<?php session_start(); require_once '../db.php'; if (!isset($_POST['name']) || !isset($_POST['source']) || !isset($_POST['difficulty']) || !isset($_POST['species']) || !isset($_POST['sequence'])) { die('group name and desc must be present'); return; } // Require that someone is logged in first. if (!isset($_SESSION['userId'])) { die('Not logged in'); return; } insertContig(mongoIdSanitize($_SESSION['userId']), mongoUserSanitize($_SESSION['userName']), mongoNameSanitize($_POST['name']), mongoNameSanitize($_POST['source']), mongoNameSanitize($_POST['species']), mongoNumberSanitize($_POST['difficulty']), mongoSequenceSanitize($_POST['sequence']));
<?php header('Content-type: application/json'); require_once '../db.php'; $group = array(); $group['valid'] = false; if (isset($_GET['id'])) { $group = getFullGroupInfo(mongoUserSanitize($_GET['id'])); if ($group) { $group['valid'] = true; } } echo json_encode($group);
<?php session_start(); require_once '../db.php'; if (!isset($_POST['groups']) || !isset($_POST['taskDescription']) || !isset($_POST['contig']) || !isset($_POST['endDate'])) { die('proper information not specified'); return; } // Require that someone is logged in first. if (!isset($_SESSION['userId'])) { die('Not logged in'); return; } $finalGroups = array(); foreach ($_POST['groups'] as $group) { $finalGroups[] = new MongoId(mongoGroupSanitize($group)); } assignTask(mongoIdSanitize($_SESSION['userId']), mongoUserSanitize($_SESSION['userName']), $finalGroups, mongoTextSanitize($_POST['taskDescription']), mongoIdSanitize($_POST['contig']), mongoNumberSanitize($_POST['endDate']));
<?php session_start(); // TODO(eriq): I would prefer if ids were used to fetch profiles, they are easier to sanitize. header('Content-type: application/json'); require_once '../db.php'; require_once '../functions.php'; $response = array(); $userName = null; if (isset($_GET['user']) && $_GET['user'] != '') { $userName = $_GET['user']; } else { if (isset($_SESSION['userName'])) { $userName = $_SESSION['userName']; } } if (!$userName) { $response['valid'] = false; $response['error'] = 'nouser'; } else { $response = getExpandedProfile(mongoUserSanitize($userName)); if ($response) { // TODO(eriq): This sucks. When we host somewhere on a default port, we can use our own image. $response['profilePic'] = getGravatar($response['meta']['email'], 200, 'http://i47.tinypic.com/wo26c.png'); $response['valid'] = true; } else { $response['valid'] = false; $response['error'] = 'cantfind'; } } echo json_encode($response);
<?php // You get automatic membership in created group. session_start(); require_once '../db.php'; if (!isset($_POST['groupName']) || !isset($_POST['groupDescription'])) { die('group name and desc must be present'); return; } // Require that someone is logged in first. if (!isset($_SESSION['userId'])) { die('Not logged in'); return; } createGroup(mongoIdSanitize($_SESSION['userId']), mongoUserSanitize($_SESSION['userName']), mongoGroupSanitize($_POST['groupName']), mongoTextSanitize($_POST['groupDescription']));
<?php session_start(); require_once '../db.php'; if (!isset($_POST['group'])) { die('group must be present'); return; } if (!isset($_SESSION['userId'])) { die('Not logged in'); return; } joinGroup(mongoIdSanitize($_SESSION['userId']), mongoUserSanitize($_SESSION['userName']), mongoIdSanitize($_POST['group']));
<?php session_start(); header('Content-type: application/json'); require_once '../db.php'; $response = array('valid' => false); if (!isset($_POST['user']) || !isset($_POST['hash'])) { $response['error'] = 'params'; } elseif (isset($_SESSION['userId'])) { // If already loged in, throw an error. $response['error'] = 'relog'; } else { $error = ''; if (attemptLogin(mongoUserSanitize($_POST['user']), mongoHexSanitize($_POST['hash']), $error)) { $response['valid'] = true; } else { // Return the same error for bad pass as no user //$response['error'] = $error; $response['error'] = 'badcombo'; } } echo json_encode($response);
<?php header('Content-type: application/json'); require_once '../db.php'; $response = array(); $response['valid'] = false; if (isset($_GET['name'])) { $response['info'] = getFullGeneInfo(mongoUserSanitize($_GET['name'])); if ($response['info']) { $response['valid'] = true; } } echo json_encode($response);
<?php session_start(); header('Content-type: application/json'); require_once '../db.php'; $response = array('valid' => false); if (!isset($_POST['user']) || !isset($_POST['hash']) || !isset($_POST['firstName']) || !isset($_POST['lastName']) || !isset($_POST['email'])) { $response['error'] = 'params'; } elseif (isset($_SESSION['userId'])) { // If already loged in, throw an error. $response['error'] = 'relog'; } else { $error = ''; if (attemptRegistration(mongoUserSanitize($_POST['user']), mongoHexSanitize($_POST['hash']), mongoUserSanitize($_POST['firstName']), mongoUserSanitize($_POST['lastName']), mongoEmailSanitize($_POST['email']), $error)) { $response['valid'] = true; } else { $response['error'] = $error; } } echo json_encode($response);