-
-
Notifications
You must be signed in to change notification settings - Fork 156
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
0.2.0.0 functionalizing #910
Conversation
Inventory
This draft PR shows the work to attempt to make all actions in post.php occur via functions. This enables easier management of a CRUD API
Test these changes at: https://0200functionalizing910.pr-review.itflow.org |
function tryAPIKey($api_key_secret) { | ||
global $mysqli, $session_ip, $session_user_agent; | ||
|
||
$row = mysqli_fetch_array(mysqli_query($mysqli,"SELECT * FROM api_keys WHERE api_key_secret = '$api_key_secret'")); |
Check failure
Code scanning / SonarCloud
Database queries should not be vulnerable to injection attacks High
Fix Database name
Quality Gate failedFailed conditions See analysis details on SonarCloud Catch issues before they fail your Quality Gate with our IDE extension SonarLint |
Reworking of post.php logic where most actions occur via functions.
This way we can manipulate those functions for the API.
Goal is an easier to maintain codebase as our logic grows more complicated, and to ease api development.
I am building a NinjaOne integration tool (distinct from ITFlow, dw) and realized that the API is a bit cobbled together, and very cumbersome to add to.