$current = filter_input(INPUT_GET, "current", FILTER_VALIDATE_BOOLEAN); //handle REST calls if ($method === "GET") { //set XSRF cookie setXsrfCookie("/"); //get the profile based on the given field if (empty($profileId) === false) { // $profile = Profile::getProfileByProfileId($pdo, $profileId); // if($profile !== null && $profile->getProfileId() === $_SESSION["profile"]->getProfileId()) { // $reply->data = $profile; // } $profile = Profile::getProfileByProfileId($pdo, $profileId); $reply->data = $profile; } else { if (empty($profileEmail) === false) { $profile = Profile::getProfileByProfileEmail($pdo, $profileEmail); if ($profile !== null && $profile->getProfileId() === $_SESSION["profile"]->getProfileId()) { $reply->data = $profile; } } else { if (empty($profileHandle) === false) { $profile = Profile::getProfileByProfileHandle($pdo, $profileHandle); if ($profile !== null && $profile->getProfileId() === $_SESSION["profile"]->getProfileId()) { $reply->data = $profile; } } else { if (empty($profileNameF) === false) { $profile = Profile::getProfileByProfileNameF($pdo, $profileNameF); if ($profile !== null && $profile->getProfileId() === $_SESSION["profile"]->getProfileId()) { $reply->data = $profile; }
session_start(); } //Create an empty reply $reply = new stdClass(); $reply->status = 200; $reply->data = null; try { // verify user login options // $pdo //Connect to mysql encrypted; verifyXsrf(); $requestContent = file_get_contents("php://input"); $requestObject = json_decode($requestContent); //grab the mySQL connection $pdo = connectToEncryptedMySQL("/etc/apache2/capstone-mysql/jpegery.ini"); try { $profile = Profile::getProfileByProfileEmail($pdo, $requestObject->emailHandlePhone); } catch (Exception $exception) { $profile = null; } if ($profile === null) { $profile = Profile::getProfileByProfileHandle($pdo, $requestObject->emailHandlePhone); } if ($profile === null) { $profile = Profile::getProfileByProfilePhone($pdo, $requestObject->emailHandlePhone); } // if login options cannot be verified throw exception if ($profile === null) { throw new \RuntimeException("User name or password is incorrect"); } $hash = hash_pbkdf2("sha512", $requestObject->password, $profile->getProfileSalt(), 262144); // if login credentials are valid; start session