$row = $result->fetch_assoc();
$encrypted_username_password_hash = $row["password"];
// Password is stored in the dB as: sha1($plaintext_username.$plaintext_password)
$query_strings = explode("&key=", $_SERVER['QUERY_STRING']);
$query_string = $query_strings[0];
$encoded_params = sha1($query_string . $encrypted_username_password_hash);
// This is the same as: sha1($params.sha1($plaintext_username.$plaintext_password))
if ($encoded_params != $encoded_key) {
throw new Exception("Hash doesn't match");
}
//Client hash doesn't match server hash.
// The request has now been authenticated
// Call the requested controller/action
switch ($controller) {
case "people":
people($id, $action, $year);
break;
case "crews":
crews($id, $action, $year);
break;
case "operations":
operations($id, $action, $year);
break;
case "rappels":
rappels($id, $action, $year);
break;
case "ropes":
ropes($id, $action, $year);
break;
case "genies":
genies($id, $action, $year);
function content($where, $type, $amount, $style, $filename)
{
if (strpos($filename, 'index')) {
$title = "HOME";
$link = "index";
}
if (strpos($filename, 'sport')) {
$title = "THE SPORT";
$link = "sport";
}
if (strpos($filename, 'rules')) {
$title = "THE RULES";
$link = "rules";
}
if (strpos($filename, 'more')) {
$title = "MORE TURKIBALL";
$link = "more";
}
echo " <div class = \"content\">\n";
echo " <div class = \"spacer\"></div>\n";
echo " <h1><a class = \"lightbg\" href = \"http://www.turkiball.com/" . $link . ".php\">" . $title . "</a></h1>\n";
echo " <br>\n";
echo " <div class = \"contentline\"></div>\n";
echoContent($filename);
entries($type, $amount, $style);
if (strpos($filename, 'people') && !strpos($filename, '?')) {
people();
} elseif (strpos($filename, 'pictures')) {
pictures();
}
echo " <br><br><br><br><br><br><br><br><br>\n";
echo " </div>\n";
}
function content($where, $type, $amount, $style, $filename)
{
if ($where == 0) {
$title = "HOME";
} elseif ($where == 1) {
$title = "THE FEED";
} elseif ($where == 2) {
$title = "THE LEAGUE";
} else {
echo "Error: invalid {$where} parameter passed.\n";
}
echo " <div class = \"content\">\n";
echo " <div class = \"spacer\"></div>\n";
echo " <h1><a class = \"lightbg\" href = \"http://www.turkiball.com/feed/index.php\">" . $title . "</a></h1>\n";
echo " <br>\n";
echo " <div class = \"contentline\"></div>\n";
echoContent($filename);
entries($type, $amount, $style);
if (strpos($filename, 'people') && !strpos($filename, '?')) {
people();
} elseif (strpos($filename, 'pictures')) {
pictures();
}
echo " <br><br><br><br><br><br><br><br><br>\n";
echo " </div>\n";
}
function main()
{
$action = $_REQUEST["action"];
if ($action == "topics") {
$data = topics();
} else {
if ($action == "types") {
$data = types();
} else {
if ($action == "people") {
$data = people();
} else {
$data = projects();
}
}
}
header("Content-Type: application/json");
header("Access-Control-Allow-Origin: *");
echo json_encode($data);
}
