>&nbsp;&nbsp;
    
    Jared Hancock's avatar
    Jared Hancock committed
                <?php }else{
                    echo 'No API keys found';
                } ?>
            </td>
         </tr>
        </tfoot>
    </table>
    <?php
    if($res && $num): //Show options..
        echo '<div>&nbsp;Page:'.$pageNav->getPageLinks().'&nbsp;</div>';
    ?>
    
    <p class="centered" id="actions">
        <input class="button" type="submit" name="enable" value="Enable" >
        <input class="button" type="submit" name="disable" value="Disable">
        <input class="button" type="submit" name="delete" value="Delete">
    
    Jared Hancock's avatar
    Jared Hancock committed
    </p>
    <?php
    endif;
    ?>
    </form>
    
    <div style="display:none;" class="dialog" id="confirm-action">
        <h3>Please Confirm</h3>
    
        <a class="close" href=""><i class="icon-remove-circle"></i></a>
    
        <hr/>
        <p class="confirm-action" style="display:none;" id="enable-confirm">
            Are you sure want to <b>enable</b> selected API keys?
        </p>
        <p class="confirm-action" style="display:none;" id="disable-confirm">
            Are you sure want to <b>disable</b>  selected API keys?
        </p>
        <p class="confirm-action" style="display:none;" id="delete-confirm">
            <font color="red"><strong>Are you sure you want to DELETE selected API keys?</strong></font>
            <br><br>Deleted keys CANNOT be recovered.
        </p>
        <div>Please confirm to continue.</div>
        <hr style="margin-top:1em"/>
        <p class="full-width">
            <span class="buttons" style="float:left">
                <input type="button" value="No, Cancel" class="close">
            </span>
            <span class="buttons" style="float:right">
                <input type="button" value="Yes, Do it!" class="confirm">
            </span>
         </p>
        <div class="clear"></div>
    </div>