ellite · ellite · Oct 7, 2024 · Oct 7, 2024
diff --git a/api/admin/get_admin_settings.php b/api/admin/get_admin_settings.php
@@ -0,0 +1,116 @@
+<?php
+/*
+This API Endpoint accepts both POST and GET requests.
+It receives the following parameters:
+- apiKey: the API key of the user.
+
+It returns a JSON object with the following properties:
+- success: whether the request was successful (boolean).
+- title: the title of the response (string).
+- admin_settings: an object containing the admin settings.
+- notes: warning messages or additional information (array).
+
+Example response:
+{
+  "success": true,
+  "title": "admin_settings",
+  "admin_settings": {
+    "registrations_open": 1,
+    "max_users": 100,
+    "require_email_verification": 1,
+    "server_url": "http://example.com",
+    "smtp_address": "smtp.example.com",
+    "smtp_port": 587,
+    "smtp_username": "[email protected]",
+    "smtp_password": "********",
+    "from_email": "[email protected]",
+    "encryption": "tls",
+    "login_disabled": 0,
+    "latest_version": "v1.0.0",
+    "update_notification": 1
+  },
+  "notes": []
+}
+*/
+
+require_once '../../includes/connect_endpoint.php';
+
+header('Content-Type: application/json, charset=UTF-8');
+
+if ($_SERVER["REQUEST_METHOD"] === "POST" || $_SERVER["REQUEST_METHOD"] === "GET") {
+    // if the parameters are not set, return an error
+
+    if (!isset($_REQUEST['api_key'])) {
+        $response = [
+            "success" => false,
+            "title" => "Missing parameters"
+        ];
+        echo json_encode($response);
+        exit;
+    }
+
+    $apiKey = $_REQUEST['api_key'];
+
+    // Get user from API key
+    $sql = "SELECT * FROM user WHERE api_key = :apiKey";
+    $stmt = $db->prepare($sql);
+    $stmt->bindValue(':apiKey', $apiKey);
+    $result = $stmt->execute();
+    $user = $result->fetchArray(SQLITE3_ASSOC);
+
+    // If the user is not found, return an error
+    if (!$user) {
+        $response = [
+            "success" => false,
+            "title" => "Invalid API key"
+        ];
+        echo json_encode($response);
+        exit;
+    }
+
+    $userId = $user['id'];
+
+    if ($userId !== 1) {
+        $response = [
+            "success" => false,
+            "title" => "Invalid user"
+        ];
+        echo json_encode($response);
+        exit;
+    }
+
+    $sql = "SELECT * FROM 'admin'";
+    $stmt = $db->prepare($sql);
+    $stmt->bindValue(':userId', $userId);
+    $result = $stmt->execute();
+    $admin_settings = $result->fetchArray(SQLITE3_ASSOC);
+
+    if ($admin_settings) {
+        unset($admin_settings['id']);
+        // if the smtp_password is set, hide it
+        if (isset($admin_settings['smtp_password'])) {
+            $admin_settings['smtp_password'] = "********";
+        }
+    }
+
+    $response = [
+        "success" => true,
+        "title" => "admin_settings",
+        "admin_settings" => $admin_settings,
+        "notes" => []
+    ];
+
+    echo json_encode($response);
+
+    $db->close();
+
+} else {
+    $response = [
+        "success" => false,
+        "title" => "Invalid request method"
+    ];
+    echo json_encode($response);
+    exit;
+}
+
+?>
diff --git a/api/categories/get_categories.php b/api/categories/get_categories.php
@@ -0,0 +1,124 @@
+<?php
+/*
+This API Endpoint accepts both POST and GET requests.
+It receives the following parameters:
+- apiKey: the API key of the user.
+
+It returns a JSON object with the following properties:
+- success: whether the request was successful (boolean).
+- title: the title of the response (string).
+- categories: an array of categories.
+- notes: warning messages or additional information (array).
+
+Example response:
+{
+  "success": true,
+  "title": "categories",
+  "categories": [
+    {
+      "id": 1,
+      "name": "General",
+      "order": 1,
+      "in_use": true
+    },
+    {
+      "id": 2,
+      "name": "Entertainment",
+      "order": 2,
+      "in_use": true
+    },
+    {
+      "id": 3,
+      "name": "Music",
+      "order": 3,
+      "in_use": true
+    }
+  ],
+  "notes": []
+}
+*/
+
+require_once '../../includes/connect_endpoint.php';
+
+header('Content-Type: application/json, charset=UTF-8');
+
+if ($_SERVER["REQUEST_METHOD"] === "POST" || $_SERVER["REQUEST_METHOD"] === "GET") {
+    // if the parameters are not set, return an error
+
+    if (!isset($_REQUEST['api_key'])) {
+        $response = [
+            "success" => false,
+            "title" => "Missing parameters"
+        ];
+        echo json_encode($response);
+        exit;
+    }
+
+    $apiKey = $_REQUEST['api_key'];
+
+    // Get user from API key
+    $sql = "SELECT * FROM user WHERE api_key = :apiKey";
+    $stmt = $db->prepare($sql);
+    $stmt->bindValue(':apiKey', $apiKey);
+    $result = $stmt->execute();
+    $user = $result->fetchArray(SQLITE3_ASSOC);
+
+    // If the user is not found, return an error
+    if (!$user) {
+        $response = [
+            "success" => false,
+            "title" => "Invalid API key"
+        ];
+        echo json_encode($response);
+        exit;
+    }
+
+    $userId = $user['id'];
+
+    $sql = "SELECT * FROM categories WHERE user_id = :userId";
+    $stmt = $db->prepare($sql);
+    $stmt->bindValue(':userId', $userId);
+    $result = $stmt->execute();
+    $categories = [];
+    while ($row = $result->fetchArray(SQLITE3_ASSOC)) {
+        $categories[] = $row;
+    }
+
+    foreach ($categories as $key => $value) {
+        unset($categories[$key]['user_id']);
+        // Check if it's in use in any subscription
+        $categoryId = $categories[$key]['id'];
+        $sql = "SELECT COUNT(*) as count FROM subscriptions WHERE user_id = :userId AND category_id = :categoryId";
+        $stmt = $db->prepare($sql);
+        $stmt->bindValue(':categoryId', $categoryId);
+        $stmt->bindValue(':userId', $userId);
+        $result = $stmt->execute();
+        $count = $result->fetchArray(SQLITE3_ASSOC);
+        if ($count['count'] > 0) {
+            $categories[$key]['in_use'] = true;
+        } else {
+            $categories[$key]['in_use'] = false;
+        }
+    }
+
+    $response = [
+        "success" => true,
+        "title" => "categories",
+        "categories" => $categories,
+        "notes" => []
+    ];
+
+    echo json_encode($response);
+
+    $db->close();
+
+} else {
+    $response = [
+        "success" => false,
+        "title" => "Invalid request method"
+    ];
+    echo json_encode($response);
+    exit;
+}
+
+?>
diff --git a/api/currencies/get_currencies.php b/api/currencies/get_currencies.php
@@ -0,0 +1,135 @@
+<?php
+/*
+This API Endpoint accepts both POST and GET requests.
+It receives the following parameters:
+- apiKey: the API key of the user.
+
+It returns a JSON object with the following properties:
+- success: whether the request was successful (boolean).
+- title: the title of the response (string).
+- main_currency: the main currency of the user (integer).
+- currencies: an array of currencies.
+- notes: warning messages or additional information (array).
+
+Example response:
+{
+  "success": true,
+  "title": "currencies",
+  "main_currency": 3,
+  "currencies": [
+    {
+      "id": 1,
+      "name": "US Dollar",
+      "symbol": "$",
+      "code": "USD",
+      "rate": "1.1000",
+      "in_use": true
+    },
+    {
+      "id": 2,
+      "name": "Japanese Yen",
+      "symbol": "¥",
+      "code": "JPY",
+      "rate": "150.0000",
+      "in_use": true
+    },
+    {
+      "id": 3,
+      "name": "Euro",
+      "symbol": "€",
+      "code": "EUR",
+      "rate": "1.0000",
+      "in_use": true
+    }
+  ],
+  "notes": []
+}
+*/
+
+require_once '../../includes/connect_endpoint.php';
+
+header('Content-Type: application/json, charset=UTF-8');
+
+if ($_SERVER["REQUEST_METHOD"] === "POST" || $_SERVER["REQUEST_METHOD"] === "GET") {
+    // if the parameters are not set, return an error
+
+    if (!isset($_REQUEST['api_key'])) {
+        $response = [
+            "success" => false,
+            "title" => "Missing parameters"
+        ];
+        echo json_encode($response);
+        exit;
+    }
+
+    $apiKey = $_REQUEST['api_key'];
+
+    // Get user from API key
+    $sql = "SELECT * FROM user WHERE api_key = :apiKey";
+    $stmt = $db->prepare($sql);
+    $stmt->bindValue(':apiKey', $apiKey);
+    $result = $stmt->execute();
+    $user = $result->fetchArray(SQLITE3_ASSOC);
+
+    // If the user is not found, return an error
+    if (!$user) {
+        $response = [
+            "success" => false,
+            "title" => "Invalid API key"
+        ];
+        echo json_encode($response);
+        exit;
+    }
+
+    $userId = $user['id'];
+
+    $sql = "SELECT * FROM currencies WHERE user_id = :userId";
+    $stmt = $db->prepare($sql);
+    $stmt->bindValue(':userId', $userId);
+    $result = $stmt->execute();
+    $currencies = [];
+    while ($row = $result->fetchArray(SQLITE3_ASSOC)) {
+        $currencies[] = $row;
+    }
+
+    foreach ($currencies as $key => $value) {
+        unset($currencies[$key]['user_id']);
+        // Check if it's in use in any subscription
+        $currencyId = $currencies[$key]['id'];
+        $sql = "SELECT COUNT(*) as count FROM subscriptions WHERE user_id = :userId AND currency_id = :currencyId";
+        $stmt = $db->prepare($sql);
+        $stmt->bindValue(':currencyId', $currencyId);
+        $stmt->bindValue(':userId', $userId);
+        $result = $stmt->execute();
+        $count = $result->fetchArray(SQLITE3_ASSOC);
+        if ($count['count'] > 0) {
+            $currencies[$key]['in_use'] = true;
+        } else {
+            $currencies[$key]['in_use'] = false;
+        }
+    }
+
+    $mainCurrency = $user['main_currency'];
+
+    $response = [
+        "success" => true,
+        "title" => "currencies",
+        "main_currency" => $mainCurrency,
+        "currencies" => $currencies,
+        "notes" => []
+    ];
+
+    echo json_encode($response);
+
+    $db->close();
+
+} else {
+    $response = [
+        "success" => false,
+        "title" => "Invalid request method"
+    ];
+    echo json_encode($response);
+    exit;
+}
+
+?>