Nextrek
Diff Revisions 653 vs 728 for /Android/SmartCharging/endPoints/upload_avatar.php
| @@ -18,13 +18,6 @@ | |||
| 18 | 18 | $conn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION); | |
| 19 | 19 | //echo "Connesso con successo al DB"; | |
| 20 | 20 | ||
| 21 | - | if (!array_key_exists("token", $_POST) || !UserRepository::checkToken($_POST["token"], $conn)) { | |
| 22 | - | $risposta = createErrorMessage(-1, "Token non valido"); | |
| 23 | - | //$risposta["return"] = -1; | |
| 24 | - | echo json_encode($risposta); | |
| 25 | - | die(); | |
| 26 | - | } | |
| 27 | - | ||
| 28 | 21 | if (!array_key_exists("user_id", $_POST) || !array_key_exists("avatar_name", $_POST)) { | |
| 29 | 22 | $risposta = createErrorMessage(1, "Parametro \"user_id\" o \"avatar_name\" non valido o presente"); | |
| 30 | 23 | //$risposta["return"] = 1; | |
| @@ -32,6 +25,16 @@ | |||
| 32 | 25 | echo json_encode($risposta); | |
| 33 | 26 | die(); | |
| 34 | 27 | } | |
| 28 | + | ||
| 29 | + | //if (!array_key_exists("token", $_POST) || !UserRepository::checkToken($_POST["token"], $conn)) { | |
| 30 | + | if (!array_key_exists("token", $_POST) || $_POST["token"] === "" || | |
| 31 | + | (!UserRepository::checkUserByToken($_POST["user_id"], $_POST["token"], $conn) && | |
| 32 | + | !UserRepository::checkAdminByToken($_POST["token"], $conn))) { | |
| 33 | + | $risposta = createErrorMessage(-1, "Token non valido"); | |
| 34 | + | //$risposta["return"] = -1; | |
| 35 | + | echo json_encode($risposta); | |
| 36 | + | die(); | |
| 37 | + | } | |
| 35 | 38 | ||
| 36 | 39 | if(isset($_FILES['avatar_file']) && !is_null($_FILES['avatar_file']) && $_FILES['avatar_file'] != "") | |
| 37 | 40 | { | |
View this file contents
View the full history
Commits for