Web Service Revise ws_checker and ws_functions.inc.php

(Next steps:
- Restrict Method need to be more generic maybe
- Delete functions_webserv.inc.php 
- Activate $partner in ws.php
- Include checked access in tools
- ...)


git-svn-id: http://piwigo.org/svn/trunk@1760 68402e56-0260-453c-a942-63ccdbb3a9ee

admin.php

@@ -114,7 +114,7 @@ $template->assign_vars(
     'L_ADMIN_HINT' => $lang['hint_admin']
     )
   );
-if ($conf['allow_web_services'])
+if ($conf['ws_access_control']) // Do we need to display ws_checker
 {
   $template->assign_block_vars(
     'web_services',

admin/ws_checker.php

@@ -2,7 +2,7 @@
 // +-----------------------------------------------------------------------+
 // | PhpWebGallery - a PHP based picture gallery                           |
 // | Copyright (C) 2002-2003 Pierrick LE GALL - pierrick@phpwebgallery.net |
-// | Copyright (C) 2003-2006 PhpWebGallery Team - http://phpwebgallery.net |
+// | Copyright (C) 2003-2007 PhpWebGallery Team - http://phpwebgallery.net |
 // +-----------------------------------------------------------------------+
 // | branch        : BSF (Best So Far)
 // | file          : $RCSfile$
@@ -62,11 +62,9 @@ if (isset($_POST['wsa_submit']))
 {
 // Check $_post (Some values are commented - maybe a future use)
 $add_partner = htmlspecialchars( $_POST['add_partner'], ENT_QUOTES);
-$add_access = check_target( $_POST['add_access']) ;
-$add_start = 0; // ( is_numeric($_POST['add_start']) ) ? $_POST['add_start']:0; 
+$add_target = check_target( $_POST['add_target']) ;
 $add_end = ( is_numeric($_POST['add_end']) ) ? $_POST['add_end']:0;
-$add_request = ( ctype_alpha($_POST['add_request']) ) ?
-  $_POST['add_request']:'';
+$add_request = htmlspecialchars( $_POST['add_request'], ENT_QUOTES);
 $add_high = 'true'; // ( $_POST['add_high'] == 'true' ) ? 'true':'false';
 $add_normal = 'true'; // ( $_POST['add_normal'] == 'true' ) ? 'true':'false';
 $add_limit = ( is_numeric($_POST['add_limit']) ) ? $_POST['add_limit']:1; 
@@ -79,8 +77,8 @@ INSERT INTO '.WEB_SERVICES_ACCESS_TABLE.'
 ( `name` , `access` , `start` , `end` , `request` , 
   `high` , `normal` , `limit` , `comment` ) 
 VALUES (' . "
-  '$add_partner', '$add_access',
-  ADDDATE( NOW(), INTERVAL $add_start DAY),
+  '$add_partner', '$add_target',
+  NOW(), 
   ADDDATE( NOW(), INTERVAL $add_end DAY),
   '$add_request', '$add_high', '$add_normal', '$add_limit', '$add_comment' );";
 
@@ -207,12 +205,9 @@ while ($row = mysql_fetch_array($result))
        'ID'               => $row['id'],
        'NAME'             => 
          (is_adviser()) ? '*********' : $row['name'],       
-       'ACCESS'           => $row['access'],
-       'START'            => $row['start'],
+       'TARGET'           => $row['access'],
        'END'              => $row['end'],
-       'FORCE'            => $row['request'],
-       'HIGH'             => $row['high'],
-       'NORMAL'           => $row['normal'],
+       'REQUEST'          => $row['request'],
        'LIMIT'            => $row['limit'],
        'COMMENT'          => $row['comment'],
        'SELECTED'         => '',
@@ -234,7 +229,7 @@ foreach ($req_type_list as $value) {
     'add_request',
      array(
        'VALUE'=> $value,
-       'CONTENT' => $lang['ws_'.$value],
+       'CONTENT' => $value,
        'SELECTED' => '',
      )
   );

include/ws_functions.inc.php

@@ -821,21 +821,21 @@ LIMIT '.$params['per_page']*$params['page'].','.$params['per_page'];
  * */   
 function official_req()
 {
-return array(
-    'random'                              /* Random order */
-  , 'list'               /* list on MBt & z0rglub request */
-  , 'maxviewed'             /* hit > 0 and hit desc order */
-  , 'recent'        /* recent = Date_available desc order */
-  , 'highrated'            /* avg_rate > 0 and desc order */
-  , 'oldest'                  /* Date_available asc order */
-  , 'lessviewed'                         /* hit asc order */
-  , 'lowrated'                      /* avg_rate asc order */
-  , 'undescribed'                  /* description missing */
-  , 'unnamed'                         /* new name missing */
-  , 'portraits'     /* width < height (portrait oriented) */
-  , 'landscapes'   /* width > height (landscape oriented) */
-  , 'squares'             /* width ~ height (square form) */
-);
+  $official = array(                  /* Requests are limited to             */
+      'categories.'                          /* all categories. methods */
+    , 'categories.getImages'                 /* <= see */
+    , 'categories.getList'                   /* <= see */
+    , 'images.'                              /* all images. methods */
+    , 'images.getInfo'                       /* <= see */
+    , 'tags.'                                /* all tags. methods */
+    , 'tags.getImages'                       /* <= see */
+    , 'tags.getList'                         /* <= see */
+  );
+  if (function_exists('local_req')) {
+     $local = local_req();
+     return array_merge( $official, $local );
+  }
+  return $official;
 }
 
 /**

language/en_UK.iso-8859-1/admin.lang.php

@@ -501,7 +501,7 @@ $lang['ws_update_legend'] = '  Revoke / Update selected partner access ';
 $lang['ws_delete_legend'] = '  Revoke selected partner access ';
 //  $lang['ws_default_legend'] = '  Assumed defaults parameters in any missing cases ';
 //  $lang['ws_default'] = ' Default ';
-//  $lang['ws_request'] = ' Request (Demand type) ';
+$lang['ws_Methods'] = ' Methods ';
 //  $lang['ws_requested_nbr'] = ' Number of images per request ';
 $lang['ws_random'] = 'Random';                                /* Random order */
 $lang['ws_list'] = 'Id list';                /* list on MBt & z0rglub request */

language/fr_FR.iso-8859-1/admin.lang.php

@@ -500,7 +500,7 @@ $lang['ws_update_legend'] = '  Supprimer / Modifier l\'acc
 $lang['ws_delete_legend'] = '  Supprimer définitivement l\'accès du partenaire sélectionné ';
 //  $lang['ws_default_legend'] = '  Valeurs par défaut en situation de paramètre manquant ';
 //  $lang['ws_default'] = ' Défauts ';
-//  $lang['ws_request'] = ' Requête (Type de demande) ';
+$lang['ws_Methods'] = ' Méthodes ';
 //  $lang['ws_requested_nbr'] = ' Nombre d\'images renvoyées ';
 $lang['ws_random'] = 'Aléatoires';                            /* Random order */
 $lang['ws_list'] = 'Liste d\'id';            /* list on MBt & z0rglub request */

template/yoga/admin/ws_checker.tpl

@@ -37,8 +37,8 @@
           <label for="Access">{lang:Target}</label>
         </td>
         <td>
-          <input type="text" maxlength="128" size="35" name="add_access"
-            id="add_access" value="{F_ADD_ACCESS}"
+          <input type="text" maxlength="128" size="35" name="add_target"
+            id="add_target" value="{F_ADD_ACCESS}"
             title="{lang:Facultative and restrictive option}" />
           <i><small> ({lang:Access: see help text for more})
           </small></i>
@@ -60,7 +60,7 @@
             </option> 
             <!-- END add_request -->
           </select> 
-          <i><small> ({lang:ws_Request})</small></i>
+          <i><small> ({lang:ws_Methods})</small></i>
         </td>
       </tr>
 
@@ -200,11 +200,8 @@
         <th>&nbsp;</th>
         <th>{lang:ws_KeyName}</th>
         <th>{lang:ws_Access}</th>
-        <!-- <th>{lang:ws_Start}</th> -->
         <th>{lang:ws_End}</th>
         <th>{lang:ws_Request}</th>
-        <!-- <th>{lang:ws_High}</th> -->
-        <!-- <th>{lang:ws_Normal}</th> -->
         <th>{lang:ws_Limit}</th>
         <th>{lang:ws_Comment}</th>
       </tr>
@@ -215,12 +212,9 @@
             value="{acc_list.access.ID}" id="selection-{acc_list.access.ID}" />
         </td>
         <td><label for="selection-{acc_list.access.ID}">{acc_list.access.NAME}</label></td>
-        <td>{acc_list.access.ACCESS}</td>
-        <!-- <td>{acc_list.access.START}</td> -->
+        <td>{acc_list.access.TARGET}</td>
         <td>{acc_list.access.END}</td>
-        <td>{acc_list.access.FORCE}</td>
-        <!-- <td>{acc_list.access.HIGH}</td> -->
-        <!-- <td>{acc_list.access.NORMAL}</td> -->
+        <td>{acc_list.access.REQUEST}</td>
         <td>{acc_list.access.LIMIT}</td>
         <td>{acc_list.access.COMMENT}</td>
       </tr>