public function post_array($array, &$message) { $location = new Location(); $location->name = $array["name"]; $location->latitude = $array["latitude"]; $location->longitude = $array["longitude"]; $location->userid = $array["userid"]; if (empty($location->userid)) { // add to logged in user by default $user = apiDB::getUserByEmail($_SERVER['PHP_AUTH_USER']); $location->userid = $user->id; } else { // check permission ... $user = apiDB::getUser($location->userid); if ($_SERVER['PHP_AUTH_USER'] != $user->email && $this->access <= 1) { $message = "Not authorized to update location for User " . $location->userid; return 401; } } if ($this->access < 1) { $message = "Not authorized to add any locations: guest or disabled account"; return 401; } return apiDB::addLocation($location, $message); }