if ($userid > 0) { $routes = Walkroute::getRoutesByUser($conn, $userid); Walkroute::outputRoutes($routes, $format); } else { header("HTTP/1.1 400 Bad Request"); } } break; case "edit": if ($_SERVER['REQUEST_METHOD'] == 'POST') { $userid = $um->getUserIdFromCredentials(); if ($userid <= 0) { header("HTTP/1.1 401 Unauthorized"); } else { $wr = new Walkroute($conn, $cpost["id"]); $wr->updateRoute($cpost["route"], $format); } } break; case "delete": if ($_SERVER['REQUEST_METHOD'] == 'POST') { if (ctype_digit($cpost["id"])) { $wr = new Walkroute($conn, $cpost["id"]); $userid = $um->getUserIdFromCredentials(); $user = new User($userid, $conn); if ($userid <= 0 || $wr->getUserId() != $userid && !$user->isAdmin()) { header("HTTP/1.1 401 Unauthorized"); } else { $wr->delete(); } } else {