function annotationDataSanitize($data)
{
$cleanData = array();
$cleanData['annotationId'] = mongoIdSanitize($data['annotationId']);
$cleanData['start'] = intval(preg_replace('/\\D/', '', $data['start']));
$cleanData['end'] = intval(preg_replace('/\\D/', '', $data['end']));
$cleanData['reverseComplement'] = $data['reverseComplement'] === 'true';
// TODO(eriq): Find out the possibilities.
$cleanData['geneName'] = $data['geneName'];
$cleanData['contigId'] = mongoIdSanitize($data['contigId']);
$cleanData['userId'] = mongoIdSanitize($data['userId']);
$cleanExons = array();
if (isset($data['exons'])) {
foreach ($data['exons'] as $key => $exon) {
$cleanExons[] = array('start' => intval(preg_replace('/\\D/', '', $exon['start'])), 'end' => intval(preg_replace('/\\D/', '', $exon['end'])));
}
}
$cleanData['exons'] = $cleanExons;
return $cleanData;
}
<?php
session_start();
header('Content-type: application/json');
require_once '../db.php';
if (!isset($_POST['pageTitle']) || !isset($_POST['pageName']) || !isset($_POST['pageHTML'])) {
die('not all paramaters provided');
return;
}
if (!isset($_SESSION['userId'])) {
die('Not logged in');
return;
}
$retStatus = setHelpPage(mongoIdSanitize($_SESSION['userId']), mongoNameSanitize($_POST['pageName']), mongoNameSanitize($_POST['pageTitle']), mongoHtmlSanitize($_POST['pageHTML']));
if (!$retStatus) {
echo json_encode(array('valid' => false));
} else {
echo json_encode(array('valid' => true));
}
<?php
session_start();
require_once '../db.php';
if (!isset($_POST['group'])) {
die('group must be present');
return;
}
if (!isset($_SESSION['userId'])) {
die('Not logged in');
return;
}
leaveGroup(mongoIdSanitize($_SESSION['userId']), mongoIdSanitize($_POST['group']));
<?php
// There may be a bug in IE(... lol) that would require the next two lines.
//header('Cache-Control: no-cache, must-revalidate');
//header('Expires: Mon, 26 Jul 1997 05:00:00 GMT');
// JSON plz.
header('Content-type: application/json');
//error_reporting(E_ALL);
//ini_set('display_errors', '1');
require_once '../db.php';
$rtn = array();
if (isset($_GET['id'])) {
$rtn['annotation'] = getAnnotation(mongoIdSanitize($_GET['id']));
$rtn['contig'] = getContig($rtn['annotation']['contig_id']);
$rtn['valid'] = $rtn['annotation'] && $rtn['contig'];
} else {
$rtn['valid'] = false;
}
echo json_encode($rtn);
<?php
session_start();
require_once '../db.php';
if (!isset($_POST['name']) || !isset($_POST['source']) || !isset($_POST['difficulty']) || !isset($_POST['species']) || !isset($_POST['sequence'])) {
die('group name and desc must be present');
return;
}
// Require that someone is logged in first.
if (!isset($_SESSION['userId'])) {
die('Not logged in');
return;
}
insertContig(mongoIdSanitize($_SESSION['userId']), mongoUserSanitize($_SESSION['userName']), mongoNameSanitize($_POST['name']), mongoNameSanitize($_POST['source']), mongoNameSanitize($_POST['species']), mongoNumberSanitize($_POST['difficulty']), mongoSequenceSanitize($_POST['sequence']));
<?php
session_start();
require_once '../db.php';
if (!isset($_POST['id'])) {
die('Notification ID not specified');
return;
}
if (!isset($_SESSION['userId'])) {
die('Not logged in');
return;
}
removeNotification(mongoIdSanitize($_SESSION['userId']), mongoIdSanitize($_POST['id']));
<?php
session_start();
header('Content-type: application/json');
require_once '../db.php';
if (!isset($_POST['contig'])) {
die('user and contig must be present');
return;
}
if (!isset($_SESSION['userId'])) {
die('Not logged in');
return;
}
$annotationId = createAnnotation(mongoIdSanitize($_SESSION['userId']), mongoIdSanitize($_POST['contig']));
if (!$annotationId) {
echo json_encode(array('valid' => false));
} else {
echo json_encode(array('valid' => true, 'annotationId' => $annotationId));
}
<?php
session_start();
require_once '../db.php';
if (!isset($_POST['groups']) || !isset($_POST['taskDescription']) || !isset($_POST['contig']) || !isset($_POST['endDate'])) {
die('proper information not specified');
return;
}
// Require that someone is logged in first.
if (!isset($_SESSION['userId'])) {
die('Not logged in');
return;
}
$finalGroups = array();
foreach ($_POST['groups'] as $group) {
$finalGroups[] = new MongoId(mongoGroupSanitize($group));
}
assignTask(mongoIdSanitize($_SESSION['userId']), mongoUserSanitize($_SESSION['userName']), $finalGroups, mongoTextSanitize($_POST['taskDescription']), mongoIdSanitize($_POST['contig']), mongoNumberSanitize($_POST['endDate']));
<?php
// You get automatic membership in created group.
session_start();
require_once '../db.php';
if (!isset($_POST['groupName']) || !isset($_POST['groupDescription'])) {
die('group name and desc must be present');
return;
}
// Require that someone is logged in first.
if (!isset($_SESSION['userId'])) {
die('Not logged in');
return;
}
createGroup(mongoIdSanitize($_SESSION['userId']), mongoUserSanitize($_SESSION['userName']), mongoGroupSanitize($_POST['groupName']), mongoTextSanitize($_POST['groupDescription']));
<?php
session_start();
require_once '../db.php';
if (!isset($_POST['group'])) {
die('group must be present');
return;
}
if (!isset($_SESSION['userId'])) {
die('Not logged in');
return;
}
joinGroup(mongoIdSanitize($_SESSION['userId']), mongoUserSanitize($_SESSION['userName']), mongoIdSanitize($_POST['group']));
<?php
header('Content-type: application/json');
require_once '../db.php';
$response = array();
$response['valid'] = false;
if (isset($_GET['id'])) {
$response['info'] = getFullContigInfo(mongoIdSanitize($_GET['id']));
if ($response['info']) {
$response['valid'] = true;
}
}
echo json_encode($response);
<?php
session_start();
// Get things like all the not-joined groups, joined groups,
// and contigs.
header('Content-type: application/json');
require_once '../db.php';
$response = array();
$response['valid'] = false;
if (!isset($_SESSION['userId'])) {
$response['error'] = 'nouser';
} else {
$info = getAdministrationInfo(mongoIdSanitize($_SESSION['userId']));
if ($info) {
$response['info'] = $info;
$response['valid'] = true;
}
}
echo json_encode($response);
