function checkAuthentication() { //Display error exits the script (so no need to return) //If this is a login or create user call we can skip the authentication check //These are the only two functions that get this priviledge if (getIntendedFunction() == APIKeys::$FUNCTION_LOGIN || getIntendedFunction() == APIKeys::$FUNCTION_CREATE_ACCOUNT) { return 0; } //Make sure they sent an auth token if (!parameterExists(APIKeys::$AUTH_TOKEN)) { displayError("Need auth token"); } //Check the POST['AUTH_TOKEN'] $userId = APIDb::userIdForAuthToken(getParameter(APIKEYS::$AUTH_TOKEN), getParameter(APIKeys::$TIMEZONE)); //If bad return an error response and exit if ($userId < 1) { displayError("Invalid Auth Token"); } //If good, do nothing and continue return $userId; }
function createActivity($userId, $timezone) { //Check if (!parameterExists(APIKeys::$ACTIVITY_NAME) && !parameterExists(APIKeys::$ACTIVITY_DURATION)) { displayError("Create Activity: Please supply an activity name and activty duration as part of the request"); } else { if (!parameterExists(APIKeys::$ACTIVITY_NAME)) { displayError("Create Activity: Please supply an activity name as part of the request"); } else { if (!parameterExists(APIKeys::$ACTIVITY_DURATION)) { displayError("Create Activity: Please supply an activity duration as part of the request"); } } } //Get values $activityName = getParameter(APIKeys::$ACTIVITY_NAME); $activityDuration = getParameter(APIKeys::$ACTIVITY_DURATION); //Create activity $result = APIDb::createActivity($userId, $activityName, $activityDuration, $timezone); //Show Response response($result); }