Closed Pillowg1rl closed 4 years ago
Hi. I haven't been working on the api for quiet a while now. I dont really have a usecase for it anymore personally, but if there is interest I could think about it.
I thinks there is definitely a usege for youre code :) Mostly for little Programms who want to add a database connection to their Script. But i read, that the improv3d api (this api's basic) was very unsave and easy to hack...
This is the improv3d api, I just renamed it.
I wouldn't say that it's unsafe to use or easy to hack. You can add authentication-keys to the config, which limits access to users with a key. You can add as many keys as you want (eg. one per user).
You can also adjust access to the api functions on a global level and override them with key specific ones (kind of like roles... user, admin, etc.)
More about this here https://github.com/kevgk/Leya/wiki/Authentication-Keys
So if you just want to read from the db for example, only allow read.
But isn't it unsafe, that the file with the config of the Database lays in clear-text onto the server ? or do I have the wrong understanding of this ? :)
The config file is a php file, php parses it and makes the variables accessable to the api, but never outputs its content.
Let's say you try to open the config.php with your browser, you'll see nothing. The config.php executed, but it didn't output anything.
ah okey. thats perfect :) I've worked like 5 Years ago with the API. But I can't remember the commands, if it's with " or without and so on. If you have the wiki file or something like this it would be enought for me and I could work again with the API :)
In the readme you have every command listed with its parameters. https://github.com/kevgk/Leya And for a very few commands I created a wiki, which is far from finished. https://github.com/kevgk/Leya/wiki/leya.get
I guess your questions have been answered, so I'm closing the issue. If you have more questions, feel free to open a new issue.
hi. Is this API still being developed?