public function edit($id) { if (!($client = Client::findById($id))) { Flash::set('error', __('Image is not found!')); redirect(get_url('client')); } // check if trying to save if (get_request_method() == 'POST') { return $this->_edit($id); } $this->display('client/view', array('client' => $client)); }
private function clientInfo($params) { if ($params && $params['client']) { $client = new Client(); $info = $client->findById($params['client']); if ($info) { $this->response->out($info); } else { $response = array("status" => "Error", 'Task' => "You did not point a client id or it doesn't exist"); $this->response->out($response); return false; } } else { $response = array("status" => "Error", 'Task' => "You did not point a client id or it doesn't exist"); $this->response->out($response); return false; } }
<?php $id = isset($vars[1]) ? $vars[1] : null; $object = Client::findById($id); $error_flag = false; if ($object) { if ($object->delete()) { Message::register(new Message(Message::SUCCESS, i18n(array('en' => 'Record deleted', 'zh' => '记录删除成功')))); } else { $error_flag = true; } } else { $error_flag = true; } if ($error_flag) { Message::register(new Message(Message::DANGER, i18n(array('en' => 'Record deletion failed', 'zh' => '记录删除失败')))); } HTML::forwardBackToReferer();
<?php /** access control **/ require_login(); require_permission('管理自己的客户'); /** get vars **/ $cid = isset($vars[1]) ? strip_tags($vars[1]) : null; /** delete client **/ $response = new stdClass(); $client = Client::findById($cid); // permisison check if you want to delete client that is not yours if ($client->getUserId() != MySiteUser::getCurrentUser()->getId()) { if (!has_permission('管理所有客户')) { $response->status = 'error'; $response->message = '你没有权限进行此操作'; header('Content-Type: application/json'); echo json_encode($response); exit; } } if (!$client) { $response->status = 'error'; $response->message = '此客户不存在'; } else { if ($client->delete()) { $response->status = 'success'; } else { $response->status = 'error'; $response->message = '删除用户失败'; } }