adding the real api (quick bootstrap + serving apicalls at /api/. need to do AUTH now, and makefile/debian package

api/api.conf

@@ -0,0 +1,9 @@
+
+# apache configuration to add the API at /api/ in any panel
+# put this into /etc/alternc/apache-panel.d
+
+RewriteEngine On
+
+RewriteCond %{REQUEST_FILENAME} !-f
+RewriteRule /api/(.*) /api/index.php [L]
+

api/panel/bootstrap.php

@@ -0,0 +1,86 @@
+<?php
+
+
+/* Global variables (AlternC configuration) */
+require_once(__DIR__."/../../class/local.php");
+
+// Define constants from vars of /etc/alternc/local.sh
+// The you can't choose where is the AlternC Panel 
+define('ALTERNC_MAIL',     "$L_ALTERNC_MAIL");
+define('ALTERNC_HTML',     "$L_ALTERNC_HTML");
+if(isset($L_ALTERNC_LOGS_ARCHIVE))
+  define('ALTERNC_LOGS_ARCHIVE',  "$L_ALTERNC_LOGS_ARCHIVE");
+define('ALTERNC_LOGS',     "$L_ALTERNC_LOGS");
+define('ALTERNC_PANEL',    "/usr/share/alternc/panel");
+define('ALTERNC_LOCALES',  ALTERNC_PANEL."/locales");
+define('ALTERNC_LOCK_JOBS', '/var/run/alternc/jobs-lock');
+define('ALTERNC_LOCK_PANEL', '/var/lib/alternc/panel/nologin.lock');
+
+/* PHPLIB inclusions : */
+$root=ALTERNC_PANEL."/";
+
+require_once($root."class/db_mysql.php");
+require_once($root."class/functions.php");
+require_once($root."class/variables.php");
+
+
+global $L_MYSQL_HOST,$L_MYSQL_DATABASE,$L_MYSQL_LOGIN,$L_MYSQL_PWD;
+
+class DB_system extends DB_Sql {
+  var $Host,$Database,$User,$Password;
+
+  /**
+  * Creator
+  */
+  function DB_system() {
+    global $L_MYSQL_HOST,$L_MYSQL_DATABASE,$L_MYSQL_LOGIN,$L_MYSQL_PWD;
+    $this->Host     = $L_MYSQL_HOST;
+    $this->Database = $L_MYSQL_DATABASE;
+    $this->User     = $L_MYSQL_LOGIN;
+    $this->Password = $L_MYSQL_PWD;
+  }
+}
+
+// we do both: 
+$db= new DB_system();
+$dbh = new PDO("mysql:host=".$L_MYSQL_HOST.";dbname=".$L_MYSQL_DATABASE, $L_MYSQL_LOGIN,$L_MYSQL_PWD,
+	       array(PDO::MYSQL_ATTR_INIT_COMMAND => "SET NAMES UTF8;")
+	       );
+
+
+// Current User ID = the user whose commands are made on behalf of.
+$cuid=0;
+
+$classes=array();
+/* CLASSES PHP : automatic include : */
+$c=opendir($root."class/");
+while ($di=readdir($c)) {
+  if (preg_match("#^m_(.*)\\.php$#",$di,$match)) { // $
+    $name1="m_".$match[1];
+    $name2=$match[1];
+    $classes[]=$name2;
+    require_once($root."class/".$name1.".php");
+  }
+}
+closedir($c);
+/* THE DEFAULT CLASSES ARE :
+   dom, ftp, mail, quota, bro, admin, mem, mysql, err
+*/
+
+
+/* Language */
+//include_once("../../class/lang_env.php");
+
+$mem=new m_mem();
+$err=new m_err();
+$authip=new m_authip();
+$hooks=new m_hooks();
+
+
+for($i=0;$i<count($classes);$i++) {
+  $name2=$classes[$i];
+  if (isset($$name2)) continue; // for already instancied class like mem, err or authip
+  $name1="m_".$name2;
+  $$name2= new $name1();
+}
+

api/panel/index.php

@@ -0,0 +1,103 @@
+<?php
+
+/**
+ * multiple call-mode API for Alternc
+ * you can call this HTTP(s) API as follow: 
+ * from the base url https://panel.example.fr/api/
+ * 1. /api/post use GETted data (?token=xx&object=xx&action=yy&option1=value1&option2=value2
+ * 2. /api/post use POSTED data using the same keys 
+ * 3. use a sub-url (rest-style) of the form /api/rest/object/action?token=xx&option1=value1&option2=value2
+ * 4. the same (REST) but options and value are POSTED
+ * 
+ * the json-object contains:
+ *  ->object = the Alternc_Api_Object_<classname> to call
+ *  ->action = the method to call in this class
+ *  ->options = an object passed as it is while calling the method.
+ * 
+ */
+
+
+// bootstrap AlternC
+require_once("bootstrap.php");
+
+// Which api method is used ?
+define("API_CALL_GET",       1 );
+define("API_CALL_POST",      2 );
+define("API_CALL_POST_REST", 3 );
+define("API_CALL_GET_REST",  4 );
+
+// TODO : __autoload of classes ? 
+
+function apicall($data,$token,$mode) {
+  global $dbh;
+  $options["databaseAdapter"]=$dbh;
+  $options["loginAdapterList"]=array("sharedsecret","login");
+  // TODO (no loggerAdapter PSR3-Interface-compliant class as of now)
+  try {
+
+    $service=new Alternc_Api_Service($options);
+
+    $response = $service->call(
+			       new Alternc_Api_Request($data)
+			       );
+
+    header("Content-Type: application/json");
+    echo $response->toJson();
+    exit();
+
+  } catch (Exception $e) {
+    // something went wrong, we spit out the exception as an Api_Response
+    // TODO : Don't do that on production! spit out a generic "fatal error" code and LOG the exception !
+    header("Content-Type: application/json");
+    $response=new Alternc_Api_Response(array("code" => $e->code, "message" => $e->message));
+    echo $response->toJson();
+    exit();
+  }
+}
+
+// Authentication is done by asking for /api/auth/<method>?option1=value1&option2=value2 
+// or POSTED data
+// a token is returned for this session
+
+// We support 4 api calls methods:
+
+if ($_SERVER["REQUEST_URI"]=="/api/post") {
+  // simple ?q or POST of json data
+  if ($_SERVER["REQUEST_METHOD"]=="POST") {
+    $data=array("options" => $_POST,
+		"object" => $_POST["object"],
+		"action" => $_POST["action"],
+		);
+    $token=$_POST["token"];
+    apicall($data,$token,API_CALL_POST);
+    exit();
+  } else {
+    $data=array("options" => $_GET,
+		"object" => $_GET["object"],
+		"action" => $_GET["action"],
+		);
+    $token=$_GET["token"];
+    apicall($data,$token,API_CALL_GET);
+    exit();
+  }
+}
+
+if (preg_match("#^/api/rest/([^/]*)/([^/]*)/?#$",$_SERVER["REQUEST_URI"],$mat)) {
+  if ($_SERVER["REQUEST_METHOD"]=="POST") {
+    $data=array("options" => $_POST, 
+		"object" => $mat[1],
+		"action" => $mat[2]
+		);
+    $token=$_POST["token"];
+    apicall($data,$token,API_CALL_POST_REST);
+    exit(); 
+  } else {
+    $data=array("options" => $_GET, 
+		"object" => $mat[1],
+		"action" => $mat[2]
+		);
+    $token=$_GET["token"];
+    apicall($data,$token,API_CALL_GET_REST);
+    exit(); 
+  }
+}