From 7fe649b47bbbf4a6af318b9386c38d4863f680af Mon Sep 17 00:00:00 2001 From: kc9uhi Date: Sun, 15 Feb 2026 10:38:22 -0700 Subject: [PATCH 1/5] add list_clubmembers api endpoint --- application/controllers/Api.php | 48 +++++++++++++++++++++++++++++++++ 1 file changed, 48 insertions(+) diff --git a/application/controllers/Api.php b/application/controllers/Api.php index 2fa8af2eb..9cfe63336 100644 --- a/application/controllers/Api.php +++ b/application/controllers/Api.php @@ -1309,4 +1309,52 @@ class API extends CI_Controller { return $url; } + /* ** + * List members of a clubstation + * API key needs to be of a club officer (permission level 9) + * returns array of club member details + */ + function list_clubmembers($key = '') { + header('Content-type: application/json'); + + $this->load->model('api_model'); + if ($this->api_model->access($key) == "No Key Found" || $this->api_model->access($key) == "Key Disabled") { + http_response_code(401); + echo json_encode(['status' => 'error', 'message' => 'Auth Error, invalid key']); + return; + } + + $this->load->model('club_model'); + $userid = $this->api_model->key_userid($key); + $created_by = $this->api_model->key_created_by($key); + $club_perm = $this->club_model->get_permission_noui($userid,$created_by); + if (($userid == $created_by) || (($club_perm ?? 0) != 9)) { // not club officer + http_response_code(401); + echo json_encode(['status' => 'error', 'message' => 'Auth Error, not enough permissions for this operation']); + return; + } + + $this->load->model('club_model'); + $memberlist = $this->club_model->get_club_members($userid); + if (!empty($memberlist)) { + $members = []; + foreach($memberlist as $member) { + $members[] = [ + 'callsign' => $member->user_callsign, + 'first_name' => $member->user_firstname, + 'last_name' => $member->user_lastname, + 'user_name' => $member->user_name, + 'email' => $member->user_email, + 'p_level' => $member->p_level + ]; + } + http_response_code(200); + echo json_encode(['status' => 'successful', 'members' => $members]); + } else { + http_response_code(204); + echo json_encode(['status' => 'failed', 'reason' => "No club members found", 'members' => '']); + return; + } + } } +?> \ No newline at end of file From 0291803862a87011606e1c8a1290bb443ccb3ba5 Mon Sep 17 00:00:00 2001 From: kc9uhi Date: Sun, 15 Feb 2026 10:50:52 -0700 Subject: [PATCH 2/5] unnecessary variable definition --- application/controllers/Api.php | 1 - 1 file changed, 1 deletion(-) diff --git a/application/controllers/Api.php b/application/controllers/Api.php index 9cfe63336..bbd5f84d4 100644 --- a/application/controllers/Api.php +++ b/application/controllers/Api.php @@ -1337,7 +1337,6 @@ class API extends CI_Controller { $this->load->model('club_model'); $memberlist = $this->club_model->get_club_members($userid); if (!empty($memberlist)) { - $members = []; foreach($memberlist as $member) { $members[] = [ 'callsign' => $member->user_callsign, From ac973e16d89c0d5f27187bad737d443dc69fbca3 Mon Sep 17 00:00:00 2001 From: kc9uhi <21296099+kc9uhi@users.noreply.github.com> Date: Sun, 15 Feb 2026 12:01:03 -0700 Subject: [PATCH 3/5] remove extra model load Co-authored-by: Fabian Berg --- application/controllers/Api.php | 1 - 1 file changed, 1 deletion(-) diff --git a/application/controllers/Api.php b/application/controllers/Api.php index bbd5f84d4..e74edc482 100644 --- a/application/controllers/Api.php +++ b/application/controllers/Api.php @@ -1334,7 +1334,6 @@ class API extends CI_Controller { return; } - $this->load->model('club_model'); $memberlist = $this->club_model->get_club_members($userid); if (!empty($memberlist)) { foreach($memberlist as $member) { From 132be04c09e5353ae81da20463731086d3856203 Mon Sep 17 00:00:00 2001 From: kc9uhi Date: Sun, 15 Feb 2026 13:37:46 -0700 Subject: [PATCH 4/5] remove ?> at end of file --- application/controllers/Api.php | 1 - 1 file changed, 1 deletion(-) diff --git a/application/controllers/Api.php b/application/controllers/Api.php index e74edc482..3699b9542 100644 --- a/application/controllers/Api.php +++ b/application/controllers/Api.php @@ -1355,4 +1355,3 @@ class API extends CI_Controller { } } } -?> \ No newline at end of file From 761ea241f7df2c99b8b6c062df66bee496a79ef6 Mon Sep 17 00:00:00 2001 From: kc9uhi Date: Mon, 16 Feb 2026 16:42:56 -0700 Subject: [PATCH 5/5] reduce list_clubmembers data output, move key from request URI to POST data --- application/controllers/Api.php | 20 +++++++++++++------- 1 file changed, 13 insertions(+), 7 deletions(-) diff --git a/application/controllers/Api.php b/application/controllers/Api.php index 3699b9542..cede9ef85 100644 --- a/application/controllers/Api.php +++ b/application/controllers/Api.php @@ -1314,19 +1314,28 @@ class API extends CI_Controller { * API key needs to be of a club officer (permission level 9) * returns array of club member details */ - function list_clubmembers($key = '') { + function list_clubmembers() { header('Content-type: application/json'); $this->load->model('api_model'); - if ($this->api_model->access($key) == "No Key Found" || $this->api_model->access($key) == "Key Disabled") { + + // Decode JSON and store + $obj = json_decode(file_get_contents("php://input"), true); + if ($obj === NULL) { + http_response_code(400); + echo json_encode(['status' => 'failed', 'reason' => "wrong JSON"]); + return; + } + + if ($this->api_model->access($obj['key']) == "No Key Found" || $this->api_model->access($obj['key']) == "Key Disabled") { http_response_code(401); echo json_encode(['status' => 'error', 'message' => 'Auth Error, invalid key']); return; } $this->load->model('club_model'); - $userid = $this->api_model->key_userid($key); - $created_by = $this->api_model->key_created_by($key); + $userid = $this->api_model->key_userid($obj['key']); + $created_by = $this->api_model->key_created_by($obj['key']); $club_perm = $this->club_model->get_permission_noui($userid,$created_by); if (($userid == $created_by) || (($club_perm ?? 0) != 9)) { // not club officer http_response_code(401); @@ -1339,10 +1348,7 @@ class API extends CI_Controller { foreach($memberlist as $member) { $members[] = [ 'callsign' => $member->user_callsign, - 'first_name' => $member->user_firstname, - 'last_name' => $member->user_lastname, 'user_name' => $member->user_name, - 'email' => $member->user_email, 'p_level' => $member->p_level ]; }