header("HTTP/1.1 400 Bad Request");
}
}
break;
case "moveWaypoint":
if ($_SERVER['REQUEST_METHOD'] == 'POST' && ctype_digit($cpost["id"]) && preg_match("/^-?[\\d\\.]+\$/", $cpost["lon"]) && preg_match("/^-?[\\d\\.]+\$/", $cpost["lat"])) {
$userid = $um->getUserIdFromCredentials();
echo "userid {$userid}";
if ($userid > 0) {
$user = new User($userid, $conn);
$wr = Walkroute::getWalkrouteFromWaypoint($conn, $cpost["id"]);
echo "walkroute user id " . $wr->getUserId();
if ($wr === null) {
header("HTTP/1.1 404 Not Found");
} elseif ($wr->getUserId() == $userid || $user->isAdmin()) {
Walkroute::moveWaypoint($conn, $cpost["id"], $cpost["lon"], $cpost["lat"]);
} else {
header("HTTP/1.1 401 Unauthorized");
}
} else {
header("HTTP/1.1 401 Unauthorized");
}
} else {
header("HTTP/1.1 400 Bad Request");
}
break;
case "deleteMultiWaypoints":
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
$userid = $um->getUserIdFromCredentials();
$deleted = array();
if ($userid <= 0) {
