if (!isset($projectid)) { $rest_json = file_get_contents('php://input'); $_POST = json_decode($rest_json, true); @($projectid = $_POST['projectid']); } if (!isset($projectid)) { echo_error('projectid not specified.'); return; } $projectid = pdo_real_escape_numeric($projectid); // Make sure the user has access to this page. $Project = new Project(); $User = new User(); $User->Id = $userid; $Project->Id = $projectid; $role = $Project->GetUserRole($userid); if ($User->IsAdmin() === false && $role <= 1) { echo_error("You ({$userid}) don't have the permissions to access this page ({$projectid})"); return; } // Route based on what type of request this is. $method = $_SERVER['REQUEST_METHOD']; switch ($method) { case 'DELETE': rest_delete(); break; case 'POST': rest_post(); break; case 'PUT': rest_put();