Ejemplo n.º 1
  * test grabbing all Crews
 public function testGetAllValidCrews()
     //count the number of rows and save it for later
     $numRows = $this->getConnection()->getRowcount("crew");
     //create a new Crew and insert it into mySQL
     $crew = new Crew(null, $this->company->getCompanyId(), $this->VALID_CREWLOCATION);
     //grab the data from mySQL and enforce the fields match our expectations
     $pdoCrews = Crew::getAllCrews($this->getPDO());
     $this->assertEquals($numRows + 1, $this->getConnection()->getRowCount("crew"));
     foreach ($pdoCrews as $pdoCrew) {
         if ($pdoCrew->getCrewId() === $crew->getCrewId()) {
             $this->assertEquals($pdoCrew->getCrewId(), $crew->getCrewId());
             $this->assertEquals($pdoCrew->getCrewLocation(), $crew->getCrewLocation());
             $this->assertEquals($pdoCrew->getCrewCompanyId(), $crew->getCrewCompanyId());
Ejemplo n.º 2
  * test grabbing all Companies
 public function testGetAllCompanies()
     // count the number of rows and save it for later
     $numRows = $this->getConnection()->getRowCount("company");
     // create a new Company and insert to into mySQL
     // grab the data from mySQL and enforce the fields match our expectations
     $results = Company::getAllCompanies($this->getPDO());
     $this->assertEquals($numRows + 1, $this->getConnection()->getRowCount("company"));
     $this->assertCount(1, $results);
     $this->assertContainsOnlyInstancesOf("Edu\\Cnm\\Timecrunchers\\Company", $results);
     // grab the result from the array and validate it
     $pdoCompany = $results[0];
     $this->assertSame($pdoCompany->getCompanyName(), $this->VALID_COMPANYNAME);
     $this->assertSame($pdoCompany->getCompanyAddress1(), $this->VALID_COMPANYADDRESS1);
     $this->assertSame($pdoCompany->getCompanyAddress2(), $this->VALID_COMPANYADDRESS2);
     $this->assertSame($pdoCompany->getCompanyAttn(), $this->VALID_COMPANYATTN);
     $this->assertSame($pdoCompany->getCompanyState(), $this->VALID_COMPANYSTATE);
     $this->assertSame($pdoCompany->getCompanyCity(), $this->VALID_COMPANYCITY);
     $this->assertSame($pdoCompany->getCompanyZip(), $this->VALID_COMPANYZIP);
     $this->assertSame($pdoCompany->getCompanyPhone(), $this->VALID_COMPANYPHONE);
     $this->assertSame($pdoCompany->getCompanyEmail(), $this->VALID_COMPANYEMAIL);
     $this->assertSame($pdoCompany->getCompanyUrl(), $this->VALID_COMPANYURL);
Ejemplo n.º 3
        } else {
            $email = filter_var($requestObject->userEmail, FILTER_SANITIZE_EMAIL);
        // create user
        $user = User::getUserByUserEmail($pdo, $email);
        if (empty($user)) {
            throw new InvalidArgumentException("invalid email address");
        // hash for $password
        $hash = hash_pbkdf2("sha512", $password, $user->getUserSalt(), 262144);
        // verify hash is correct
        if ($hash !== $user->getUserHash()) {
            throw new \InvalidArgumentException("password or username is incorrect");
        // grabbing company from database and put company and user in the session
        $company = Company::getCompanyByCompanyId($pdo, $user->getUserCompanyId());
        $_SESSION["company"] = $company;
        $_SESSION["user"] = $user;
        $reply->message = "login was successful";
    } else {
        throw new \Exception("Invalid HTTP method");
} catch (\Exception $exception) {
    $reply->status = $exception->getCode();
    $reply->message = $exception->getMessage();
} catch (\TypeError $typeError) {
    $reply->status = $exception->getCode();
    $reply->message = $exception->getMessage();
header("Content-type: application/json");
echo json_encode($reply);
Ejemplo n.º 4
     if (empty($requestObject->companyAttn) !== true) {
         $companyAttn = filter_var($requestObject->companyAttn, FILTER_SANITIZE_STRING, FILTER_FLAG_NO_ENCODE_QUOTES);
     } else {
         $companyAttn = null;
     if (empty($requestObject->companyUrl) !== true) {
         $companyUrl = filter_var($requestObject->companyUrl, FILTER_SANITIZE_URL);
     } else {
         $companyUrl = null;
 //		if($password !== $verifyPassword) {
 //			throw(new InvalidArgumentException ("Password and verify password must match."));
 //		}
 //create a new company for the user
 $company = new Company(null, $companyAttn, $companyName, $companyAddress1, $companyAddress2, $companyCity, $companyState, $companyZip, "111-111-1111", $companyEmail, $companyUrl);
 //create a new crew for the user
 $crew = new Crew(null, $company->getCompanyId(), "");
 //create new user
 //create password salt, hash and activation code
 $activation = bin2hex(random_bytes(16));
 $salt = bin2hex(random_bytes(32));
 $hash = hash_pbkdf2("sha512", "password", $salt, 262144);
 $user = new User(null, $company->getCompanyId(), $crew->getCrewId(), Access::ADMIN, "5055551212", $userFirstName, $userLastName, $userEmail, $activation, $hash, $salt);
 $messageSubject = "Time Crunch Account Activation";
 //building the activation link that can travel to another server and still work. This is the link that will be clicked to confirm the account.
 // FIXME: make sure URL is /public_html/activation/$activation
 $basePath = dirname($_SERVER["SCRIPT_NAME"], 4);
Ejemplo n.º 5
                    $company = new Company($companyId, $requestObject->companyName, $requestObject->companyAddress1, $requestObject->companyAddress2, $requestObject->companyAttn, $requestObject->companyState, $requestObject->companyCity, $requestObject->companyZip, $requestObject->companyPhone, $requestObject->companyEmail, $requestObject->companyUrl);
                    $reply->message = "Company updated OK";
                } else {
                    if ($method === "POST") {
                        $company = new Company(null, $requestObject->companyName, $requestObject->companyAddress1, $requestObject->companyAddress2, $requestObject->companyAttn, $requestObject->companyState, $requestObject->companyCity, $requestObject->companyZip, $requestObject->companyPhone, $requestObject->companyEmail, $requestObject->companyUrl);
                        $reply->message = "Company created OK";
        } else {
            if ($method === "DELETE") {
                $company = Company::getCompanyByCompanyId($pdo, $companyId);
                if ($company === null) {
                    throw new RuntimeException("Company does not exist", 404);
                $deletedObject = new stdClass();
                $deletedObject->companyId = $companyId;
                $reply->message = "Company deleted OK";
            } else {
                throw new \RuntimeException("Must be an administrator to access.");
    //send exception back to the caller
} catch (Exception $exception) {
    $reply->status = $exception->getCode();