Skip to content

Commit

Permalink
Push
Browse files Browse the repository at this point in the history 
Rewrote the API
  • Loading branch information
@NaysKutzu
NaysKutzu authored Oct 20, 2023
2 parents a6e9a9c + 7f64396 commit 6c87c35
Show file tree
Hide file tree
Showing 32 changed files with 1,300 additions and 358 deletions.
1 change: 1 addition & 0 deletions Insomnia_2023-10-20.json
View file

Large diffs are not rendered by default.

62 changes: 28 additions & 34 deletions api/admin/base.php
View file
Original file line number Diff line number Diff line change
@@ -1,38 +1,32 @@
<?php
if (isset($_GET['api_key'])) {
if (!$_GET['api_key'] == "") {
$api_key = mysqli_real_escape_string($conn,$_GET['api_key']);
$query = "SELECT * FROM mythicaldash_apikeys WHERE `skey` = '$api_key'";
$result = mysqli_query($conn, $query);
if (mysqli_num_rows($result) > 0) {
//CONTINUE CODE HERE

} else {
$rsp = array(
"code" => 403,
"error" => "The server understood the request, but it refuses to authorize it.",
"message" => "Im sorry but the api key is wrong"
);
http_response_code(403);
die(json_encode($rsp, JSON_PRETTY_PRINT | JSON_UNESCAPED_SLASHES));
}
<?php
include(__DIR__ . "/../base.php");
$headers = getallheaders();

if (isset($headers['Authorization']) && !$headers['Authorization'] == "") {
$authorizationHeader = $headers['Authorization'];
$api_key = mysqli_real_escape_string($conn, $authorizationHeader);
$query = "SELECT * FROM mythicaldash_apikeys WHERE `skey` = '$api_key'";
$result = mysqli_query($conn, $query);
if (mysqli_num_rows($result) > 0) {
//CONTINUE CODE HERE

} else {
$rsp = array(
"code" => 400,
"error" => "The server cannot understand the request due to a client error.",
"message" => "Please provide an api key"
);
http_response_code(400);
die(json_encode($rsp, JSON_PRETTY_PRINT | JSON_UNESCAPED_SLASHES));
$response = [
"code" => 403,
"error" => "Unauthorized",
"message" => "Please make sure your API key is valid."
];
http_response_code(403);
die(json_encode($response, JSON_PRETTY_PRINT | JSON_UNESCAPED_SLASHES));
}
} else {
$response = [
"code" => 401,
"error" => "Authentication required",
"message" => "Please provide your API key."
];
http_response_code(401);
die(json_encode($response, JSON_PRETTY_PRINT | JSON_UNESCAPED_SLASHES));
}
else {
$rsp = array(
"code" => 400,
"error" => "The server cannot understand the request due to a client error.",
"message" => "Please provide an api key"
);
http_response_code(400);
die(json_encode($rsp, JSON_PRETTY_PRINT | JSON_UNESCAPED_SLASHES));
}

?>
166 changes: 166 additions & 0 deletions api/admin/redeem/create.php
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,166 @@
<?php
include(__DIR__ . "/../base.php");
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
try {
if (isset($_POST['code']) && !$_POST['code'] == "") {
$code = mysqli_real_escape_string($conn, $_POST['code']);
if (isset($_POST['coins']) && is_numeric($_POST['coins']) && $_POST['coins'] >= 0) {
$coins = mysqli_real_escape_string($conn, $_POST['coins']);
if (isset($_POST['ram']) && is_numeric($_POST['ram']) && $_POST['ram'] >= 0) {
$ram = mysqli_real_escape_string($conn, $_POST['ram']);
if (isset($_POST['disk']) && is_numeric($_POST['disk']) && $_POST['disk'] >= 0) {
$disk = mysqli_real_escape_string($conn, $_POST['disk']);
if (isset($_POST['cpu']) && is_numeric($_POST['cpu']) && $_POST['cpu'] >= 0) {
$cpu = mysqli_real_escape_string($conn, $_POST['cpu']);
if (isset($_POST['server_limit']) && is_numeric($_POST['server_limit']) && $_POST['server_limit'] >= 0) {
$server_limit = mysqli_real_escape_string($conn, $_POST['server_limit']);
if (isset($_POST['ports']) && is_numeric($_POST['ports']) && $_POST['ports'] >= 0) {
$ports = mysqli_real_escape_string($conn, $_POST['ports']);
if (isset($_POST['databases']) && is_numeric($_POST['databases']) && $_POST['databases'] >= 0) {
$databases = mysqli_real_escape_string($conn, $_POST['databases']);
if (isset($_POST['backups']) && is_numeric($_POST['backups']) && $_POST['backups'] >= 0) {
$backups = mysqli_real_escape_string($conn, $_POST['backups']);
if (isset($_POST['uses']) && is_numeric($_POST['uses']) && $_POST['uses'] >= 0) {
$uses = mysqli_real_escape_string($conn, $_POST['uses']);
$conn->query("INSERT INTO `mythicaldash_redeem` (
`code`,
`uses`,
`coins`,
`ram`,
`disk`,
`cpu`,
`server_limit`,
`ports`,
`databases`,
`backups`
) VALUES (
'" . $code . "',
'" . $uses . "',
'" . $coins . "',
'" . $ram . "',
'" . $disk . "',
'" . $cpu . "',
'" . $server_limit . "',
'" . $ports . "',
'" . $databases . "',
'" . $backups . "'
);");
$conn->close();
$rsp = array(
"code" => 200,
"error" => null,
"message" => "Added a new redeem key in the database!"
);
http_response_code(200);
die(json_encode($rsp, JSON_PRETTY_PRINT | JSON_UNESCAPED_SLASHES));

} else {
$rsp = array(
"code" => 400,
"error" => "Bad request syntax",
"message" => "Uses is required, but not provided."
);
http_response_code(400);
die(json_encode($rsp, JSON_PRETTY_PRINT | JSON_UNESCAPED_SLASHES));
}
} else {
$rsp = array(
"code" => 400,
"error" => "Bad request syntax",
"message" => "Backups is required, but not provided."
);
http_response_code(400);
die(json_encode($rsp, JSON_PRETTY_PRINT | JSON_UNESCAPED_SLASHES));
}
} else {
$rsp = array(
"code" => 400,
"error" => "Bad request syntax",
"message" => "Databases is required, but not provided."
);
http_response_code(400);
die(json_encode($rsp, JSON_PRETTY_PRINT | JSON_UNESCAPED_SLASHES));
}
} else {
$rsp = array(
"code" => 400,
"error" => "Bad request syntax",
"message" => "Ports is required, but not provided."
);
http_response_code(400);
die(json_encode($rsp, JSON_PRETTY_PRINT | JSON_UNESCAPED_SLASHES));
}
} else {
$rsp = array(
"code" => 400,
"error" => "Bad request syntax",
"message" => "Server Limit is required, but not provided."
);
http_response_code(400);
die(json_encode($rsp, JSON_PRETTY_PRINT | JSON_UNESCAPED_SLASHES));
}
} else {
$rsp = array(
"code" => 400,
"error" => "Bad request syntax",
"message" => "Cpu is required, but not provided."
);
http_response_code(400);
die(json_encode($rsp, JSON_PRETTY_PRINT | JSON_UNESCAPED_SLASHES));
}
} else {
$rsp = array(
"code" => 400,
"error" => "Bad request syntax",
"message" => "Disk is required, but not provided."
);
http_response_code(400);
die(json_encode($rsp, JSON_PRETTY_PRINT | JSON_UNESCAPED_SLASHES));
}
} else {
$rsp = array(
"code" => 400,
"error" => "Bad request syntax",
"message" => "Ram is required, but not provided."
);
http_response_code(400);
die(json_encode($rsp, JSON_PRETTY_PRINT | JSON_UNESCAPED_SLASHES));
}
} else {
$rsp = array(
"code" => 400,
"error" => "Bad request syntax",
"message" => "Coins is required, but not provided."
);
http_response_code(400);
die(json_encode($rsp, JSON_PRETTY_PRINT | JSON_UNESCAPED_SLASHES));
}

} else {
$rsp = array(
"code" => 400,
"error" => "Bad request syntax",
"message" => "Code is required, but not provided."
);
http_response_code(400);
die(json_encode($rsp, JSON_PRETTY_PRINT | JSON_UNESCAPED_SLASHES));
}
} catch (Exception $e) {
$rsp = array(
"code" => 500,
"error" => "The server encountered a situation it doesn't know how to handle.",
"message" => "We are sorry, but our server can't handle this request. Please do not try again!"
);
http_response_code(500);
die(json_encode($rsp, JSON_PRETTY_PRINT | JSON_UNESCAPED_SLASHES));
}
} else {
$rsp = array(
"code" => 405,
"error" => "A request was made of a page using a request method not supported by that page",
"message" => "Please use a post request"
);
http_response_code(405);
die(json_encode($rsp, JSON_PRETTY_PRINT | JSON_UNESCAPED_SLASHES));
}
?>
56 changes: 56 additions & 0 deletions api/admin/redeem/delete.php
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,56 @@
<?php
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
try {
if (isset($_POST['code']) && !$_POST['code'] == "") {
$redeem_query = "SELECT * FROM mythicaldash_redeem WHERE code = ?";
$stmt = mysqli_prepare($conn, $redeem_query);
mysqli_stmt_bind_param($stmt, "s", $_POST['code']);
mysqli_stmt_execute($stmt);
$result = mysqli_stmt_get_result($stmt);
if (mysqli_num_rows($result) > 0) {
$conn->query("DELETE FROM `mythicaldash_redeem` WHERE `mythicaldash_redeem`.`code` = '" . mysqli_real_escape_string($conn, $_POST['code']) . "';");
$conn->close();
$rsp = array(
"code" => 200,
"error" => null,
"message" => "Code removed from the database"
);
http_response_code(200);
die(json_encode($rsp, JSON_PRETTY_PRINT | JSON_UNESCAPED_SLASHES));
} else {
$rsp = array(
"code" => 403,
"error" => "The server understood the request, but it refuses to authorize it.",
"message" => "We can't find the code in our database!"
);
http_response_code(403);
die(json_encode($rsp, JSON_PRETTY_PRINT | JSON_UNESCAPED_SLASHES));
}
} else {
$rsp = array(
"code" => 400,
"error" => "Bad request syntax",
"message" => "Code is required, but not provided."
);
http_response_code(400);
die(json_encode($rsp, JSON_PRETTY_PRINT | JSON_UNESCAPED_SLASHES));
}
} catch (Exception $e) {
$rsp = array(
"code" => 500,
"error" => "The server encountered a situation it doesn't know how to handle.",
"message" => "We are sorry, but our server can't handle this request. Please do not try again!"
);
http_response_code(500);
die(json_encode($rsp, JSON_PRETTY_PRINT | JSON_UNESCAPED_SLASHES));
}
} else {
$rsp = array(
"code" => 405,
"error" => "A request was made of a page using a request method not supported by that page",
"message" => "Please use a post request"
);
http_response_code(405);
die(json_encode($rsp, JSON_PRETTY_PRINT | JSON_UNESCAPED_SLASHES));
}
?>
74 changes: 74 additions & 0 deletions api/admin/redeem/info.php
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,74 @@
<?php
include(__DIR__.'/../base.php');
if ($_SERVER['REQUEST_METHOD'] === 'GET') {
try {
if (isset($_GET['code']) && !$_GET['code'] == "") {
$redeem_query = "SELECT * FROM mythicaldash_redeem WHERE code = ?";
$stmt = mysqli_prepare($conn, $redeem_query);
mysqli_stmt_bind_param($stmt, "s", $_GET['code']);
mysqli_stmt_execute($stmt);
$result = mysqli_stmt_get_result($stmt);
$code = mysqli_real_escape_string($conn, $_GET['code']);
if (mysqli_num_rows($result) > 0) {
$redeemDb = $conn->query("SELECT * FROM mythicaldash_redeem WHERE code = '" . $code . "'")->fetch_array();
$rsp = array(
"code" => 200,
"error" => null,
"message" => null,
"data" => array(
"database_id" => $redeemDb['id'],
"code" => $redeemDb['code'],
"resources" => array(
"coins" => $redeemDb['coins'],
"ram" => $redeemDb['ram'],
"disk" => $redeemDb['disk'],
"cpu" => $redeemDb['cpu'],
"server_limit" => $redeemDb['server_limit'],
"ports" => $redeemDb['ports'],
"databases" => $redeemDb['databases'],
"backups" => $redeemDb['backups'],
),
"dateinfo" => $redeemDb['created']
),
);
http_response_code(200);
$conn->close();
die(json_encode($rsp, JSON_PRETTY_PRINT | JSON_UNESCAPED_SLASHES));
} else {
$rsp = array(
"code" => 403,
"error" => "The server understood the request, but it refuses to authorize it.",
"message" => "We can't find the code in our database!"
);
http_response_code(403);
die(json_encode($rsp, JSON_PRETTY_PRINT | JSON_UNESCAPED_SLASHES));
}
} else {
$rsp = array(
"code" => 400,
"error" => "Bad request syntax",
"message" => "Code is required, but not provided."
);
http_response_code(400);
die(json_encode($rsp, JSON_PRETTY_PRINT | JSON_UNESCAPED_SLASHES));
}
} catch (Exception $e) {
$rsp = array(
"code" => 500,
"error" => "The server encountered a situation it doesn't know how to handle.",
"message" => "We are sorry, but our server can't handle this request. Please do not try again!"
);
http_response_code(500);
die(json_encode($rsp, JSON_PRETTY_PRINT | JSON_UNESCAPED_SLASHES));
}
} else {
$rsp = array(
"code" => 405,
"error" => "A request was made of a page using a request method not supported by that page",
"message" => "Please use a get request"
);
http_response_code(405);
die(json_encode($rsp, JSON_PRETTY_PRINT | JSON_UNESCAPED_SLASHES));
}

?>
Loading

0 comments on commit 6c87c35

Please sign in to comment.