-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathapi.html
117 lines (106 loc) · 3.38 KB
/
api.html
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
<?php
//sample API calls
//api?v=1&type=item&id=1&format=json
//api?v=1&type=item&id=1&format=xml
//api?v=1&type=search&q=poetry&limit=10&format=xml
//api?v=1&date=2014-10&format=json
//set value for API version
$v = isset($_GET['v']) ? strip_tags((int)$_GET['v']) : null;
//set value for page length (number of items to display)
$limit = isset($_GET['limit']) ? strip_tags(intval($_GET['limit'])) : 10;
//set value for result format
$format = strip_tags(htmlentities(strtolower($_GET['format']))) == 'json' ? 'json' : 'xml';
//set value for id
$id = isset($_GET['id']) ? strip_tags((int)$_GET['id']) : null;
//type of of API query - options: search, item
$type = isset($_GET['type']) ? strip_tags(htmlentities($_GET['type'])) : null;
//set batch $date variable, escape the string for mysql, and validate that it is a numeric value
$date = isset($_GET['date']) ? strip_tags($_GET['date']) : null;
//set query variable, trim whitespaces/tabs, strip html tags
$q = isset($_GET['q']) ? trim(strip_tags(urlencode($_GET['q']))) : null;
//bring database parameters and functions onto page
include_once './meta/assets/dbconnect.inc';
//get items from database
if ($type == 'search') {
$query = "
SELECT *
FROM schema_journal.bodymatter
WHERE MATCH (name, creator, additionalType, additionalType2, text)
AGAINST ('$q*' IN BOOLEAN MODE)
GROUP BY id
ORDER BY id
LIMIT $limit
";
} elseif ($type == 'item') {
$query = "
SELECT *
FROM schema_journal.bodymatter
WHERE id = $id
";
} elseif (!is_null($date)) {
$query = "
SELECT *
FROM schema_journal.bodymatter
WHERE datePublished = '$date'
GROUP BY id
ORDER BY id
LIMIT $limit
";
} else {
$query = "
SELECT *
FROM schema_journal.bodymatter
WHERE id = $id
";
}
$result = $dbconn->query($query) or die($dbconn->error.__LINE__);
$rowCount = $result->num_rows;
//create a master array of the records
$items = array();
if($result->num_rows > 0) {
while($item = $result->fetch_assoc()) {
$items[] = array('object'=>$item);
}
}
$result->close();
$dbconn->close();
//output in requested format
if ($format == 'json' && $rowCount != 0) {
header('Content-type: application/json');
header('access-control-allow-origin: *');
echo json_encode(array('apiVersion'=>'1', 'kind'=>'API Request', 'method'=>$type, 'totalResults'=>$rowCount, 'items'=>$items));
} elseif ($format == 'xml' && $rowCount != 0) {
header('Content-type: text/xml');
echo '<?xml version="1.0" encoding="UTF-8" ?>';
echo '<feed>';
echo '<apiVersion>1</apiVersion>';
echo '<kind>API Request</kind>';
echo '<method>'.$type.'</method>';
echo '<totalResults>'.$rowCount.'</totalResults>';
echo '<items>';
foreach($items as $tag => $value) {
writeXML($tag, $value);
}
echo '</items>';
echo '</feed>';
} else {
header('Content-type: application/json');
header("access-control-allow-origin: *");
echo '{ "totalResults" : 0, "message" : "There were no items matching that query." }';
}
function writeXML($tag, $value) {
if (!is_int($tag)) {
echo '<',$tag,'>';
}
if (!is_array($value)) {
echo htmlspecialchars($value);
}
else {
foreach ($value as $tag2 => $value2) {
writeXML($tag2, $value2);
}
}
if (!is_int($tag)) {
echo '</',$tag,'>';
}
}