api.php 3.8 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475
  1. <?php
  2. /**
  3. * @name api.php
  4. * @author Philipp Maurer
  5. * @author Tobias Reich
  6. * @copyright 2012 by Philipp Maurer, Tobias Reich
  7. */
  8. if((isset($_POST["function"])&&$_POST["function"]!="")||(isset($_GET["function"])&&$_GET["function"]!="")) {
  9. session_start();
  10. include("array2json.php");
  11. include("functions.php");
  12. // Security
  13. if(isset($_POST["albumID"])&&($_POST["albumID"]==""||$_POST["albumID"]<0)) exit("Wrong parameter type for 'albumID'!");
  14. if(isset($_POST["photoID"])&&$_POST["photoID"]=="") exit("Wrong parameter type for 'photoID'!");
  15. if($_SESSION["login"]==true) {
  16. //Connect to DB
  17. dbConnect();
  18. // Album Functions
  19. if($_POST["function"]=="getAlbums") echo array2json(getAlbums());
  20. if($_POST["function"]=="getSmartInfo") echo array2json(getSmartInfo());
  21. if($_POST["function"]=="addAlbum"&&isset($_POST["title"])) echo addAlbum($_POST["title"]);
  22. if($_POST["function"]=="getAlbumInfo"&&isset($_POST["albumID"])) echo array2json(getAlbumInfo($_POST["albumID"]));
  23. if($_POST["function"]=="setAlbumTitle"&&isset($_POST["albumID"])&&isset($_POST["title"])) echo setAlbumTitle($_POST["albumID"], $_POST["title"]);
  24. if($_POST["function"]=="deleteAlbum"&&isset($_POST["albumID"])&&isset($_POST["delAll"])) echo deleteAlbum($_POST["albumID"], $_POST["delAll"]);
  25. if($_GET["function"]=="getAlbumArchive"&&isset($_GET["albumID"])) getAlbumArchive($_GET["albumID"]);
  26. // Photo Functions
  27. if($_POST["function"]=="getPhotos"&&isset($_POST["albumID"])) echo array2json(getPhotos($_POST["albumID"]));
  28. if($_POST["function"]=="getPhotoInfo"&&isset($_POST["photoID"])) echo array2json(getPhotoInfo($_POST["photoID"]));
  29. if($_POST["function"]=="movePhoto"&&isset($_POST["photoID"])&&isset($_POST["albumID"])) echo movePhoto($_POST["photoID"], $_POST["albumID"]);
  30. if($_POST["function"]=="deletePhoto"&&isset($_POST["photoID"])) echo deletePhoto($_POST["photoID"]);
  31. if($_POST["function"]=="setPhotoTitle"&&isset($_POST["photoID"])&&isset($_POST["title"])) echo setPhotoTitle($_POST["photoID"], $_POST["title"]);
  32. if($_POST["function"]=="setPhotoStar"&&isset($_POST["photoID"])) echo setPhotoStar($_POST["photoID"]);
  33. if($_POST["function"]=="setPhotoPublic"&&isset($_POST["photoID"])&&isset($_POST["url"])) echo setPhotoPublic($_POST["photoID"], $_POST["url"]);
  34. if($_POST["function"]=="setPhotoDescription"&&isset($_POST["photoID"])&&isset($_POST["description"])) echo setPhotoDescription($_POST["photoID"], $_POST["description"]);
  35. if($_POST["function"]=="sharePhoto"&&isset($_POST["photoID"])&&isset($_POST["url"])) echo array2json(sharePhoto($_POST["photoID"], $_POST["url"]));
  36. if($_POST["function"]=="previousPhoto"&&isset($_POST["photoID"])&&isset($_POST["albumID"])) echo array2json(previousPhoto($_POST["photoID"], $_POST["albumID"]));
  37. if($_POST["function"]=="nextPhoto"&&isset($_POST["photoID"])&&isset($_POST["albumID"])) echo array2json(nextPhoto($_POST["photoID"], $_POST["albumID"]));
  38. // Upload Function
  39. if($_POST["function"]=="upload"&&isset($_FILES)&&isset($_POST["albumID"])) echo upload($_FILES, $_POST["albumID"]);
  40. // Search Function
  41. if($_POST["function"]=="search"&&isset($_POST["term"])) echo array2json(search($_POST["term"]));
  42. // Sync Function
  43. if($_POST["function"]=="syncFolder") echo syncFolder();
  44. // Session Functions
  45. if($_POST["function"]=="logout") logout();
  46. if($_POST["function"]=="loggedIn") echo true;
  47. } else {
  48. dbConnect();
  49. // Photo Functions
  50. if($_POST["function"]=="getPhotoInfo"&&isset($_POST["photoID"])&&isPhotoPublic($_POST["photoID"])) echo array2json(getPhotoInfo($_POST["photoID"]));
  51. // Session Functions
  52. if($_POST["function"]=="login") echo login($_POST['user'], $_POST['password']);
  53. if($_POST["function"]=="loggedIn") echo false;
  54. }
  55. } else echo "Error: No permission!";
  56. ?>