function validateLogin() { if (!Check::isemail($email = $_REQUEST['email'])) { return "ERROR: invalid email!"; } if (!Check::ismd5($password = $_REQUEST['password'])) { return "ERROR: bad password hash!"; } $p = new Participant(); if ($p->enrolled($email, $password)) { return "OK"; } return "ERROR: participant {$email} not found"; }
public function downloaddata() { try { if (Check::digits($_REQUEST['study_id'], $empty = false)) { $study_id = $_REQUEST['study_id']; } else { throw new Exception("bad study id!"); } global $studyname; $studyname = "study_{$study_id}"; if (isset($_REQUEST['task_id'])) { if (Check::digits($_REQUEST['task_id'], $empty = false)) { $task_id = $_REQUEST['task_id']; } else { throw new Exception("bad task id!"); } $studyname .= "-task_{$task_id}"; } if (isset($_REQUEST['email'])) { if (Check::isemail($_REQUEST['email'], $empty = false)) { $email = $_REQUEST['email']; } else { throw new Exception("bad email!"); } if (Check::ismd5($_REQUEST['password'])) { $password = $_REQUEST['password']; } else { throw new Exception("bad password!"); } $studyname .= "-{$email}"; } $d = new Data(); View::assign('csv', $d->task2CSV($study_id, $task_id, $email, $password)); View::assign('studyname', $studyname); global $contenttype; $contenttype = 'text-csv'; return 'downloaddata.tpl'; } catch (Exception $e) { $this->err($e); View::assign('error', $this->error); return 'error.tpl'; } }
public function tasklist($_id, $_extra = null) { try { $empty = false; if (!Check::digits($_id, $empty)) { if (!Check::isemail($_id, $empty)) { throw new Exception("bad email!"); } if (!Check::ismd5($_extra)) { throw new Exception("bad pw!"); } $where = "where participant.email='%s' and participant.password='******' "; } else { $where = "where study.study_id=%u "; } $this->run("select distinct task.task_id, task.task_title, schedule.* " . "from task join schedule using (task_id) " . "join study using (study_id) " . "join enrollment using (study_id) " . "join participant using (participant_id) " . $where . "and study.startdate <= schedule.startdate " . "and study.enddate >= schedule.enddate " . "and schedule.active = 1 " . "order by task.task_id", $_id, $_extra); return $this->resultarray(); } catch (Exception $e) { $this->err($e); return false; } }