minor cosmetic changes and new create_customer api example

Signed-off-by: Michael Kaufmann <d00p@froxlor.org>

api_keys.php

@@ -65,7 +65,7 @@ if ($action == 'delete') {
 		INSERT INTO `" . TABLE_API_KEYS . "` SET
 		`apikey` = :key, `secret` = :secret, `adminid` = :aid, `customerid` = :cid, `valid_until` = '-1', `allowed_from` = ''
 	");
-	// customer generates for himself, admins will see a customer-select-box
+	// customer generates for himself, admins will see a customer-select-box later
 	if (AREA == 'admin') {
 		$cid = 0;
 	}
@@ -183,7 +183,7 @@ if (count($all_keys) == 0) {
 
 			// my own key
 			$isMyKey = false;
-			if ($key['adminid'] == $userinfo['adminid'] && (AREA == 'admin' || (AREA == 'customer' && $key['customerid'] == $userinfo['customerid']))) {
+			if ($key['adminid'] == $userinfo['adminid'] && ((AREA == 'admin' && $key['customerid'] == 0) || (AREA == 'customer' && $key['customerid'] == $userinfo['customerid']))) {
 				// this is mine
 				$isMyKey = true;
 			}
@@ -193,12 +193,12 @@ if (count($all_keys) == 0) {
 				if ($isMyKey) {
 					$adminCustomerLink = $key['adminname'];
 				} else {
-					$adminCustomerLink = '&nbsp;(<a href="' . $linker->getLink(array(
+					$adminCustomerLink = '<a href="' . $linker->getLink(array(
 						'section' => (empty($key['customerid']) ? 'admins' : 'customers'),
 						'page' => (empty($key['customerid']) ? 'admins' : 'customers'),
 						'action' => 'su',
 						'id' => (empty($key['customerid']) ? $key['adminid'] : $key['customerid'])
-					)) . '" rel="external">' . (empty($key['customerid']) ? $key['adminname'] : $key['loginname']) . '</a>)';
+					)) . '" rel="external">' . (empty($key['customerid']) ? $key['adminname'] : $key['loginname']) . '</a>';
 				}
 			} else {
 				// customer do not need links

doc/example/create_customer.php

@@ -0,0 +1,48 @@
+<?php
+
+// include FroxlorAPI helper class
+require __DIR__ . '/FroxlorAPI.php';
+
+// create object of FroxlorAPI with URL, apikey and apisecret
+$fapi = new FroxlorAPI('https://froxlor.your-host.tld/api.php', 'your-api-key', 'your-api-secret');
+
+// customer data
+$data = [
+	'new_loginname' => 'test',
+	'email' => 'test@froxlor.org',
+	'firstname' => 'Test',
+	'name' => 'Testman',
+	'customernumber' => 1337,
+	'new_customer_password' => 's0mEcRypt1cpassword' . uniqid()
+];
+// send request
+$fapi->request('Customers.add', $data);
+
+// check for error
+if (! empty($fapi->getLastError())) {
+	echo "Error: " . $fapi->getLastError();
+	exit();
+}
+
+// get response of request
+$request = $fapi->getLastResponse();
+
+// view response data
+var_dump($request);
+
+/*
+array(60) {
+  ["customerid"]=>
+  string(1) "1"
+  ["loginname"]=>
+  string(4) "test"
+  ["password"]=>
+  string(63) "$5$asdasdasd.asdasd"
+  ["adminid"]=>
+  string(1) "1"
+  ["name"]=>
+  string(7) "Testman"
+  ["firstname"]=>
+  string(4) "Test"
+  [...]
+*/

lib/classes/api/abstract.ApiCommand.php

@@ -23,7 +23,7 @@ abstract class ApiCommand extends ApiParameter
 	 *
 	 * @var boolean
 	 */
-	private $debug = true;
+	private $debug = false;
 
 	/**
 	 * is admin flag
@@ -95,13 +95,13 @@ abstract class ApiCommand extends ApiParameter
 	public function __construct($header = null, $params = null, $userinfo = null)
 	{
 		global $lng, $version, $dbversion, $branding;
-		
+
 		parent::__construct($params);
 
 		$this->version = $version;
 		$this->dbversion = $dbversion;
 		$this->branding = $branding;
-		
+
 		if (! empty($header)) {
 			$this->readUserData($header);
 		} elseif (! empty($userinfo)) {
@@ -111,16 +111,16 @@ abstract class ApiCommand extends ApiParameter
 			throw new Exception("Invalid user data", 500);
 		}
 		$this->logger = FroxlorLogger::getInstanceOf($this->user_data);
-		
+
 		// check whether the user is deactivated
 		if ($this->getUserDetail('deactivated') == 1) {
 			$this->logger()->logAction(LOG_ERROR, LOG_INFO, "[API] User '" . $this->getUserDetail('loginnname') . "' tried to use API but is deactivated");
 			throw new Exception("Account suspended", 406);
 		}
-		
+
 		$this->initLang();
 		$this->initMail();
-		
+
 		if ($this->debug) {
 			$this->logger()->logAction(LOG_ERROR, LOG_DEBUG, "[API] " . get_called_class() . ": " . json_encode($params, JSON_UNESCAPED_SLASHES));
 		}
@@ -136,33 +136,33 @@ abstract class ApiCommand extends ApiParameter
 
 		// query the whole table
 		$result_stmt = Database::query("SELECT * FROM `" . TABLE_PANEL_LANGUAGE . "`");
-		
+
 		$langs = array();
 		// presort languages
 		while ($row = $result_stmt->fetch(PDO::FETCH_ASSOC)) {
 			$langs[$row['language']][] = $row;
 		}
-		
+
 		// set default language before anything else to
 		// ensure that we can display messages
 		$language = Settings::Get('panel.standardlanguage');
-		
+
 		if (isset($this->user_data['language']) && isset($langs[$this->user_data['language']])) {
 			// default: use language from session, #277
 			$language = $this->user_data['language'];
 		} elseif (isset($this->user_data['def_language'])) {
 			$language = $this->user_data['def_language'];
 		}
-		
+
 		// include every english language file we can get
-		foreach ($langs['English'] as $key => $value) {
+		foreach ($langs['English'] as $value) {
 			include_once makeSecurePath(FROXLOR_INSTALL_DIR . '/' . $value['file']);
 		}
-		
+
 		// now include the selected language if its not english
 		if ($language != 'English') {
 			if (isset($langs[$language])) {
-				foreach ($langs[$language] as $key => $value) {
+				foreach ($langs[$language] as $value) {
 					include_once makeSecurePath(FROXLOR_INSTALL_DIR . '/' . $value['file']);
 				}
 			} else {
@@ -171,7 +171,7 @@ abstract class ApiCommand extends ApiParameter
 				}
 			}
 		}
-		
+
 		// last but not least include language references file
 		include_once makeSecurePath(FROXLOR_INSTALL_DIR . '/lng/lng_references.php');
 
@@ -189,7 +189,7 @@ abstract class ApiCommand extends ApiParameter
 		 */
 		$this->mail = new PHPMailer(true);
 		$this->mail->CharSet = "UTF-8";
-		
+
 		if (Settings::Get('system.mail_use_smtp')) {
 			$this->mail->isSMTP();
 			$this->mail->Host = Settings::Get('system.mail_smtp_host');
@@ -203,7 +203,7 @@ abstract class ApiCommand extends ApiParameter
 			}
 			$this->mail->Port = Settings::Get('system.mail_smtp_port');
 		}
-		
+
 		if (PHPMailer::ValidateAddress(Settings::Get('panel.adminmail')) !== false) {
 			// set return-to address and custom sender-name, see #76
 			$this->mail->SetFrom(Settings::Get('panel.adminmail'), Settings::Get('panel.adminmail_defname'));
@@ -318,11 +318,12 @@ abstract class ApiCommand extends ApiParameter
 			}
 			header($resheader);
 		}
-		
+
+		$response = array();
 		$response['status'] = $status;
 		$response['status_message'] = $status_message;
 		$response['data'] = $data;
-		
+
 		$json_response = json_encode($response, JSON_UNESCAPED_SLASHES | JSON_PRETTY_PRINT);
 		return $json_response;
 	}
@@ -344,7 +345,7 @@ abstract class ApiCommand extends ApiParameter
 			// or optionally for one specific customer identified by id or loginname
 			$customerid = $this->getParam('customerid', true, 0);
 			$loginname = $this->getParam('loginname', true, '');
-			
+
 			if (! empty($customerid) || ! empty($loginname)) {
 				$_result = $this->apiCall('Customers.get', array(
 					'id' => $customerid,
@@ -383,7 +384,7 @@ abstract class ApiCommand extends ApiParameter
 	 *        	optional, required of customerid is empty
 	 * @param string $customer_resource_check
 	 *        	optional, when called as admin, check the resources of the target customer
-	 *
+	 *        	
 	 * @throws Exception
 	 * @return array
 	 */