api
This commit is contained in:
28
api/.htaccess
Normal file
28
api/.htaccess
Normal file
@@ -0,0 +1,28 @@
|
||||
RewriteEngine On
|
||||
|
||||
# --------------------------------------------------------------
|
||||
# 1) Direkter Aufruf von PHP-Dateien verhindern und auf index.php routen
|
||||
# Beispiel:
|
||||
# /v1/browser.quick.test.php -> /index.php (mit REQUEST_URI erhalten)
|
||||
# --------------------------------------------------------------
|
||||
RewriteCond %{REQUEST_URI} !/index\.php$
|
||||
RewriteRule ^(.+)\.php$ /index.php [QSA,L]
|
||||
|
||||
# --------------------------------------------------------------
|
||||
# 2) Echte Dateien (JSON, JS, CSS, Bilder etc.) normal ausliefern
|
||||
# --------------------------------------------------------------
|
||||
RewriteCond %{REQUEST_FILENAME} -f
|
||||
RewriteRule ^ - [L]
|
||||
|
||||
# --------------------------------------------------------------
|
||||
# 3) Echte Verzeichnisse normal ausliefern
|
||||
# --------------------------------------------------------------
|
||||
RewriteCond %{REQUEST_FILENAME} -d
|
||||
RewriteRule ^ - [L]
|
||||
|
||||
# --------------------------------------------------------------
|
||||
# 4) Alles andere durch index.php routen
|
||||
# Beispiel:
|
||||
# /v1/quickcheck -> index.php
|
||||
# --------------------------------------------------------------
|
||||
RewriteRule ^ /index.php [QSA,L]
|
||||
@@ -1,49 +1,58 @@
|
||||
<?php
|
||||
// api/index.php
|
||||
|
||||
// /api/index.php
|
||||
// Optional: zentrale Config laden (wenn du magst)
|
||||
// require __DIR__ . '/../config/fileload.php';
|
||||
|
||||
declare(strict_types=1);
|
||||
require __DIR__ . '/../config/fileload.php';
|
||||
|
||||
// Basis-Header (CORS, JSON)
|
||||
header('Content-Type: application/json; charset=utf-8');
|
||||
header('Access-Control-Allow-Origin: *');
|
||||
header('Access-Control-Allow-Methods: GET, POST, OPTIONS');
|
||||
header('Access-Control-Allow-Headers: Content-Type');
|
||||
header('Access-Control-Allow-Headers: Content-Type, Authorization, X-Requested-With');
|
||||
|
||||
if ($_SERVER['REQUEST_METHOD'] === 'OPTIONS') {
|
||||
http_response_code(204);
|
||||
exit;
|
||||
}
|
||||
|
||||
// Pfad aus der URL holen, z.B. /quickcheck?...
|
||||
$uri = parse_url($_SERVER['REQUEST_URI'] ?? '/', PHP_URL_PATH);
|
||||
// Pfad aus der URL holen
|
||||
$uri = parse_url($_SERVER['REQUEST_URI'] ?? '/', PHP_URL_PATH);
|
||||
$path = rtrim($uri, '/');
|
||||
if ($path === '') {
|
||||
$path = '/';
|
||||
}
|
||||
|
||||
// Routing
|
||||
switch ($path) {
|
||||
case '/quickcheck':
|
||||
require __DIR__ . '/target/quickcheck.php';
|
||||
$result = quickcheck_handle_request();
|
||||
echo json_encode($result, JSON_PRETTY_PRINT | JSON_UNESCAPED_UNICODE);
|
||||
break;
|
||||
|
||||
case '/browser.quick.test':
|
||||
require __DIR__ . '/target/browser.quick.test.php';
|
||||
$result = browser_quick_test_handle_request();
|
||||
echo json_encode($result, JSON_PRETTY_PRINT | JSON_UNESCAPED_UNICODE);
|
||||
break;
|
||||
|
||||
default:
|
||||
http_response_code(404);
|
||||
echo json_encode([
|
||||
'success' => false,
|
||||
'error' => 'Unknown endpoint',
|
||||
'path' => $path,
|
||||
], JSON_PRETTY_PRINT | JSON_UNESCAPED_UNICODE);
|
||||
break;
|
||||
// Root-Info (optional)
|
||||
if ($path === '/') {
|
||||
echo json_encode([
|
||||
'ok' => true,
|
||||
'service' => 'usbcheck-api',
|
||||
'version' => 1,
|
||||
'endpoints' => [
|
||||
'/v1/quickcheck',
|
||||
'/v1/browser.quick.test',
|
||||
'/internal/* (geschützt)',
|
||||
],
|
||||
], JSON_PRETTY_PRINT | JSON_UNESCAPED_UNICODE);
|
||||
exit;
|
||||
}
|
||||
|
||||
// Routing nach Bereich
|
||||
if (str_starts_with($path, '/v1/')) {
|
||||
require __DIR__ . '/router.v1.php';
|
||||
exit;
|
||||
}
|
||||
|
||||
if (str_starts_with($path, '/internal/')) {
|
||||
require __DIR__ . '/router.internal.php';
|
||||
exit;
|
||||
}
|
||||
|
||||
// Fallback: unbekannter Bereich
|
||||
http_response_code(404);
|
||||
echo json_encode([
|
||||
'ok' => false,
|
||||
'error' => 'Unknown API area',
|
||||
'path' => $path,
|
||||
], JSON_PRETTY_PRINT | JSON_UNESCAPED_UNICODE);
|
||||
|
||||
100
api/router.internal.php
Normal file
100
api/router.internal.php
Normal file
@@ -0,0 +1,100 @@
|
||||
<?php
|
||||
// /api/router.internal.php
|
||||
|
||||
declare(strict_types=1);
|
||||
|
||||
// *** SICHERHEIT ***
|
||||
// → Unbedingt User/Pass ändern oder später auf Token/IP-Restriktion umstellen
|
||||
$validUser = 'usbcheck-internal';
|
||||
$validPass = 'SwejaFynja050223!';
|
||||
|
||||
// Basic-Auth prüfen
|
||||
if (
|
||||
!isset($_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW']) ||
|
||||
$_SERVER['PHP_AUTH_USER'] !== $validUser ||
|
||||
$_SERVER['PHP_AUTH_PW'] !== $validPass
|
||||
) {
|
||||
header('WWW-Authenticate: Basic realm="USBCheck Internal API"');
|
||||
http_response_code(401);
|
||||
echo json_encode([
|
||||
'ok' => false,
|
||||
'error' => 'Authentication required',
|
||||
]);
|
||||
exit;
|
||||
}
|
||||
|
||||
// Pfad erneut bestimmen
|
||||
$uri = parse_url($_SERVER['REQUEST_URI'] ?? '/', PHP_URL_PATH);
|
||||
$path = rtrim($uri, '/');
|
||||
|
||||
// DB einbinden (für interne Tools brauchen wir oft DB)
|
||||
require $_SERVER['DOCUMENT_ROOT'] . '/../config/db.php';
|
||||
|
||||
// interne Routen
|
||||
switch ($path) {
|
||||
// Beispiel: Aggregierte Stats
|
||||
case '/internal/stats.overview':
|
||||
internal_stats_overview($pdo);
|
||||
break;
|
||||
|
||||
// Beispiel: Wartung / Cleanup
|
||||
case '/internal/maintenance.cleanup-tests':
|
||||
internal_cleanup_tests($pdo);
|
||||
break;
|
||||
|
||||
default:
|
||||
http_response_code(404);
|
||||
echo json_encode([
|
||||
'ok' => false,
|
||||
'error' => 'Unknown internal endpoint',
|
||||
'path' => $path,
|
||||
], JSON_PRETTY_PRINT | JSON_UNESCAPED_UNICODE);
|
||||
break;
|
||||
}
|
||||
|
||||
/**
|
||||
* Beispiel: einfache Übersicht für Admin-Dashboard
|
||||
*/
|
||||
function internal_stats_overview(PDO $pdo): void
|
||||
{
|
||||
// alles nur Beispiel – du kannst die Queries anpassen
|
||||
$totalQuicktests = (int)$pdo->query("SELECT COUNT(*) FROM web_quicktests")->fetchColumn();
|
||||
|
||||
$lastTestsStmt = $pdo->query("
|
||||
SELECT id, created_at, ip_address, measured_capacity_bytes
|
||||
FROM web_quicktests
|
||||
ORDER BY created_at DESC
|
||||
LIMIT 10
|
||||
");
|
||||
|
||||
$lastTests = $lastTestsStmt ? $lastTestsStmt->fetchAll(PDO::FETCH_ASSOC) : [];
|
||||
|
||||
echo json_encode([
|
||||
'ok' => true,
|
||||
'stats' => [
|
||||
'total_quicktests' => $totalQuicktests,
|
||||
'last_quicktests' => $lastTests,
|
||||
],
|
||||
], JSON_PRETTY_PRINT | JSON_UNESCAPED_UNICODE);
|
||||
}
|
||||
|
||||
/**
|
||||
* Beispiel: alte Tests aufräumen (z.B. älter als 90 Tage)
|
||||
*/
|
||||
function internal_cleanup_tests(PDO $pdo): void
|
||||
{
|
||||
// je nach Schema musst du Feldnamen anpassen – hier: created_at
|
||||
$stmt = $pdo->prepare("
|
||||
DELETE FROM web_quicktests
|
||||
WHERE created_at < (NOW() - INTERVAL 90 DAY)
|
||||
");
|
||||
|
||||
$stmt->execute();
|
||||
$deleted = $stmt->rowCount();
|
||||
|
||||
echo json_encode([
|
||||
'ok' => true,
|
||||
'deleted' => $deleted,
|
||||
'note' => 'Tests älter als 90 Tage wurden entfernt (Beispiel-Implementierung).',
|
||||
], JSON_PRETTY_PRINT | JSON_UNESCAPED_UNICODE);
|
||||
}
|
||||
43
api/router.v1.php
Normal file
43
api/router.v1.php
Normal file
@@ -0,0 +1,43 @@
|
||||
<?php
|
||||
// /api/router.v1.php
|
||||
|
||||
declare(strict_types=1);
|
||||
|
||||
// Pfad erneut auslesen
|
||||
$uri = parse_url($_SERVER['REQUEST_URI'] ?? '/', PHP_URL_PATH);
|
||||
$path = rtrim($uri, '/');
|
||||
|
||||
// Namespace v1
|
||||
switch ($path) {
|
||||
case '/v1/quickcheck':
|
||||
require __DIR__ . '/v1/target/quickcheck.php'; // dein bestehendes File
|
||||
if (!function_exists('quickcheck_handle_request')) {
|
||||
http_response_code(500);
|
||||
echo json_encode(['ok' => false, 'error' => 'Handler quickcheck_handle_request not found']);
|
||||
exit;
|
||||
}
|
||||
|
||||
$result = quickcheck_handle_request();
|
||||
echo json_encode($result, JSON_PRETTY_PRINT | JSON_UNESCAPED_UNICODE);
|
||||
break;
|
||||
|
||||
case '/v1/browser.quick.test':
|
||||
require __DIR__ . '/v1/result/browser.quick.test.php';
|
||||
if (!function_exists('browser_quick_test_handle_request')) {
|
||||
http_response_code(500);
|
||||
echo json_encode(['ok' => false, 'error' => 'Handler browser_quick_test_handle_request not found']);
|
||||
exit;
|
||||
}
|
||||
|
||||
browser_quick_test_handle_request();
|
||||
break;
|
||||
|
||||
default:
|
||||
http_response_code(404);
|
||||
echo json_encode([
|
||||
'ok' => false,
|
||||
'error' => 'Unknown v1 endpoint',
|
||||
'path' => $path,
|
||||
], JSON_PRETTY_PRINT | JSON_UNESCAPED_UNICODE);
|
||||
break;
|
||||
}
|
||||
@@ -1,11 +0,0 @@
|
||||
# api/target/.htaccess
|
||||
<IfModule mod_authz_core.c>
|
||||
Require all denied
|
||||
</IfModule>
|
||||
|
||||
<IfModule !mod_authz_core.c>
|
||||
Order allow,deny
|
||||
Deny from all
|
||||
</IfModule>
|
||||
|
||||
|
||||
@@ -1,155 +0,0 @@
|
||||
<?php
|
||||
// /api/target/browser.quick.test.php
|
||||
|
||||
declare(strict_types=1);
|
||||
|
||||
function browser_quick_test_handle_request(): array
|
||||
{
|
||||
// 1. JSON einlesen
|
||||
$raw = file_get_contents('php://input');
|
||||
$data = json_decode($raw, true);
|
||||
|
||||
if (!is_array($data)) {
|
||||
http_response_code(400);
|
||||
return [
|
||||
'ok' => false,
|
||||
'error' => 'Invalid JSON payload',
|
||||
];
|
||||
}
|
||||
|
||||
// 2. Session / User
|
||||
// (falls index.php evtl. schon session_start() macht, ist das idempotent)
|
||||
if (session_status() !== PHP_SESSION_ACTIVE) {
|
||||
session_start();
|
||||
}
|
||||
|
||||
$userId = $_SESSION['user_id'] ?? null;
|
||||
$isLoggedIn = $userId ? 1 : 0;
|
||||
$sessionId = session_id() ?: null;
|
||||
|
||||
$ipAddress = $_SERVER['REMOTE_ADDR'] ?? null;
|
||||
$userAgent = $_SERVER['HTTP_USER_AGENT'] ?? null;
|
||||
|
||||
// 3. DB-Verbindung
|
||||
// Dokumentroot der API-Subdomain zeigt auf /api,
|
||||
// config liegt ein Level darüber: /config/db.php
|
||||
require $_SERVER['DOCUMENT_ROOT'] . '/../config/db.php'; // $pdo
|
||||
|
||||
if ($pdo instanceof PDO) {
|
||||
$pdo->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
|
||||
}
|
||||
|
||||
// 4. Werte aus dem Report aggregieren (minimal)
|
||||
$measuredBytes = 0;
|
||||
|
||||
if (!empty($data['quick']) && is_array($data['quick'])) {
|
||||
$measuredBytes += (int)($data['quick']['size_bytes'] ?? 0);
|
||||
}
|
||||
if (!empty($data['benchmark']) && is_array($data['benchmark'])) {
|
||||
$measuredBytes += (int)($data['benchmark']['size_bytes'] ?? 0);
|
||||
}
|
||||
if (!empty($data['writeverify']) && is_array($data['writeverify'])) {
|
||||
$measuredBytes += (int)($data['writeverify']['total_bytes'] ?? 0);
|
||||
}
|
||||
|
||||
// Browser/OS & Stick-Infos – erstmal noch leer, später aus meta/parsing füllen
|
||||
$browserName = null;
|
||||
$browserVersion = null;
|
||||
$osName = null;
|
||||
$osVersion = null;
|
||||
|
||||
$volumeLabel = null;
|
||||
$manufacturer = null;
|
||||
$modelName = null;
|
||||
$usbType = null;
|
||||
$filesystem = null;
|
||||
|
||||
$advCapacityBytes = null;
|
||||
$capacityStatus = 'unknown';
|
||||
|
||||
// Kompletten Report als JSON-String speichern
|
||||
$testReportJson = $raw;
|
||||
|
||||
try {
|
||||
$sql = "
|
||||
INSERT INTO web_quicktests (
|
||||
user_id,
|
||||
is_logged_in,
|
||||
usb_device_id,
|
||||
browser_name,
|
||||
browser_version,
|
||||
os_name,
|
||||
os_version,
|
||||
volume_label,
|
||||
manufacturer,
|
||||
model_name,
|
||||
usb_type,
|
||||
advertised_capacity_bytes,
|
||||
measured_capacity_bytes,
|
||||
capacity_status,
|
||||
filesystem,
|
||||
test_report_json,
|
||||
ip_address,
|
||||
session_id
|
||||
) VALUES (
|
||||
:user_id,
|
||||
:is_logged_in,
|
||||
:usb_device_id,
|
||||
:browser_name,
|
||||
:browser_version,
|
||||
:os_name,
|
||||
:os_version,
|
||||
:volume_label,
|
||||
:manufacturer,
|
||||
:model_name,
|
||||
:usb_type,
|
||||
:adv_capacity,
|
||||
:measured_capacity,
|
||||
:capacity_status,
|
||||
:filesystem,
|
||||
:test_report_json,
|
||||
:ip_address,
|
||||
:session_id
|
||||
)
|
||||
";
|
||||
|
||||
$stmt = $pdo->prepare($sql);
|
||||
|
||||
$ok = $stmt->execute([
|
||||
'user_id' => $userId,
|
||||
'is_logged_in' => $isLoggedIn,
|
||||
'usb_device_id' => null,
|
||||
'browser_name' => $browserName,
|
||||
'browser_version' => $browserVersion,
|
||||
'os_name' => $osName,
|
||||
'os_version' => $osVersion,
|
||||
'volume_label' => $volumeLabel,
|
||||
'manufacturer' => $manufacturer,
|
||||
'model_name' => $modelName,
|
||||
'usb_type' => $usbType,
|
||||
'adv_capacity' => $advCapacityBytes,
|
||||
'measured_capacity' => $measuredBytes ?: null,
|
||||
'capacity_status' => $capacityStatus,
|
||||
'filesystem' => $filesystem,
|
||||
'test_report_json' => $testReportJson,
|
||||
'ip_address' => $ipAddress,
|
||||
'session_id' => $sessionId,
|
||||
]);
|
||||
|
||||
if (!$ok) {
|
||||
$info = $stmt->errorInfo();
|
||||
throw new RuntimeException($info[2] ?? 'Unknown DB error during insert');
|
||||
}
|
||||
|
||||
return [
|
||||
'ok' => true,
|
||||
'id' => (int)$pdo->lastInsertId(),
|
||||
];
|
||||
} catch (Throwable $e) {
|
||||
http_response_code(500);
|
||||
return [
|
||||
'ok' => false,
|
||||
'error' => 'DB error: ' . $e->getMessage(),
|
||||
];
|
||||
}
|
||||
}
|
||||
@@ -1,12 +1,12 @@
|
||||
<?php
|
||||
// /public/api/result/browser-quick-test.php
|
||||
// /api/v1/browser.quick.test.php
|
||||
|
||||
declare(strict_types=1);
|
||||
|
||||
session_start();
|
||||
|
||||
// DB einbinden – bitte Pfad an DEINE Struktur anpassen!
|
||||
require $_SERVER['DOCUMENT_ROOT']. '/../config/fileload.php'; // z.B. stellt $pdo (PDO) bereit
|
||||
// DB einbinden – Pfad abhängig von deinem Setup, aktuell:
|
||||
require $_SERVER['DOCUMENT_ROOT']. '/../config/db.php'; // stellt $pdo (PDO) bereit
|
||||
|
||||
header('Content-Type: application/json; charset=utf-8');
|
||||
|
||||
@@ -37,19 +37,18 @@ $userAgent = $_SERVER['HTTP_USER_AGENT'] ?? null;
|
||||
|
||||
// ---------------------------------------------------------------------
|
||||
// 3. Grobe Auswertung aus dem Report (optional)
|
||||
// → vorerst alles im JSON speichern, Felder in web_quicktests eher neutral lassen
|
||||
// ---------------------------------------------------------------------
|
||||
|
||||
$modeRequested = $data['mode_requested'] ?? 'unknown';
|
||||
$meta = $data['meta'] ?? [];
|
||||
|
||||
// Hier könntest du später Browser/OS parsen
|
||||
// Browser/OS-Parsing kannst du später ergänzen
|
||||
$browserName = null;
|
||||
$browserVersion = null;
|
||||
$osName = null;
|
||||
$osVersion = null;
|
||||
|
||||
// Beispiel: Gesamtmenge geschriebener/verifizierter Bytes aggregieren
|
||||
// Gesamtmenge geschriebener/verifizierter Bytes aggregieren
|
||||
$measuredBytes = 0;
|
||||
|
||||
if (!empty($data['quick']) && is_array($data['quick'])) {
|
||||
@@ -65,8 +64,7 @@ if (!empty($data['writeverify']) && is_array($data['writeverify'])) {
|
||||
// Kapazitätsstatus vorerst neutral
|
||||
$capacityStatus = 'unknown';
|
||||
|
||||
// Volume-/Stick-Daten hast du aktuell im Browser noch nicht separat,
|
||||
// darum bleiben diese Felder (erstmal) NULL:
|
||||
// Volume-/Stick-Daten aktuell noch nicht separat:
|
||||
$volumeLabel = null;
|
||||
$manufacturer = null;
|
||||
$modelName = null;
|
||||
@@ -1,5 +1,5 @@
|
||||
<?php
|
||||
// api/target/quickcheck.php
|
||||
// api/v1/quickcheck.php
|
||||
|
||||
/**
|
||||
* Diese Funktion wird von api/index.php aufgerufen.
|
||||
Reference in New Issue
Block a user