// updating a POI requires update permission $session = get_session(); $user_id = $session['user']; $update_permission = $session['permissions']['update']; if (!$update_permission) { header("HTTP/1.0 401 Unauthorized"); die("Permission denied."); } $request_body = file_get_contents('php://input'); // print $request_body; $request_array = json_decode($request_body, true); if ($request_array != NULL) { $new_timestamp = time(); $uuid = pg_escape_string(key($request_array)); $poi_data = $request_array[$uuid]; $is_valid = validate_poi_data($poi_data); if (!$is_valid) { header("HTTP/1.0 400 Bad Request"); die("POI data validation failed!"); } $db_opts = get_db_options(); $pgcon = connectPostgreSQL($db_opts["sql_db_name"]); $fw_core_tbl = $db_opts['fw_core_table_name']; $uuid_exists_query = "SELECT count(*) FROM {$fw_core_tbl} WHERE uuid='" . $uuid . "'"; $uuid_exists_result = pg_query($uuid_exists_query); if (!$uuid_exists_result) { header("HTTP/1.0 500 Internal Server Error"); $error = pg_last_error(); die($error); } $row = pg_fetch_row($uuid_exists_result);
function handle_common_search_params() { $params = array(); $params['max_results'] = 9999; $params['components'] = get_supported_components(); if (isset($_GET['category'])) { $category = $_GET['category']; $esc_categories = escape_csv($category, "\""); $params['categories'] = $esc_categories; } if (isset($_GET['component'])) { $component = $_GET['component']; $esc_components = pg_escape_string($component); $components = explode(",", $esc_components); $params['components'] = $components; } if (isset($_GET['max_results'])) { $max_res = $_GET['max_results']; if (!is_numeric($max_res)) { header("HTTP/1.0 400 Bad Request"); die("'max_results' must be a positive integer value!"); } $max_results = intval($max_res); if ($max_results < 1) { header("HTTP/1.0 400 Bad Request"); die("'max_results' must be a positive integer value!"); } $params['max_results'] = $max_results; } if (isset($_GET['begin_time']) and isset($_GET['end_time'])) { $min_minutes = 1; //Default value if (isset($_GET['min_minutes'])) { $min_minutes = $_GET['min_minutes']; if (!is_numeric($min_minutes)) { header("HTTP/1.0 400 Bad Request"); die("'min_minutes' must be a positive integer value!"); } $min_minutes = intval($min_minutes); if ($min_minutes < 1) { header("HTTP/1.0 400 Bad Request"); die("'min_minutes' must be a positive integer value!"); } } $params['min_minutes'] = $min_minutes; if (isset($_GET['schedule'])) { $schedule_json = $_GET['schedule']; $schedule = json_decode($schedule_json); if ($schedule == NULL) { header("HTTP/1.0 400 Bad Request"); die("JSON decoding failed for 'schedule'. Is it valid JSON and properly url-encoded?"); } //TODO: Validate the schedule JSON against schema! $schedule_valid = validate_poi_data($schedule, 'schedule_schema_3.3.json'); if (!$schedule_valid) { header("HTTP/1.0 400 Bad Request"); die("'schedule' does not validate against JSON schema!"); } $schedule = json_decode($schedule_json, true); $params['schedule'] = $schedule; } $begin_time = $_GET['begin_time']; $end_time = $_GET['end_time']; $begin_time_obj = date_parse($begin_time); $end_time_obj = date_parse($end_time); if ($begin_time_obj['error_count'] != 0) { header("HTTP/1.0 400 Bad Request"); die("Error parsing 'begin_time'!"); } if ($end_time_obj['error_count'] != 0) { header("HTTP/1.0 400 Bad Request"); die("Error parsing 'end_time'!"); } $params['begin_time'] = $begin_time_obj; $params['end_time'] = $end_time_obj; } return $params; }
<?php /* * Project: FI-WARE * Copyright (c) 2014 Center for Internet Excellence, University of Oulu, All Rights Reserved * For conditions of distribution and use, see copyright notice in LICENSE */ require 'db.php'; require 'data_manager.php'; if ($_SERVER['REQUEST_METHOD'] == 'POST') { $request_body = file_get_contents('php://input'); // print $request_body; $request_array = json_decode($request_body, true); if ($request_array != NULL) { // print "JSON decoded succesfully!"; $is_valid = validate_poi_data($request_array); if (!$is_valid) { header("HTTP/1.0 400 Bad Request"); die("POI data validation failed!"); } $db_opts = get_db_options(); $pgcon = connectPostgreSQL($db_opts["sql_db_name"]); $uuid_generate_query = "SELECT uuid_generate_v4()"; $uuid_result = pg_query($uuid_generate_query); if (!$uuid_result) { header("HTTP/1.0 500 Internal Server Error"); $error = pg_last_error(); die($error); } $row = pg_fetch_row($uuid_result); $uuid = $row[0];