Skip to content
Snippets Groups Projects
Commit 7618e1e7 authored by Σταύρος Παπαδάκης's avatar Σταύρος Παπαδάκης
Browse files

Add academic id input check

parent 5ba298e9
No related branches found
No related tags found
No related merge requests found
......@@ -73,6 +73,31 @@ if (!function_exists('getallheaders'))
}
}
/**
* Check the input
*
* @return true|mixed True in case of valid input, or response and exit
*/
function check_input($identity)
{
$valid = true;
if (preg_match('/^[0-9]{12}$/', $identity) !== 1) {
$valid = [
"message" => "Error: Malformed identity"
];
}
if ($valid !== true) {
http_response_code(500);
header("Content-Type: application/json");
echo json_encode($valid);
exit(0);
}
return true;
}
/**
* Check the authentication header
*
......@@ -109,7 +134,7 @@ function check_authentication_header($username, $password)
exit(0);
}
return true;
return true;
}
/**
......@@ -117,11 +142,13 @@ function check_authentication_header($username, $password)
*/
switch ($params['operation']) {
case 'queryID':
header("Content-Type: application/json");
check_authentication_header($params['secure_endpoint_username'], $params['secure_endpoint_password']);
header("Content-Type: application/json");
$result = wscall($params);
break;
case 'queryIDnoCD':
check_authentication_header($params['secure_endpoint_username'], $params['secure_endpoint_password']);
check_input($params['identity']);
header("Content-Type: text/plain");
$result = json_decode(wscall($params), true);
$IDis = $result !== null &&
......@@ -131,6 +158,7 @@ switch ($params['operation']) {
$result = "isStudent:" . ($IDis ? 'true' : 'false');
break;
case 'testServiceStatus':
check_authentication_header($params['secure_endpoint_username'], $params['secure_endpoint_password']);
header("Content-Type: text/plain");
$result = "StudentID sent was:" . trim(filter_input(INPUT_GET, 'id'));
break;
......
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment