Important update!
1.4.1 and lower versions have a SQL injection exploit with the getGroups and getUsers actions. See below for more information.
Do note that some of the actions are still not documented.
You can now:
- Get users by IP address.
- Get users by array.
- Get user upgrades when grabbing a user.
- Filter threads by discussion_state in getThreads.
Other fixes/stuff:
- Fixed SQL injection exploit, reported by Julien Ahrens, http://www.rcesecurity.com/, thanks! See BuqTraq.
- Fixed unserialize on editUser.
- Added discussion_state parameter to createThread.
- Fixed issue with avatars not returning the correct URL.
- Send email on registration if user state is email_confirm.
- Removed uneeded breaks, the API should now work with PHP7.
You can view this release on GitHub.
Feel free to ask any questions, I'll try my best to answer them.
Issues and feature requests can be posted on the GitHub page.
Do note that some of the actions are still not documented.
You can now:
- Search through the forum
- Login the user from an external website (this would start a session via a browser cookie, see example here)
- Get all the available user upgrades and all the active user upgrades of an user
- Upgrade and downgrade an user
- Grab the custom fields of an user/thread/node (via Custom Fields by Waindigo)
- Edit threads (you can't edit the message of the thread yet, but this can be done via editPost instead for now)
- Edit posts
- Delete users
Other fixes/stuff:
- getPost(s) and getThread(s) now return an additional field called "message_html" which contains the message formated in HTML via XenForo's parser
- Added an initial PHP wrapper class that can be used on other projects
- Added a static variable for the default API key, this should make it easier for users to understand how to edit the API key
You can view this release on GitHub.
Feel free to ask any questions, I'll try my best to answer them.
Issues and feature requests can be posted on the GitHub page.
Happy Holidays!
Do note that some of the actions are still not documented.
You can now:
Some other minor fixes:
- Create an alert
- Create a conversation
- Create a conversation reply
- Create a post
- Create a profile post
- Create a profile post comment
- Create a thread
- Delete a post
- Grab a single conversation
- Grab the resource categories
Feel free to ask any questions, I'll try my best to answer them.
- The authenticate action now works with newer XenForo versions, the hash is now encoded in base64.
- Added grab_content and content_limit parameters to getThread and getThreads (content_limit defaults to 1)
- Added category_id option to getResources
- Added grab_description option to getResource and getResources
- getResource and getResources now return version_string and file_hash of the current resource
- Added trophy_points to editUser
- getUser now returns the email of the user correctly
- Added include_deleted parameter to getStats
Issues and feature requests can be posted on the GitHub page
Added two new actions that were missing in the 1.3 update:
- getNode, allows to grab a specific node and get the information about the specific node.
- getNodes, allows to grab a list of nodes, it's also possible to grab specific node type (category, link forum, forum and page).
You can now:
Documentation can be found here: https://github.com/Contex/XenAPI/wiki/REST-API-Actions
- Edit users.
- Grab conversations.
- Grab a specific post.
- Grab multiple posts.
- Grab a specific profile post.
- Grab multiple profile posts.
- Grab a summary of forum stats.
- Grab a specific thread.
- Grab multiple threads.
- Register a user.
- Grab the request as a specific user.
- Grab users/threads/posts, ordering by a specific field; using these additional parameters:
Fixed an issue with authentication requiring hash, thanks @faeronsayn!
Another small update:
Feel free to follow the progress of XenAPI on Github.
- I've moved things around, the XenAPI is now independent of the REST API, making it possible to use XenAPI in your PHP includes.
- You can grab all the resources from the Resource Manager.
- You can grab all the resources submitted by an user.
- You can grab a specific resource.
- You can grab all the installed addons.
- You can grab all the enabled/disabled addons.
- You can grab a specific addon.
Here's a small update:
- I've now updated the documentation of the code, almost every single bit is documented.
- I also added a simple permission system for every action, so it's easy to restrict the actions depending on the user's permission level.
- I added a new action for grabbing alerts!
This update allows me to do quicker updates in the future as I've done my best to make it easy to add new actions.
Feel free to review and make requests, you can see the code over at GitHub.
We use essential cookies to make this site work, and optional cookies to enhance your experience.