<?php
session_start();
require_once '../db.php';
if (!isset($_POST['name']) || !isset($_POST['source']) || !isset($_POST['difficulty']) || !isset($_POST['species']) || !isset($_POST['sequence'])) {
die('group name and desc must be present');
return;
}
// Require that someone is logged in first.
if (!isset($_SESSION['userId'])) {
die('Not logged in');
return;
}
insertContig(mongoIdSanitize($_SESSION['userId']), mongoUserSanitize($_SESSION['userName']), mongoNameSanitize($_POST['name']), mongoNameSanitize($_POST['source']), mongoNameSanitize($_POST['species']), mongoNumberSanitize($_POST['difficulty']), mongoSequenceSanitize($_POST['sequence']));
<?php
header('Content-type: application/json');
require_once '../db.php';
$group = array();
$group['valid'] = false;
if (isset($_GET['id'])) {
$group = getFullGroupInfo(mongoUserSanitize($_GET['id']));
if ($group) {
$group['valid'] = true;
}
}
echo json_encode($group);
<?php
session_start();
require_once '../db.php';
if (!isset($_POST['groups']) || !isset($_POST['taskDescription']) || !isset($_POST['contig']) || !isset($_POST['endDate'])) {
die('proper information not specified');
return;
}
// Require that someone is logged in first.
if (!isset($_SESSION['userId'])) {
die('Not logged in');
return;
}
$finalGroups = array();
foreach ($_POST['groups'] as $group) {
$finalGroups[] = new MongoId(mongoGroupSanitize($group));
}
assignTask(mongoIdSanitize($_SESSION['userId']), mongoUserSanitize($_SESSION['userName']), $finalGroups, mongoTextSanitize($_POST['taskDescription']), mongoIdSanitize($_POST['contig']), mongoNumberSanitize($_POST['endDate']));
<?php
session_start();
// TODO(eriq): I would prefer if ids were used to fetch profiles, they are easier to sanitize.
header('Content-type: application/json');
require_once '../db.php';
require_once '../functions.php';
$response = array();
$userName = null;
if (isset($_GET['user']) && $_GET['user'] != '') {
$userName = $_GET['user'];
} else {
if (isset($_SESSION['userName'])) {
$userName = $_SESSION['userName'];
}
}
if (!$userName) {
$response['valid'] = false;
$response['error'] = 'nouser';
} else {
$response = getExpandedProfile(mongoUserSanitize($userName));
if ($response) {
// TODO(eriq): This sucks. When we host somewhere on a default port, we can use our own image.
$response['profilePic'] = getGravatar($response['meta']['email'], 200, 'http://i47.tinypic.com/wo26c.png');
$response['valid'] = true;
} else {
$response['valid'] = false;
$response['error'] = 'cantfind';
}
}
echo json_encode($response);
<?php
// You get automatic membership in created group.
session_start();
require_once '../db.php';
if (!isset($_POST['groupName']) || !isset($_POST['groupDescription'])) {
die('group name and desc must be present');
return;
}
// Require that someone is logged in first.
if (!isset($_SESSION['userId'])) {
die('Not logged in');
return;
}
createGroup(mongoIdSanitize($_SESSION['userId']), mongoUserSanitize($_SESSION['userName']), mongoGroupSanitize($_POST['groupName']), mongoTextSanitize($_POST['groupDescription']));
<?php
session_start();
require_once '../db.php';
if (!isset($_POST['group'])) {
die('group must be present');
return;
}
if (!isset($_SESSION['userId'])) {
die('Not logged in');
return;
}
joinGroup(mongoIdSanitize($_SESSION['userId']), mongoUserSanitize($_SESSION['userName']), mongoIdSanitize($_POST['group']));
<?php
session_start();
header('Content-type: application/json');
require_once '../db.php';
$response = array('valid' => false);
if (!isset($_POST['user']) || !isset($_POST['hash'])) {
$response['error'] = 'params';
} elseif (isset($_SESSION['userId'])) {
// If already loged in, throw an error.
$response['error'] = 'relog';
} else {
$error = '';
if (attemptLogin(mongoUserSanitize($_POST['user']), mongoHexSanitize($_POST['hash']), $error)) {
$response['valid'] = true;
} else {
// Return the same error for bad pass as no user
//$response['error'] = $error;
$response['error'] = 'badcombo';
}
}
echo json_encode($response);
<?php
header('Content-type: application/json');
require_once '../db.php';
$response = array();
$response['valid'] = false;
if (isset($_GET['name'])) {
$response['info'] = getFullGeneInfo(mongoUserSanitize($_GET['name']));
if ($response['info']) {
$response['valid'] = true;
}
}
echo json_encode($response);
<?php
session_start();
header('Content-type: application/json');
require_once '../db.php';
$response = array('valid' => false);
if (!isset($_POST['user']) || !isset($_POST['hash']) || !isset($_POST['firstName']) || !isset($_POST['lastName']) || !isset($_POST['email'])) {
$response['error'] = 'params';
} elseif (isset($_SESSION['userId'])) {
// If already loged in, throw an error.
$response['error'] = 'relog';
} else {
$error = '';
if (attemptRegistration(mongoUserSanitize($_POST['user']), mongoHexSanitize($_POST['hash']), mongoUserSanitize($_POST['firstName']), mongoUserSanitize($_POST['lastName']), mongoEmailSanitize($_POST['email']), $error)) {
$response['valid'] = true;
} else {
$response['error'] = $error;
}
}
echo json_encode($response);
