public function user_index($nickname = null) { if (!$nickname) { $nickname = $this->GetData('nickname'); } $user = User::find_by_nickname($nickname); $newaward = new LoyaltyAward(); if ($this->post) { $newaward->user_id = $user->id; $newaward->points = $this->PostData("points"); $newaward->justification = $this->PostData("justification"); $newaward->awarded_by_id = Site::CurrentUser()->id; if (!$this->csrf) { Site::InstantFlash('error', 'Invalid form submission'); } elseif ($newaward->save()) { Site::Flash("notice", "The loyalty points have been awarded"); Redirect("admin/users/" . $user->permalink() . "/loyalty"); } else { Site::InstantFlash('error', 'Unable to award loyalty points'); } } $page = 1; if ($this->GetData('page')) { $page = $this->GetData('page'); } $id = mysql_real_escape_string($user->id); $awards = LoyaltyAward::paginate("users.id = '{$id}'", "loyalty_awards.id DESC", $page, 50); $this->assign("user", $user); $this->assign("awards", $awards); $this->assign('newaward', $newaward); $this->title = "{$user->nickname} :: Loyalty"; $this->render("loyalty_award/user_index.tpl"); }
protected function load_user($nickname = null) { if (!$nickname) { $nickname = $this->GetData('nickname'); } $user = User::find_by_nickname($nickname); if ($user) { return $user; } else { Error404(); } }
public static function login($nickname, $password) { if (!$nickname or !$password) { return array("code" => 400, "error" => "Username or password is incorrect"); } $user = User::find_by_nickname($nickname); if (!$user) { return array("code" => 401, "error" => "Username or password is incorrect"); } if (!$user->checkPassword($password)) { return array("code" => 401, "error" => "Username or password is incorrect"); } if (!$user->activated) { return array("code" => 402, "error" => "Your account has not been activated"); } if ($user->suspended) { return array("code" => 403, "error" => "Your account has been suspended"); } $user->sync_forums(); return array("code" => 200, "user" => $user); }
public function edit() { $signup = self::load_signup($id); if ($signup->event->enddate <= time()) { Site::Flash("error", "It is not possible to edit this booking"); Redirect("bookings/{$signup->id}"); } // Seating Manager $managers = array('' => 'None'); $clan = mysql_real_escape_string(Site::CurrentUser()->clan); if ($clan != '') { $id = mysql_real_escape_string(Site::CurrentUser()->id); $allManagers = User::find_all("users.clan = '{$clan}'", "users.nickname ASC"); foreach ($allManagers as $manager) { $permalink = $manager->permalink(); $managers[$permalink] = $manager->nickname; } } $currentManager = ''; if ($signup->manager_id) { $currentManager = $signup->manager->permalink(); } if ($this->post and !$this->csrf) { global $site; $site['flash']['error'] = "Invalid form submission"; } elseif ($this->post) { $signup->lift_required = $_POST['lift_required']; if (!$signup->paid and !$signup->event_ticket->hidden) { $ticket_id = mysql_real_escape_string($_POST['ticket']); if ($ticket_id != $signup->event_ticket_id) { $event_id = mysql_real_escape_string($signup->event_id); $ticket = EventTicket::find("event_tickets.id = '{$ticket_id}' AND event_tickets.event_id = '{$event_id}' AND event_tickets.hidden = false"); if ($ticket) { $signup->event_ticket_id = $ticket->id; $signup->event_ticket = $ticket; } } } $save = true; if ($this->PostData('manager_id')) { $manager = User::find_by_nickname($this->PostData('manager_id')); if ($manager && array_key_exists($manager->permalink(), $managers)) { $signup->manager_id = $manager->id; } else { global $site; $site['flash']['error'] = "Unable to find the seat manager you selected"; $save = false; } } else { $signup->manager_id = null; } if ($save && $signup->save()) { // Remove any services that don't fit this booking if (!$signup->event_ticket->participant) { $signup_id = mysql_real_escape_string($signup->id); $services = EventService::find_all("event_services.event_signup_id = '{$signup_id}' AND participant = true"); $paid = array(); foreach ($services as $service) { if ($service->paid) { // Service has been paid, don't remove it, email staff $paid[] = $service; } else { $service->destroy(); } } if (count($paid) > 0) { // One or more services were unsuitable but paid for (this should // really not happen! Let's email staff and they can handle it } } Site::Flash("notice", "Your event booking has been updated"); Redirect("bookings/{$signup->id}"); } } $this->assign("signup", $signup); $this->assign("tickets", $signup->event->public_tickets()); $this->assign("managers", $managers); $this->assign("currentManager", $currentManager); $this->title = "My Bookings :: " . $signup->event->name . " :: Edit"; $this->render("event_signup/edit.tpl"); }
protected static function load_user($nickname = null) { if (!$nickname && isset($_GET['nickname'])) { $nickname = $_GET['nickname']; } $user = User::find_by_nickname($nickname); if ($user) { return $user; } else { Error404(); } }
public static function award_loyalty($to, $awarded_by = null, $points = 0, $justification = "Automated award", $redeemed = false) { if (is_a($awarded_by, 'User')) { $awarded_by = $awarded_by->id; } if (is_a($to, 'User')) { $to = $to->id; } if (!$awarded_by) { $awarded_by = User::find_by_nickname('Administrator')->id; } $award = new LoyaltyAward(); $award->user_id = $to; $award->awarded_by_id = $awarded_by; $award->justification = $justification; $award->points = $points; $award->redeemed = $redeemed; if ($award->save()) { return true; } else { return false; } }