if (empty($requestObject->profileNameL) === true) { throw new InvalidArgumentException("last name is a required field", 406); } if (empty($requestObject->profilePhone) === true) { throw new InvalidArgumentException("phone number is a required field", 406); } } // put if ($method === "PUT") { $profile = Profile::getProfileByProfileId($pdo, $profileId); if ($profile === null) { throw new RuntimeException("profile does not exist", 404); } //make sure the user is only attempting to edit their own profile //if not throw an exception $security = Profile::getProfileByProfileId($pdo, $_SESSION["profile"]->getProfileId()); if ($security->getProfileId() === false && $_SESSION["profile"]->getProfileId() !== $profile->getProfileId()) { $_SESSION["profile"]->setProfileId(false); throw new RunTimeException("You can only modify your own profile", 403); } $profile->setProfileEmail($requestObject->profileEmail); $profile->setProfileNameF($requestObject->profileNameF); $profile->setProfileNameL($requestObject->profileNameL); $profile->setProfilePhone($requestObject->profilePhone); //require a password, hash it, and set it if ($requestObject->Password !== null) { $hash = hash_pbkdf2("sha512", $requestObject->Password, $profile->getProfileSalt(), 262144, 128); $profile->setProfileHash($hash); } if (empty($requestObject->password) === true) { throw new \PDOException("password is a required field");
/** * test grabbing a Profile that does not exist **/ public function testGetInvalidProfileByProfileId() { // grab a profile id that exceeds the maximum allowable profile id $profile = Profile::getProfileByProfileId($this->getPDO(), JpegeryTest::INVALID_KEY); $this->assertNull($profile); }