From 8291457849d761e13f141514f558efd76982cabc Mon Sep 17 00: 00:00 2001 From: Sylvester Johansson <syljo361@gmail.com> Date: Thu, 29 May 2008 08:35:36 +0200 To: aur-dev@archlinux.org Subject: [PATCH] Added (simplified) json query method Message-ID: <483fa7d6.08aa420a.14fa.2553@mx.google.com>

--- web/lib/aurjson.class.php | 55 ++++++++++++++++++++++++++++++++++++++------ 1 files changed, 47 insertions(+), 8 deletions(-) diff --git a/web/lib/aurjson.class.php b/web/lib/aurjson.class.php index be92c25..271c528 100644 --- a/web/lib/aurjson.class.php +++ b/web/lib/aurjson.class.php @@ -21,7 +21,8 @@ if (!extension_loaded('json')) **/ class AurJSON { private $dbh = false; - private $exposed_methods = array('search','info'); + private $exposed_methods = array('search','info','query'); + private $valid_parameters = array('ID','Name','Version','Description','URL','URLPath','License','NumVotes','OutOfDate'); /** * Handles post data, and routes the request. @@ -42,14 +43,19 @@ class AurJSON { // do the routing if ( in_array($http_data['type'], $this->exposed_methods) ) { // ugh. this works. I hate you php. + if ($http_data['type'] === 'query') { + $json = query($http_data['arg'],$http_data['include']); + } + else { $json = call_user_func_array(array(&$this,$http_data['type']),$http_data['arg']); - // allow rpc callback for XDomainAjax - if ( isset($http_data['callback']) ) { - return $http_data['callback'] . "({$json})"; - } - else { - return $json; - } + // allow rpc callback for XDomainAjax + if ( isset($http_data['callback']) ) { + return $http_data['callback'] . "({$json})"; + } + else { + return $json; + } + } } else { return $this->json_error('Incorrect request type specified.'); @@ -137,5 +143,38 @@ class AurJSON { return $this->json_error('No result found'); } } + + private function query($value,$pqdata) { + $params = explode(";",$pqdata); + if (!parameter_sanity($params)) { + return $this->json_error('Parameter error'); + } + $base_query = "SELECT " . implode(',',$pqdata) . " FROM Packages WHERE DummyPkg=0 AND " . sprintf("( Name LIKE '%%%s%%' OR Description LIKE '%%%s%%' )",$value,$value); + $result = db_query(”base_query,$this->dbh); + if($result && (mysql_num_rows($result)>0)){ + $search_data = array(); + while($row = mysql_fetch_assoc($result)) { + $elem = array(); + foreach($pqdata as $p){ + array_push($p,$row[$p]); + } + array_push($search_data,$elem); + } + mysql_free_result($result); + return $this->json_results('query',$search_data) + return $this->json_results('' + + /** + * @param $parameters is a semicolon separated string of column names + * @return True if the parameters are acceptable, otherwise false + **/ + private function parameter_sanity($parameters) { + foreach($parameters as $param) { + if (!in_array($param, $this->$validparams)) { + return false; + } + } + return true; + } } ?> -- 1.5.5.1

From 466eecba716991bdf1c5e138c9a30bf59d6b8d71 Mon Sep 17 00:00:00 2001 From: Sylvester Johansson <scj@konservburken.localdomain> Date: Thu, 29 May 2008 11:34:10 +0200 Subject: [PATCH] Added description of the json query method

--- web/html/rpc.php | 10 ++++++++-- 1 files changed, 8 insertions(+), 2 deletions(-) diff --git a/web/html/rpc.php b/web/html/rpc.php index 033cba5..1dc5a02 100644 --- a/web/html/rpc.php +++ b/web/html/rpc.php @@ -18,12 +18,18 @@ if ( $_SERVER['REQUEST_METHOD'] == 'GET' ) { echo 'The methods currently allowed are: <br />'; echo '<ul>'; echo '<li>search</li>'; - echo '<li>info</li>'; + echo '<li>info</li>'; + echo '<li>query</li>'; echo '</ul><br />'; - echo 'Each method requires the following HTTP GET syntax:<br />'; + echo 'search and info requires the following HTTP GET syntax:<br />'; echo '   type=<i>methodname</i>&arg=<i>data</i> <br /><br />'; echo 'Where <i>methodname</i> is the name of an allowed method, and <i>data</i> is the argument to the call.<br />'; echo '<br />'; + echo 'a query is performed much the same way, except it has the following syntax:<br />'; + echo '   type=<i>query</i>&arg=<i>term</i>&include=<i><field1>:<field2>:..:<fieldN><i/> <br /><br />'; + echo 'Where <i>term</i> is the search term that will match substrings in the package name or description. <br />'; + echo '<i><fieldN></i> is a field that will be included in the value returned, and must be one of the following: <br />'; + echo '   ID, Name, Version, Description, URL, URLPath, License, NumVotes, QutOfDate <br /> <br />'; echo 'If you need jsonp type callback specification, you can provide an additional variable <i>callback</i>.<br />'; echo 'Example URL: <br />   http://aur-url/rpc.php?type=search&arg=foobar&callback=jsonp1192244621103'; echo '</body></html>'; -- 1.5.5.1

From c2fad9d3f2d78d85fea5c3e1b633cd272e01c678 Mon Sep 17 00:00:00 2001 From: Sylvester Johansson <scj@konservburken.localdomain> Date: Fri, 30 May 2008 08:15:18 +0200 Subject: [PATCH] aurjson.class fixes

--- web/lib/aurjson.class.php | 62 ++++++++++++++++++++++++++------------------ 1 files changed, 37 insertions(+), 25 deletions(-) diff --git a/web/lib/aurjson.class.php b/web/lib/aurjson.class.php index 271c528..ef3928b 100644 --- a/web/lib/aurjson.class.php +++ b/web/lib/aurjson.class.php @@ -42,20 +42,20 @@ class AurJSON { // do the routing if ( in_array($http_data['type'], $this->exposed_methods) ) { - // ugh. this works. I hate you php. - if ($http_data['type'] === 'query') { - $json = query($http_data['arg'],$http_data['include']); + if (($http_data['type'] === 'query') && isset($http_data['include'])) { + $json = $this->query($http_data['arg'],$http_data['include']); } else { + // ugh. this works. I hate you php. $json = call_user_func_array(array(&$this,$http_data['type']),$http_data['arg']); - // allow rpc callback for XDomainAjax + }// allow rpc callback for XDomainAjax if ( isset($http_data['callback']) ) { return $http_data['callback'] . "({$json})"; } else { return $json; } - } + } else { return $this->json_error('Incorrect request type specified.'); @@ -144,37 +144,49 @@ class AurJSON { } } - private function query($value,$pqdata) { - $params = explode(";",$pqdata); - if (!parameter_sanity($params)) { - return $this->json_error('Parameter error'); + /** + * returns the info on the search term + * @param $term is the searchterm (Name,Description) + * $includestring is a colon separated string + * @return mixed Returns an array array with package information + */ + private function query($term,$includestring) { + $params = explode(":",mysql_real_escape_string($includestring)); + $term = mysql_real_escape_string($term); + if (!$this->valid($params)){ + return $this->json_error('Parameter error'); } - $base_query = "SELECT " . implode(',',$pqdata) . " FROM Packages WHERE DummyPkg=0 AND " . sprintf("( Name LIKE '%%%s%%' OR Description LIKE '%%%s%%' )",$value,$value); - $result = db_query(”base_query,$this->dbh); - if($result && (mysql_num_rows($result)>0)){ + + //build the search query + $base_query = "SELECT " . implode(",",$params) . " FROM Packages WHERE DummyPkg=0 AND " . + sprintf("( Name LIKE '%%%s%%' OR Description LIKE '%%%s%%' )",$term,$term); + + $results = db_query($base_query,$this->dbh); + if( $results && (mysql_num_rows($results) >0 )){ + $search_data = array(); - while($row = mysql_fetch_assoc($result)) { - $elem = array(); - foreach($pqdata as $p){ - array_push($p,$row[$p]); - } - array_push($search_data,$elem); + while($row = mysql_fetch_assoc($results)) { + array_push($search_data,$row); } - mysql_free_result($result); - return $this->json_results('query',$search_data) - return $this->json_results('' - + mysql_free_result($results); + return $this->json_results('query',$search_data); + } + else { + return $this->json_error('No matches found'); + } + } /** * @param $parameters is a semicolon separated string of column names * @return True if the parameters are acceptable, otherwise false **/ - private function parameter_sanity($parameters) { - foreach($parameters as $param) { - if (!in_array($param, $this->$validparams)) { + private function valid($parameters) { + foreach($parameters as $p) { + if (!in_array($p, $this->valid_parameters)){ return false; } } return true; } } + ?> -- 1.5.5.1

From 430cc4ff1391a04fb4d00fc15c5f7c7655b1c6cc Mon Sep 17 00:00:00 2001 From: Sylvester Johansson <scj@konservburken.localdomain> Date: Fri, 30 May 2008 08:44:32 +0200 Subject: [PATCH] removed logic. query returns all fields by default

--- web/html/rpc.php | 7 +------ web/lib/aurjson.class.php | 27 +++------------------------ 2 files changed, 4 insertions(+), 30 deletions(-) diff --git a/web/html/rpc.php b/web/html/rpc.php index 1dc5a02..d4b69f4 100644 --- a/web/html/rpc.php +++ b/web/html/rpc.php @@ -21,15 +21,10 @@ if ( $_SERVER['REQUEST_METHOD'] == 'GET' ) { echo '<li>info</li>'; echo '<li>query</li>'; echo '</ul><br />'; - echo 'search and info requires the following HTTP GET syntax:<br />'; + echo 'Each method requires the following HTTP GET syntax:<br />'; echo '   type=<i>methodname</i>&arg=<i>data</i> <br /><br />'; echo 'Where <i>methodname</i> is the name of an allowed method, and <i>data</i> is the argument to the call.<br />'; echo '<br />'; - echo 'a query is performed much the same way, except it has the following syntax:<br />'; - echo '   type=<i>query</i>&arg=<i>term</i>&include=<i><field1>:<field2>:..:<fieldN><i/> <br /><br />'; - echo 'Where <i>term</i> is the search term that will match substrings in the package name or description. <br />'; - echo '<i><fieldN></i> is a field that will be included in the value returned, and must be one of the following: <br />'; - echo '   ID, Name, Version, Description, URL, URLPath, License, NumVotes, QutOfDate <br /> <br />'; echo 'If you need jsonp type callback specification, you can provide an additional variable <i>callback</i>.<br />'; echo 'Example URL: <br />   http://aur-url/rpc.php?type=search&arg=foobar&callback=jsonp1192244621103'; echo '</body></html>'; diff --git a/web/lib/aurjson.class.php b/web/lib/aurjson.class.php index ef3928b..7eeebfb 100644 --- a/web/lib/aurjson.class.php +++ b/web/lib/aurjson.class.php @@ -22,7 +22,6 @@ if (!extension_loaded('json')) class AurJSON { private $dbh = false; private $exposed_methods = array('search','info','query'); - private $valid_parameters = array('ID','Name','Version','Description','URL','URLPath','License','NumVotes','OutOfDate'); /** * Handles post data, and routes the request. @@ -42,12 +41,9 @@ class AurJSON { // do the routing if ( in_array($http_data['type'], $this->exposed_methods) ) { - if (($http_data['type'] === 'query') && isset($http_data['include'])) { - $json = $this->query($http_data['arg'],$http_data['include']); - } - else { // ugh. this works. I hate you php. $json = call_user_func_array(array(&$this,$http_data['type']),$http_data['arg']); + else { }// allow rpc callback for XDomainAjax if ( isset($http_data['callback']) ) { return $http_data['callback'] . "({$json})"; @@ -147,18 +143,13 @@ class AurJSON { /** * returns the info on the search term * @param $term is the searchterm (Name,Description) - * $includestring is a colon separated string * @return mixed Returns an array array with package information */ - private function query($term,$includestring) { - $params = explode(":",mysql_real_escape_string($includestring)); + private function query($term) { $term = mysql_real_escape_string($term); - if (!$this->valid($params)){ - return $this->json_error('Parameter error'); - } //build the search query - $base_query = "SELECT " . implode(",",$params) . " FROM Packages WHERE DummyPkg=0 AND " . + $base_query = "SELECT ID,Name,Version,Description,URL,URLPath,License,NumVotes,OutOfDate FROM Packages WHERE DummyPkg=0 AND "; sprintf("( Name LIKE '%%%s%%' OR Description LIKE '%%%s%%' )",$term,$term); $results = db_query($base_query,$this->dbh); @@ -175,18 +166,6 @@ class AurJSON { return $this->json_error('No matches found'); } } - /** - * @param $parameters is a semicolon separated string of column names - * @return True if the parameters are acceptable, otherwise false - **/ - private function valid($parameters) { - foreach($parameters as $p) { - if (!in_array($p, $this->valid_parameters)){ - return false; - } - } - return true; - } } ?> -- 1.5.5.1