public function handleForm(Context $context, $action) { if ($action == "createReservation") { if (isset($_POST['equip_id']) && $_POST['equip_id'] != "" && (isset($_POST['start_date']) && $_POST['start_date'] != "") && (isset($_POST['length']) && $_POST['length'] != "")) { $equipId = $_POST['equip_id']; $equip = EquipmentDao::getEquipmentByID($equipId); if ($equip != null) { if (SessionUtil::getUserlevel() >= $equip->minUserLevel) { $startDate = $_POST['start_date']; $endDate = DateUtil::incrementDate($startDate, $_POST['length']); $reservations = ReservationDao::getReservationsForEquipmentByDate($equipId, $startDate, $endDate); if (count($reservations) == 0) { $user = UserDao::getUserByUsername(SessionUtil::getUsername()); $reservation = ReservationDao::createReservation($user->id, $equipId, $_POST['length'], $startDate, $endDate, $_POST['user_comment']); EmailUtil::sendNewReservationNotices($user, $reservation); } else { $context->addError("Reservations already exist during selected dates ({$startDate} and {$endDate})."); } } else { $context->addError("Cannot reserve equipment (User Level)."); } } else { $context->addError("No such equipment."); } } else { $context->addError("Required Field Left Blank."); } } else { $context->addError("Incorrect Action."); } }
public function handleForm(Context $context, $action) { //TODO: Check user level >= ADMIN if ($action == "savePassword") { if (isset($_POST['newpass']) && $_POST['newpass'] != "" && (isset($_POST['confpass']) && $_POST['confpass'] != "")) { $newPassword = $_POST['newpass']; $confirmPassword = $_POST['confpass']; if ($newPassword = $confirmPassword) { UserDao::updateUserPassword($_POST['userid'], $newPassword); $context->addMessage("Password Successfully Changed."); } else { $context->addError("Passwords Don't Match."); } } else { $context->addError("Required Field Left Blank."); } } else { if ($action == "saveEmail") { if (isset($_POST['email']) && $_POST['email'] != "") { $email = $_POST['email']; UserDao::updateUserEmail($_POST['userid'], $email); $context->addMessage("Email Successfully Changed."); } else { $context->addError("Required Field Left Blank."); } } else { if ($action == "saveUserLevel") { if (isset($_POST['level']) && $_POST['level'] != "") { $userlevel = $_POST['level']; UserDao::updateUserLevel($_POST['userid'], $userlevel); $context->addMessage("User Level Successfully Changed."); } else { $context->addError("Required Field Left Blank."); } } else { if ($action == "saveNotes") { if (isset($_POST['notes']) && $_POST['notes'] != "") { $notes = $_POST['notes']; UserDao::updateUserNotes($_POST['userid'], $notes); $context->addMessage("Notes Successfully Changed."); } else { $context->addError("Required Field Left Blank."); } } else { if ($action == "saveName") { if (isset($_POST['name']) && $_POST['name'] != "") { $name = $_POST['name']; UserDao::updateName($_POST['userid'], $name); $context->addMessage("Name Successfully Changed."); } else { $context->addError("Required Field Left Blank."); } } else { $context->addError("Incorrect Action."); } } } } } }
public function handleForm(Context $context, $action) { if (UserDao::getUserByUsername(SessionUtil::getUsername())->userlevel == RES_USERLEVEL_ADMIN) { if ($action == "deleteWarning") { $warning = WarningDao::getWarningByID($_POST['warnId']); if ($warning != null) { WarningDao::deleteWarning($warning->id); $context->addMessage("Successfully deleted warning."); } else { $context->addError("No such warning."); } } else { $context->addError("Incorrect Action."); } } else { $context->addError("Not Authorized."); } }
public function handleForm(Context $context, $action) { if ($action == "createUser") { if (isset($_POST['username']) && $_POST['username'] != "" && (isset($_POST['userlevel']) && $_POST['userlevel'] != "") && (isset($_POST['name']) && $_POST['name'] != "") && (isset($_POST['email']) && $_POST['email'] != "")) { $password = ""; if (Config::login_type == LOGIN_TYPE_DB) { $password = CryptoUtil::generatePassword(9, 4); } UserDao::createUser($_POST['username'], $_POST['name'], $_POST['email'], $_POST['userlevel'], $password); $message = "Created User -- Username: "******" Password: "******"Required Field Left Blank."); } } else { $context->addError("Incorrect Action."); } }
public function handleForm(Context $context, $action) { if ($action == "client") { if ($_POST['name'] != "" && $_POST['username'] != "" && $_POST['password'] != "" && $_POST['repeatpassword'] != "" && $_POST['email'] != "" && $_POST['phone'] != "" && $_POST['address'] != "") { if ($_POST['password'] == $_POST['repeatpassword']) { if (LoginDao::usernameFree($_POST['username'])) { $newLogin = LoginDao::createLogin($_POST['username'], $_POST['password'], Login::CLIENT); $newClient = ClientDao::createClient($newLogin, $_POST['name'], $_POST['email'], $_POST['phone'], $_POST['address']); SessionUtil::login($newLogin); $context->setPageID("home"); } else { $context->addError("Username already taken."); } } else { $context->addError("Passwords don't match."); } } else { $context->addError("Required field left blank."); } } else { $context->addError("Incorrect Action."); } }
public function handleForm(Context $context, $action) { if (UserDao::getUserByUsername(SessionUtil::getUsername())->userlevel == RES_USERLEVEL_ADMIN) { if ($action == "createWarning") { if (isset($_POST['userId']) && $_POST['userId'] != "" && (isset($_POST['reason']) && $_POST['reason'] != "") && (isset($_POST['type']) && $_POST['type'] != "")) { $user = UserDao::getUserByID($_POST['userId']); if ($user != null) { $warning = WarningDao::warnUser($_POST['userId'], $_POST['reason'], $_POST['type']); EmailUtil::sendWarningNoticeToUser($warning); $context->addMessage("Successfully warned " . $user); } else { $context->addError("No such user."); } } else { $context->addError("Required field left blank."); } } else { $context->addError("Incorrect Action."); } } else { $context->addError("Not Authorized."); } }
public function handleForm(Context $context, $action) { if ($action == "delete") { if (SessionUtil::getUserlevel() == RES_USERLEVEL_ADMIN) { ReservationDao::deleteReservation($_POST['resid']); } else { $context->addError("Action Not Allowed (Userlevel)"); } } else { if ($action == "checkin") { if (SessionUtil::getUserlevel() >= RES_USERLEVEL_LEADER) { ReservationDao::updateReservationStatus($_POST['resid'], RES_STATUS_CHECKED_IN, false); } else { $context->addError("Action Not Allowed (Userlevel)"); } } else { if ($action == "checkout") { if (SessionUtil::getUserlevel() >= RES_USERLEVEL_LEADER) { ReservationDao::updateReservationStatus($_POST['resid'], RES_STATUS_CHECKED_OUT, false); } else { $context->addError("Action Not Allowed (Userlevel)"); } } else { if ($action == "updateStatus") { if (SessionUtil::getUserlevel() == RES_USERLEVEL_ADMIN) { ReservationDao::updateReservationStatus($_POST['resid'], $_POST['status'], true); } else { $context->addError("Action Not Allowed (Userlevel)"); } } else { $context->addError("Incorrect Action."); } } } } }
public function saveSampleImage(Context $context, $file, $username) { $type = $file['type']; $size = $file['size']; if ($type == "image/gif" || $type == "image/jpeg" || $type == "image/jpeg" || $type == "image/pjpeg" || $type == "image/png") { if ($size < 20000000) { $filename = explode('.', $file['name']); $newFilename = "./ad_images/ar" . $username . "t" . time() . "." . $filename[count($filename) - 1]; $success = move_uploaded_file($file['tmp_name'], $newFilename); if (!$success) { $context->addError("Error Uploading File."); return ""; } else { return $newFilename; } } else { $context->addError("File Size Too Large."); return ""; } } else { $context->addError("Unrecognized File Type."); return ""; } }
public function saveSampleImage(Context $context, $file, $clientId) { $type = $file['type']; $size = $file['size']; if ($type == "image/gif" || $type == "image/jpeg" || $type == "image/pjpeg" || $type == "image/png") { if ($size < 20000000) { $filename = explode('.', $file['name']); $newFilename = "./uploads/" . "c" . $clientId . "t" . time() . "." . $filename[count($filename) - 1]; $success = move_uploaded_file($file['tmp_name'], $newFilename); if (!$success) { $context->addError("Error Uploading File."); return ""; } else { return $newFilename; } } else { $context->addError("File Size Too Large."); return ""; } } else { if ($type == "application/pdf" || $type == "image/psd" || ($type = "image/photoshop" || ($type = "image/x-photoshop" || ($type = "image/vnd.adobe.photoshop")))) { $filename = explode('.', $file['name']); $newFilename = "./uploads/" . "c" . $clientId . "t" . time() . "." . $filename[count($filename) - 1]; $success = move_uploaded_file($file['tmp_name'], $newFilename); if (!$success) { $context->addError("Error Uploading File."); return ""; } else { return $newFilename; } } else { $context->addError("Unrecognized File Type."); return ""; } } }
public function handleForm(Context $context, $action) { if ($action == "changePassword") { if ($_POST['password'] != "" && $_POST['repeatpassword'] != "") { $sessionLogin = LoginDao::getLoginByUsername(SessionUtil::getUsername()); if ($_POST['password'] == $_POST['repeatpassword']) { LoginDao::updateUserPassword($sessionLogin, $_POST['password']); } else { $context->addError("Passwords don't match."); } } else { $context->addError("Required field left blank."); } } else { if ($action == "updateAccount") { if ($_POST['name'] != "" && $_POST['email'] != "" && $_POST['phone'] != "") { $sessionLogin = LoginDao::getLoginByUsername(SessionUtil::getUsername()); if ($sessionLogin->getType() == Login::ADREP) { $adrep = AdRepDao::getAdRepByLogin($sessionLogin); AdRepDao::updateAdRep($adrep, $_POST['name'], $_POST['email'], $_POST['phone']); } else { if ($sessionLogin->getType() == Login::CLIENT) { if ($_POST['address'] != "") { $client = ClientDao::getClientByLogin($sessionLogin); ClientDao::updateClient($client, $_POST['name'], $_POST['email'], $_POST['phone'], $_POST['address']); } else { $context->addError("Required field left blank."); } } else { $context->addError("Unknown Account Type."); } } } else { $context->addError("Required field left blank."); } } else { $context->addError("Incorrect Action."); } } }