Locidoke Sample API

PHP Example API - Source Code

It has been a long time coming and as with all of our 247coding.com source code, use at your own risk!
Here is some php example code to create your own small Locidoke API. It contains some validation but you will want to review and change/add anything you think may be harmful from client. Retrieving data from an external source, especially if you are writing to a file should be well examined and whitelisted values are recommended! It is not perfect but hopefully gives you something to start with. Feel free to serialize the data, I did it using simple strings which are split into a list.
If you have any suggestion on changes, please feel free to send an email to abitowhit@gmail.com with suggestions. Locidoke communications should be done across a secure HTTPS connection so that the user information/keys are not passed in plain text.
<?php $locDir = 'public://inbound-locs/'; $malchars = array('.','/','\\', '?', '&', '|', '(', ')', '+', '-','\'"','<','>','%','$','#','@','`',':','*','\''); // Change the URL prefix here to your website URL for the files // $locfileurl="https://yourwebsite.com/yourlocfilelocation/"; $keyIsValid=false; global $user; $ulat=""; $ulong=""; $utime=""; $uk1=""; $uk2=""; $myloc=""; $dbg=""; $minLimit=5; function LimitedTime($inLocFile,$inLimit) { $trange=$inLimit * 60; $rv=FALSE; if (file_exists($inLocFile)) { $lastTime = date(filemtime($inLocFile)+$range); if (date(time()) > date($lastTime)) { $rv= TRUE;// date(time())." gt ".$lastTime."=True ".date(filemtime($inLocFile)); } } else { $rv=FALSE; } return $rv; }//endfunc if(isset($_GET['fchk'])) { if (LimitedTime($locDir."abow_loc.txt",$minLimit)) { die("OK"); } else { die("Waiting"); } }// fchk function CharCheck($inStr) { $maxchars=33; $valLen=count(str_split($inStr)); if ($valLen < $maxchars) { if (!preg_match('/[^A-Za-z0-9\! _.#\\-$]/', $inStr)) { return str_replace($malchars,"",$inStr); } else { return ""; } } else { return "";// 'bad count '.$valLen." of ".$maxchars; } } function ValidKey($inkv) { //string should be USERNAME_SECRETKEY_ALLOWEDTIMEINTERVAL //1 means they can upload every minute.. 600 means they are limited to every 5 minutes so add whatever time frames you want to support //this should match the value they put in their locidoke key1 parameter, you give this to them. //it allows you to set the time limit since the key must match. the USERNAME value will be used to create //their download file URL which is save to a file. Currently it is just a file link available on the API website but //you could do a read on the file and send back the coords via the API if you want. You could also pull this //list from a database. // LIST of valid user keys - **** This is where you would add the keys given to your users $kl = array('testuser1_testuser1secretkey_1', 'testuser2_testuser2secretkey_600'); if (in_array($inkv,$kl)) { return TRUE; } else { return FALSE; } } function goodStamp($indate) { //timestamp validate if(DateTime::createFromFormat('m/d/Y h:i:s A', $indate) !== false) { //12hour return TRUE; } elseif(DateTime::createFromFormat('m/d/Y H:i:s', $indate) !== false) { //24hour return TRUE; } elseif(DateTime::createFromFormat('m-d-Y H:i:s', $indate) !== false) { //24hour return TRUE; } else { return FALSE; } } function goodLat($inlat) { //lat validate if($inlat=="0") { return TRUE; } else { return preg_match('/^[-]?(([0-8]?[0-9])\.(\d+))|(90(\.0+)?)$/',$inlat); } } function goodLon($inlon) { //lon validate if($inlon=="0") { return TRUE; } else { return preg_match('/^[-]?((((1[0-7][0-9])|([0-9]?[0-9]))\.(\d+))|180(\.0+)?)$/',$inlon); } } function randReason() { //random gen status reasons $randStop=array("Bio break","Eating lunch","Watching a movie","On a treasure hunt","Slightly Lost!","Stopped for gas","Picking Pateunias","Walking the dog"); return $randStop[array_rand($randStop,1)]; } function randBad() { //random gen locations to send to bad attempts $badLocs=array("37.8269817,-122.4251495","44.4968817,101.0329761","-6.1193329,39.1580149"); die($badLocs[array_rand($badLocs,1)].",".date("m-d-Y h:i:s A").",!".randReason()); } function randGood() { //random good locations you can use for testing or demos $goodLocs = array("37.8996651,-85.9783168","43.0538467,-79.2284619","36.492905,-112.108734","25.08729,-77.3219092"); die($goodLocs[array_rand($goodLocs,1)].",".date("m-d-Y h:i:s A").",-".randReason()); } if($_GET['key1']==="apidemo") { // if you want to provide a random demo reply for your api randGood(); } if (count($_POST===5)) { foreach ($_POST as $key => $value) { // loop for POST parameters if ($key=='lat') { // $ulat=$value; if (goodLat($value)) { $ulat=$value; } } if ($key=='lon') { if (goodLon($value)) { $ulon=$value; } } if ($key=='time') { if(goodStamp($value)) { $utime=$value; } } if ($key=='key1') { $uk1=$value;//CharCheck($value); } if ($key=='key2') { $uk2=CharCheck($value); } }//endloop }//end ifpostcount // Begin GET Count if (count($_GET===5)) { foreach ($_GET as $key => $value) { // loop for GET parameters if ($key=='lat') { if (goodLat($value)) { $ulat=$value; } } if ($key=='lon') { if (goodLon($value)) { $ulon=$value; } } if ($key=='time') { if(goodStamp($value)) { $utime=$value; } } if ($key=='key1') { $uk1=CharCheck($value); } if ($key=='key2') { $uk2=CharCheck($value); } }//endloop }//endif GET count // ////////////////////////////////////process the incoming request if (ValidKey($uk1) && $ulat !="" && $ulon !="" && $utime !="") { $myloc=$ulat.",".$ulon.",".$utime; $locdata= $ulat.",".$ulon.",".$utime.",".$uk2; list($uName,$uKey,$uLimit)=explode("_",$uk1); $loc_file = $uName.'_loc.txt'; // File name using key1 if (LimitedTime($locDir.$loc_file,$uLimit)==TRUE) { // create a location file which matches the whitelisted username file_prepare_directory($locDir, FILE_CREATE_DIRECTORY); $file = file_save_data($locdata,$locDir.$loc_file,FILE_EXISTS_REPLACE); die($locfileurl.$loc_file); } else { // restricted time just send url die($locfileurl.$loc_file); } }// valid else { // if by chance you want to send a default failure loc, enable randbad to send a random loc from the bad locs. // randBad(); } // end datacheck ?>