minor fixes

Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>

api.php

@@ -13,10 +13,7 @@ if (Settings::Get('api.enabled') != 1) {
 header("Content-Type:application/json");
 
 // get our request
-$request = isset($_GET['request']) ? $_GET['request'] : null;
+$request = @file_get_contents('php://input');
-if (empty($request)) {
-	$request = isset($_POST['request']) ? $_POST['request'] : null;
-}
 
 // check if present
 if (empty($request)) {
@@ -63,7 +60,7 @@ function json_response($status, $status_message, $data = null)
 	$response['status_message'] = $status_message;
 	$response['data'] = $data;
 	
-	$json_response = json_encode($response, JSON_PRETTY_PRINT);
+	$json_response = json_encode($response, JSON_UNESCAPED_SLASHES | JSON_PRETTY_PRINT);
 	echo $json_response;
 	exit();
 }

lib/classes/api/abstract.ApiCommand.php

@@ -52,20 +52,50 @@ abstract class ApiCommand
 		return (isset($this->user_data[$detail]) ? $this->user_data[$detail] : null);
 	}
 
+	/**
+	 * return user-data array
+	 *
+	 * @return array
+	 */
+	protected function getUserData()
+	{
+		return $this->user_data;
+	}
+
 	/**
 	 * receive field from parameter-list
 	 *
 	 * @param string $param
+	 * @param mixed $default
+	 *        	set if param is not found
 	 *        	
 	 * @throws Exception
 	 * @return mixed
 	 */
-	protected function getParam($param = null)
+	protected function getParam($param = null, $default = null)
 	{
 		if (isset($this->cmd_params[$param])) {
 			return $this->cmd_params[$param];
 		}
-		return null;
+		return $default;
+	}
+
+	/**
+	 * update value of parameter
+	 *
+	 * @param string $param
+	 * @param mixed $value
+	 *
+	 * @throws Exception
+	 * @return boolean
+	 */
+	protected function updateParam($param, $value = null)
+	{
+		if (isset($this->cmd_params[$param])) {
+			$this->cmd_params[$param] = $value;
+			return true;
+		}
+		throw new Exception("Unable to update parameter '" . $param . "' as it does not exist", 500);
 	}
 
 	/**
@@ -86,7 +116,7 @@ abstract class ApiCommand
 		$response['status_message'] = $status_message;
 		$response['data'] = $data;
 		
-		$json_response = json_encode($response, JSON_PRETTY_PRINT);
+		$json_response = json_encode($response, JSON_UNESCAPED_SLASHES | JSON_PRETTY_PRINT);
 		return $json_response;
 	}
 

lib/classes/api/commands/class.IpsAndPorts.php

@@ -321,16 +321,14 @@ class IpsAndPorts extends ApiCommand
 		if ($this->isAdmin() && $this->getUserDetail('change_serversettings')) {
 			$id = $this->getParam('id');
 			
-			$result_stmt = Database::prepare("
+			$json_result = IpsAndPorts::getLocal($this->getUserData(), array(
-			SELECT * FROM `" . TABLE_PANEL_IPSANDPORTS . "` WHERE `id` = :id
-		");
-			$result = Database::pexecute_first($result_stmt, array(
 				'id' => $id
-			), true, true);
+			))->get();
+			$result = json_decode($json_result, true)['data'];
 			
 			$result_checkdomain_stmt = Database::prepare("
-			SELECT `id_domain` as `id` FROM `" . TABLE_DOMAINTOIP . "` WHERE `id_ipandports` = :id
+				SELECT `id_domain` as `id` FROM `" . TABLE_DOMAINTOIP . "` WHERE `id_ipandports` = :id
-		");
+			");
 			$result_checkdomain = Database::pexecute_first($result_checkdomain_stmt, array(
 				'id' => $id
 			), true, true);