Exemple #1
0
                 $username = filter_var($requestObject->username, FILTER_SANITIZE_STRING, FILTER_FLAG_NO_ENCODE_QUOTES);
             }
         }
     }
     if (empty($requestObject->password) === true) {
         throw new \InvalidArgumentException("Please enter a password", 404);
     } else {
         $password = filter_var($requestObject->password, FILTER_SANITIZE_STRING, FILTER_FLAG_NO_ENCODE_QUOTES);
     }
     $profile = null;
     if (isset($email)) {
         $profile = Profile::getProfileByString($pdo, "profileEmail", $email)[0];
         // Grab only result since email is unique
     } else {
         if (isset($username)) {
             $profile = Profile::getProfileByString($pdo, "profileUserName", $username)[0];
             // Grab only result since username is unique
         }
     }
     if ($profile === null) {
         throw new \InvalidArgumentException($invalidMessage, 405);
     }
     $hash = hash_pbkdf2("sha512", $password, $profile->getProfileSalt(), 262144);
     if ($hash !== $profile->getProfileHash()) {
         throw new \InvalidArgumentException($invalidMessage, 405);
     }
     $_SESSION["profile"] = $profile;
     $reply->message = "Successfully logged in!";
 } else {
     throw new \RuntimeException("Method not allowed.");
 }
Exemple #2
0
            }
            $profile = Beta\Profile::getProfileByProfileId($pdo, $id);
            if ($profile === null) {
                throw new \RuntimeException("Profile does not exist.", 404);
            }
            $profile->setProfileAdmin($requestObject->profileAdmin);
            $profile->setProfileNameFirst($requestObject->profileNameFirst);
            $profile->setProfileNameLast($requestObject->profileNameLast);
            $profile->setProfileEmail($requestObject->profileEmail);
            $profile->setProfileUserName($requestObject->profileUserName);
            $profile->update($pdo);
            $reply->message = "Profile updated successfully.";
        } else {
            if ($method === "DELETE") {
                verifyXsrf();
                $profile = Beta\Profile::getProfileByProfileId($pdo, $id);
                if ($profile === null) {
                    throw new RuntimeException("Profile does not exist.", 404);
                }
                $profile->delete($pdo);
                $reply->message = "Profile successfully deleted.";
            } else {
                throw new \RuntimeException("Method not allowed.");
            }
        }
    }
} catch (Exception $exception) {
    $reply->status = $exception->getCode();
    $reply->message = $exception->getMessage();
    $reply->trace = $exception->getTraceAsString();
} catch (TypeError $typeError) {