Пример #1
0
 //grab the mySQL connection
 $pdo = connectToEncryptedMySql("/etc/apache2/capstone-mysql/timecrunch.ini");
 //if the user session is empty, the user is not logged in, throw an exception
 if (empty($_SESSION["user"]) === true) {
     setXsrfCookie("/");
     throw new RuntimeException("Please log-in or sign up", 401);
 }
 //determine which HTTP method was used
 $method = array_key_exists("HTTP_X_HTTP_METHOD", $_SERVER) ? $_SERVER["HTTP_X_HTTP_METHOD"] : $_SERVER["REQUEST_METHOD"];
 $reply->method = $method;
 //sanitize the id
 $id = filter_input(INPUT_GET, "id", FILTER_VALIDATE_INT);
 //Handle REST calls
 if ($method === "GET") {
     //Set XSRF cookie
     setXsrfCookie("/");
     //Get Request based on given field
     if (empty($id) === false) {
         $request = Request::getRequestByRequestId($pdo, $id);
         if ($request !== null) {
             $reply->data = $request;
         }
     } else {
         $request = Request::getAllRequests($pdo);
         if ($request !== null) {
             $reply->data = $request;
         }
     }
 } elseif ($method === "PUT" || $method === "POST") {
     $requestContent = file_get_contents("php://input");
     $requestObject = json_decode($requestContent);
Пример #2
0
<?php

require_once dirname(__DIR__) . "/lib/xsrf.php";
/**
 * simple controller simply for handing out an xsrf token when booting the mobile app
 *
 * @author Bradley Brown tall.white.ninja@gmail.com
 */
if (session_status() !== PHP_SESSION_ACTIVE) {
    session_start();
}
setXsrfCookie('/');
Пример #3
0
 **/
// verify the session, start if not active
if (session_status() !== PHP_SESSION_ACTIVE) {
    session_start();
}
$reply = new stdClass();
$reply->status = 200;
$reply->data = null;
try {
    $pdo = connectToEncryptedMySQL("/etc/apache2/encrypted-config/ng-abq-dev.ini");
    $method = array_key_exists("HTTP_X_HTTP_METHOD", $_SERVER) ? $_SERVER["HTTP_X_HTTP_METHOD"] : $_SERVER["REQUEST_METHOD"];
    $id = filter_input(INPUT_GET, "id", FILTER_VALIDATE_INT);
    $profileId = filter_input(INPUT_GET, "profileId", FILTER_VALIDATE_INT);
    if ($method === "GET") {
        //set XSRF cookie
        setXsrfCookie();
        if (empty($id) === false) {
            $event = Beta\Event::getEventByEventId($pdo, $id);
            if ($event !== null) {
                $reply->data = $event;
            }
        } else {
            if (empty($profileId) === false) {
                $events = Beta\Event::getEventByEventProfileId($pdo, $profileId)->toArray();
                if ($events !== null) {
                    $reply->data = $events;
                }
            } else {
                $events = Beta\Event::getAllEvents($pdo)->toArray();
                if ($events !== null) {
                    $reply->data = $events;