-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathdelete.php
executable file
·104 lines (93 loc) · 5.21 KB
/
delete.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
<?php
include "./metrics.php";
include "./servicedata.php";
include "./healthdata.php";
include "./fooddata.php";
$category_id = $_GET["category"];
$metric_id = $_GET["metric"];
$datapoint_id = $_GET["datapoint"];
$service_id = $_GET["service"];
// Authenticate using provided service ID.
$service_id = strtolower($service_id);
if ($service_id != preg_replace("/[^a-f0-9]/", '', $service_id)) { // Check to see if the service identifier contains disallowed characters.
echo "{\"error\": {\"id\": \"invalid_serviceV, \"invalid_metric\": \"disallowed_characters\", \"description\": \"The service identifier contains invalid characters.\"}}";
exit();
}
if (strlen($service_id) > 100) { // Check to see if the service identifier is excessively long.
echo "{\"error\": {\"id\": \"invalid_service\", \"invalid_metric\": \"too_long\", \"description\": \"The service identifier is excessively long.\"}}";
exit();
} else if (strlen($service_id) < 8) {
echo "{\"error\": {\"id\": \"invalid_service\", \"invalid_metric\": \"too_short\", \"description\": \"The service identifier is too short.\"}}";
exit();
}
$services = load_servicedata();
$associated_user = find_serviceid($service_id, $services); // Search for the provided service ID in the service database.
if ($associated_user == false) {
echo "{\"error\": {\"id\": \"invalid_service\", \"invalid_metric\": \"not_found\", \"description\": \"The specified service identifier does not exist.\"}}";
exit();
}
$food_data = load_food();
$metrics = load_metrics();
for ($x = 0; $x <= 10; $x++) { // Run 10 times, checking to see if this file is unlocked.
if (is_file_unlocked($healthdata_database_filepath)) {
lock_file($healthdata_database_filepath);
$health_data = load_healthdata();
break; // Exit the loop
} else {
usleep(100*1000); // Wait briefly for the file to become unlocked.
}
}
if (!isset($health_data)) { // Check to see if the health data was never loaded after several checks in the previous step.
echo "{\"error\": {\"id\": \"system\", \"reason\": \"file_is_locked\", \"description\": \"The health data file is locked for writing by another process.\"}}";
exit();
}
if (in_array($category_id, array_keys($metrics)) == false) { // Check to see if the submitted category ID does not exist in the metrics database.
echo "{\"error\": {\"id\": \"invalid_category\", \"description\": \"The specified category ID does not exist.\"}}";
unlock_file($healthdata_database_filepath);
exit();
}
if (in_array($metric_id, array_keys($metrics[$category_id]["metrics"])) == false) { // Check to see if the submitted metric ID does not exist in the metrics database.
echo "{\"error\": {\"id\": \"invalid_metric\", \"description\": \"The specified metric ID does not exist.\"}}";
unlock_file($healthdata_database_filepath);
exit();
}
// Verify that the permissions of the specified service ID allow it to write to this metric.
if (check_permissions_action($service_id, "data-writeall", $services) == true) {
$access = true;
} else { // Otherwise, check to see if this service can access this specific metric.
$access = check_permissions_access($service_id, $category_id, $metric_id, "w", $services);
}
if ($access == false) {
echo "{\"error\": {\"id\": \"invalid_service\", \"invalid_metric\": \"permission_denied\", \"description\": \"The specified service identifier does not have permission to write to the specified metric.\"}}";
unlock_file($healthdata_database_filepath);
exit();
}
if (in_array($associated_user, array_keys($health_data))) { // Check to see if this user exists in the health data.
if (in_array($category_id, array_keys($health_data[$associated_user]))) { // Check to see if this category exists in this user's health data.
if (in_array($metric_id, array_keys($health_data[$associated_user][$category_id]))) { // Check to see if this metric exists in this user's health data.
if (in_array($datapoint_id, array_keys($health_data[$associated_user][$category_id][$metric_id]))) { // Check to see if this datapoint exists in this user's health data.
$health_data = delete_datapoint($health_data, $associated_user, $category_id, $metric_id, $datapoint_id);
} else {
echo "{\"error\": {\"id\": \"not_found\", \"description\": \"The specified datapoint does not exist.\"}}";
unlock_file($healthdata_database_filepath);
exit();
}
} else {
echo "{\"error\": {\"id\": \"not_found\", \"description\": \"The specified datapoint does not exist.\"}}";
unlock_file($healthdata_database_filepath);
exit();
}
} else {
echo "{\"error\": {\"id\": \"not_found\", \"description\": \"The specified datapoint does not exist.\"}}";
unlock_file($healthdata_database_filepath);
exit();
}
} else {
echo "{\"error\": {\"id\": \"not_found\", \"description\": \"The specified datapoint does not exist.\"}}";
unlock_file($healthdata_database_filepath);
exit();
}
save_healthdata($health_data);
unlock_file($healthdata_database_filepath);
echo "{\"success\": {\"description\": \"Datapoint \"$category_id - $metric_id - $datapoint_id\" has been deleted.\"}}";
?>