<?php
require_once '../nl-init.php';
require_once '../class/nl-auth-class.php';
require_once 'api_headers.php';
if (is_get()) {
$auth = Auth::getInstance();
echo $auth->getJson();
} elseif (is_post()) {
$emailaddress = _post("emailaddress", "");
$password = _post("password", "");
$fbEmail = _post("fbEmail", "");
$fbID = _post("fbID", "");
$fbName = _post("fbName", "");
try {
$auth = Auth::getInstance();
if ($fbEmail != "") {
echo $auth->fbLogin($fbEmail, $fbID, $fbName)->getJson();
} else {
echo $auth->login($emailaddress, $password)->getJson();
}
} catch (Exception $e) {
$result = array("errCode" => $e->getCode(), "errMessage" => $e->getMessage());
echo json_encode($result);
}
} elseif (is_del()) {
$auth = Auth::getInstance();
echo $auth->logout()->getJson();
}
// here, we have to GET params in POST method
$replyID = _get("replyID", 0);
$replyStatement = _post("replyStatement", "");
// deprecated in current design
$replyContent = _post("replyContent", "");
$replyType = _post("replyType", "");
if ($newsID <= 0 || $replyType == "" || $replyType != "like" && $replyContent == "") {
throw new Exception("missing parameters", -1);
}
$replyObj = new Reply();
$replyObj->saveReply($replyID, $newsID, $userID, $replyStatement, $replyContent, $replyType);
$result = $replyObj->getArray();
}
echo json_encode($result);
} else {
if (is_del()) {
$newsID = _get("newsID", 0);
$replyID = _get("replyID", 0);
$subReplyID = _get("subReplyID", 0);
if ($replyID == 0) {
throw new Exception("no such replyID", -1);
}
$auth = Auth::getInstance();
$replyObj = new Reply($replyID);
$userID = $replyObj->getReplyUserID($subReplyID);
if ($userID != $auth->getUserID()) {
throw new Exception("unauthorized deletion", -1);
}
$replyObj->removeReply($subReplyID);
if ($subReplyID > 0) {
echo $replyObj->getJson();
