$request_array = json_decode($request_body, true); $disable = FALSE; if (isset($_GET['disable'])) { $disable = strtoupper(pg_escape_string($_GET['disable'])) != 'FALSE'; } if ($request_array != NULL) { $new_timestamp = time(); $user_id = pg_escape_string(key($request_array)); $received_user_data = $request_array[$user_id]; $new_user_data = array(); foreach ($fields_to_update as $key) { if (isset($received_user_data[$key])) { $new_user_data[$key] = $received_user_data[$key]; } } $is_valid = validate_user_data($new_user_data); if (!$is_valid) { header("HTTP/1.0 400 Bad Request"); die("User data validation failed!"); } $db_opts = get_db_options(); $mongodb = connectMongoDB($db_opts['mongo_db_name']); $users = $mongodb->_users; $_auth = $mongodb->_auth; $old_user_data = $users->findOne(array("_id" => $user_id), array("_id" => false)); if ($old_user_data == NULL) { header("HTTP/1.0 404 Not found"); die('User unrecognized or cannot be modified'); } // guard for update conflicts $update_timestamp = 0;
if (!$admin_permission) { header("HTTP/1.0 403 Forbidden"); die("Permission denied."); } $site_info_s = file_get_contents("./site_info.json"); $site_info = json_decode($site_info_s, true); $no_mail = FALSE; if (isset($_GET['no_mail'])) { $no_mail = strtoupper(pg_escape_string($_GET['no_mail'])) != 'FALSE'; } $request_body = file_get_contents('php://input'); // print $request_body; $user_data = json_decode($request_body, true); if ($user_data != NULL) { // print "JSON decoded succesfully!"; $is_valid = validate_user_data($user_data); if (!$is_valid) { header("HTTP/1.0 400 Bad Request"); die("Invalid user data"); } if (!$user_data['email']) { header("HTTP/1.0 400 Bad Request"); die("Email address missing."); } $email = $user_data['email']; $db_opts = get_db_options(); $user_id = poi_new_uuid_v4(); $timestamp = time(); $mongodb = connectMongoDB($db_opts['mongo_db_name']); $registration_key = poi_new_key(); $user_data["_id"] = $user_id;