From cb87d04b3ec00e0e0d98508e6373a22ea4668215 Mon Sep 17 00:00:00 2001
From: Isaac Connor <isaac@zoneminder.com>
Date: Fri, 13 Jan 2023 13:36:48 -0500
Subject: [PATCH] Move api page content from options.php to _options_api.php

---
 web/skins/classic/views/_options_api.php | 98 ++++++++++++++++++++++++
 web/skins/classic/views/options.php      | 74 +-----------------
 2 files changed, 99 insertions(+), 73 deletions(-)
 create mode 100644 web/skins/classic/views/_options_api.php

diff --git a/web/skins/classic/views/_options_api.php b/web/skins/classic/views/_options_api.php
new file mode 100644
index 000000000..6b975859d
--- /dev/null
+++ b/web/skins/classic/views/_options_api.php
@@ -0,0 +1,98 @@
+<?php
+//
+// ZoneMinder web options view file, $Date$, $Revision$
+// Copyright (C) 2001-2008 Philip Coombes
+//
+// This program is free software; you can redistribute it and/or
+// modify it under the terms of the GNU General Public License
+// as published by the Free Software Foundation; either version 2
+// of the License, or (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU General Public License for more details.
+//
+// You should have received a copy of the GNU General Public License
+// along with this program; if not, write to the Free Software
+// Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+//
+
+if (!canView('System')) {
+  $view = 'error';
+  return;
+}
+
+$canEdit = canEdit('System');
+
+if ((!defined('ZM_OPT_USE_API')) or ZM_OPT_USE_API != '1') {
+  echo '<div class="errorText">APIs are disabled. To enable, please turn on OPT_USE_API in Options->System</div>';
+  return;
+}
+?>
+
+<form name="userForm" method="post" action="?">
+  <button class="float-left" type="submit" name="updateSelected" id="updateSelected"><?php echo translate('Update')?></button>
+  <button class="float-left" type="button" id="btnNewToken"><?php echo translate('New Token')?></button>
+  <button class="btn-danger float-right" type="submit" name="revokeAllTokens" id="revokeAllTokens"><?php echo translate('RevokeAllTokens')?></button>
+  <br/>
+<?php
+  function revokeAllTokens() {
+    $minTokenTime = time();
+    dbQuery('UPDATE `Users` SET `TokenMinExpiry`=?', array($minTokenTime));
+    echo '<span class="timedSuccessBox">'.translate('AllTokensRevoked').'</span>';
+  }
+
+  function updateSelected() {
+    # Turn them all off, then selectively turn the checked ones back on
+    dbQuery('UPDATE `Users` SET `APIEnabled`=0');
+
+    if (isset($_REQUEST['tokenUids'])) {
+      $minTime = time();
+      foreach ($_REQUEST['tokenUids'] as $markUid) {
+        dbQuery('UPDATE `Users` SET `TokenMinExpiry`=? WHERE `Id`=?', array($minTime, $markUid));
+      }
+    }
+    if (isset($_REQUEST['apiUids'])) {
+      foreach ($_REQUEST['apiUids'] as $markUid) {
+        dbQuery('UPDATE `Users` SET `APIEnabled`=1 WHERE `Id`=?', array($markUid));
+      }
+    }
+    echo '<span class="timedSuccessBox">'.translate('Updated').'</span>';
+  }
+
+  if (array_key_exists('revokeAllTokens', $_POST)) {
+    revokeAllTokens();
+  }
+
+  if (array_key_exists('updateSelected', $_POST)) {
+    updateSelected();
+  }
+?>
+  <br/><br/>
+  <input type="hidden" name="view" value="<?php echo $view ?>"/>
+  <input type="hidden" name="tab" value="<?php echo $tab ?>"/>
+  <input type="hidden" name="action" value="delete"/>
+  <table id="contentTable" class="table table-striped">
+    <thead class="thead-highlight">
+      <tr>
+        <th class="colUsername"><?php echo translate('Username') ?></th>
+        <th class="colMark"><?php echo translate('Revoke Token') ?></th>
+        <th class="colMark"><?php echo translate('API Enabled') ?></th>
+      </tr>
+    </thead>
+    <tbody>
+<?php
+foreach (ZM\User::find([], ['order'=>'Username']) as $u) {
+?>
+      <tr>
+        <td class="colUsername"><?php echo validHtmlStr($u->Username()) ?></td>
+        <td class="colMark"><input type="checkbox" name="tokenUids[]" value="<?php echo $u->Id() ?>" /></td>
+        <td class="colMark"><input type="checkbox" name="apiUids[]" value="<?php echo $u->Id() ?>" <?php echo $u->APIEnabled()?'checked':''?> /></td>
+      </tr>
+<?php
+}
+?>
+    </tbody>
+  </table>
+</form>
diff --git a/web/skins/classic/views/options.php b/web/skins/classic/views/options.php
index 9b9db9a03..15e1382c8 100644
--- a/web/skins/classic/views/options.php
+++ b/web/skins/classic/views/options.php
@@ -332,79 +332,7 @@ foreach (array_map('basename', glob('skins/'.$skin.'/css/*', GLOB_ONLYDIR)) as $
           </form>
 <?php
 } else if ($tab == 'API') {
-  $apiEnabled = dbFetchOne('SELECT Value FROM Config WHERE Name=\'ZM_OPT_USE_API\'');
-  if ($apiEnabled['Value'] != '1') {
-    echo '<div class="errorText">APIs are disabled. To enable, please turn on OPT_USE_API in Options->System</div>';
-  } else {
-?>
-
-          <form name="userForm" method="post" action="?">
-            <button class="float-left" type="submit" name="updateSelected" id="updateSelected"><?php echo translate('Update')?></button>
-            <button class="btn-danger float-right" type="submit" name="revokeAllTokens" id="revokeAllTokens"><?php echo translate('RevokeAllTokens')?></button>
-            <br/>
-<?php
-    function revokeAllTokens() {
-      $minTokenTime = time();
-      dbQuery('UPDATE `Users` SET `TokenMinExpiry`=?', array($minTokenTime));
-      echo '<span class="timedSuccessBox">'.translate('AllTokensRevoked').'</span>';
-    }
-
-    function updateSelected() {
-      # Turn them all off, then selectively turn the checked ones back on
-      dbQuery('UPDATE `Users` SET `APIEnabled`=0');
-
-      if (isset($_REQUEST['tokenUids'])) {
-        foreach ($_REQUEST['tokenUids'] as $markUid) {
-          $minTime = time();
-          dbQuery('UPDATE `Users` SET `TokenMinExpiry`=? WHERE `Id`=?', array($minTime, $markUid));
-        }
-      }
-      if (isset($_REQUEST['apiUids'])) {
-        foreach ($_REQUEST['apiUids'] as $markUid) {
-          dbQuery('UPDATE `Users` SET `APIEnabled`=1 WHERE `Id`=?', array($markUid));
-        }
-      }
-      echo '<span class="timedSuccessBox">'.translate('Updated').'</span>';
-    }
-
-    if (array_key_exists('revokeAllTokens', $_POST)) {
-      revokeAllTokens();
-    }
-
-    if (array_key_exists('updateSelected', $_POST)) {
-      updateSelected();
-    }
-?>
-            <br/><br/>
-            <input type="hidden" name="view" value="<?php echo $view ?>"/>
-            <input type="hidden" name="tab" value="<?php echo $tab ?>"/>
-            <input type="hidden" name="action" value="delete"/>
-            <table id="contentTable" class="table table-striped">
-              <thead class="thead-highlight">
-                <tr>
-                  <th class="colUsername"><?php echo translate('Username') ?></th>
-                  <th class="colMark"><?php echo translate('Revoke Token') ?></th>
-                  <th class="colMark"><?php echo translate('API Enabled') ?></th>
-                </tr>
-              </thead>
-              <tbody>
-<?php
-  $sql = 'SELECT * FROM Users ORDER BY Username';
-  foreach (dbFetchAll($sql) as $row) {
-?>
-                <tr>
-                  <td class="colUsername"><?php echo validHtmlStr($row['Username']) ?></td>
-                  <td class="colMark"><input type="checkbox" name="tokenUids[]" value="<?php echo $row['Id'] ?>" /></td>
-                  <td class="colMark"><input type="checkbox" name="apiUids[]" value="<?php echo $row['Id']?>"  <?php echo $row['APIEnabled']?'checked':''?> /></td>
-                </tr>
-<?php
-  }
-?>
-              </tbody>
-            </table>
-          </form>
-<?php 
-  } // API enabled
+  include('_options_api.php');
 }  // $tab == API
   else { 
   $config = array();