rewritten api using Slim Framework

Author: jelhan

.gitignore

@@ -7,6 +7,7 @@
 # dependencies
 /node_modules
 /bower_components
+/api/vendor
 
 # misc
 /.sass-cache

.travis.yml

@@ -16,6 +16,7 @@ install:
   - npm install -g bower
   - npm install
   - bower install
+  - cd api/ && composer install
 
 before_script:
   - ember server --live-reload=false & # Start a server so we can hit the fake API from integration tests

Brocfile.js

@@ -83,7 +83,7 @@ trees.push(
 trees.push(
   pickFiles('api', {
     srcDir: '/',
-    destDir: '/'
+    destDir: '/api'
   })
 );
 

README.md

@@ -23,7 +23,7 @@ You could check for an attack like this by using an development tool for your br
 Requirements
 ------------
 
-Croodle is designed to have as few as possible requirements on the server it is running on. Croodle runs on almost every web space with PHP. Croodle stores the data in textfiles, so there is no need for a database server like mySQL.
+Croodle is designed to have as few as possible requirements on the server it is running on. Croodle runs on almost every web space with PHP >= 5.3. Croodle stores the data in textfiles, so there is no need for a database server like mySQL.
 
 Due to security reasons you should have SSL encryption enabled and provide a valid certificate.
 

api/api.php

@@ -3,11 +3,11 @@
 /*
  * handles the data for api.php
  */
-class datahandler {
+class Datahandler {
     // (string) folder to store data in relative to position of api.php
     // webserver has to have write access to this folder
     // must end with a slash
-    const DATA_FOLDER = 'data/';
+    const DATA_FOLDER = '../data/';
 
     // (int) length of ids used to identify data
     const ID_LENGTH = 10;

api/classes/datahandler.php

@@ -0,0 +1,5 @@
+{
+    "require": {
+        "slim/slim": "~2.0"
+    }
+}

api/composer.json

@@ -0,0 +1,86 @@
+<?php
+/*
+ * RESTful API used by ember data for data storage
+ */
+
+require 'vendor/autoload.php';
+require 'classes/datahandler.php';
+
+function pollIdIsValid($pollId) {
+  return preg_match('/[^A-Za-z0-9]/', $pollId) === 0;
+}
+
+$app = new \Slim\Slim();
+
+/*
+ * default response headers
+ */
+$app->response->headers->set('Content-Type', 'application/json; charset=utf-8');
+// prevent Internet Explorer from caching AJAX requests
+$app->expires('-1');
+
+$app->get('/polls/:id', function ($pollId) use ($app) {
+  if(!pollIdIsValid($pollId)) {
+    $app->halt(400, 'requested id must only contain letters and numbers');
+  }
+
+  $datahandler = new Datahandler();
+  $data = $datahandler->get($pollId);
+
+  if ($data === false) {
+    // there was no data with this id or it could not be readen
+    $app->response->setStatus(404);
+  }
+  else {
+    $app->response->setBody($data);
+  }
+});
+
+$app->post('/polls', function() use ($app) {
+  $datahandler = new Datahandler();
+  $pollCreatedId = $datahandler->writePoll(
+    $app->request->getBody()
+  );
+
+  if (!$pollCreatedId) {
+    $app->halt(500, 'saving poll failed');
+  }
+  
+  $app->response->setBody(
+    $datahandler->get($pollCreatedId)
+  );
+});
+
+$app->post('/users', function() use ($app) {
+  $datahandler = new Datahandler();
+
+  // get poll id
+  $dataObject = json_decode(
+    $app->request->getBody()
+  );
+  $pollId = $dataObject->user->poll;
+  if (!pollIdIsValid($pollId)) {
+    $app->halt(400, 'poll id must only contain letters and numbers');
+  }
+
+  // write user
+  $userCreatedId = $datahandler->writeUser($pollId, $app->request->getBody());
+
+  if ($userCreatedId === false) {
+    $app->halt(500, 'saving user failed');
+  }
+
+  // add user id to user object
+  $dataObject->user->id = $userCreatedId;
+  
+  $app->response->setBody(
+    json_encode($dataObject)
+  );
+});
+
+$app->notFound(function () use ($app) {
+	// die("verdammte schieße...");
+	$app->halt(404, "verdammte scheiße\n" . $app->request->getResourceUri() . "\n");
+});
+
+$app->run();

api/composer.lock

@@ -13,7 +13,7 @@ export default DS.RESTAdapter.extend({
     // remove leading and trailing slash
     .replace(/\/$/, '')
     // add api.php
-    .concat('/api.php?')
+    .concat('/api/index.php')
     // remove leading slash
     .replace(/^\//g, '')
 });

api/index.php

@@ -47,6 +47,6 @@
     "ember-radio-button": "^0.1.2",
     "express": "^4.8.5",
     "glob": "^5.0.3",
-    "node-phpcgi": "0.3.1"
+    "node-phpcgi": "jelhan/node-phpcgi#entry-point"
   }
 }

app/adapters/application.js

@@ -20,6 +20,8 @@ module.exports = function(app) {
   /* use node-phpcgi to handle api */
   var phpcgi = require('node-phpcgi')({
     documentRoot: __dirname.substring(0, __dirname.length - 6) + '/dist',
+    includePath: '/api/index.php',
+    entryPoint: '/api/index.php'
   });
   app.use(phpcgi);