public function user_index($nickname = null)
 {
     if (!$nickname) {
         $nickname = $this->GetData('nickname');
     }
     $user = User::find_by_nickname($nickname);
     $newaward = new LoyaltyAward();
     if ($this->post) {
         $newaward->user_id = $user->id;
         $newaward->points = $this->PostData("points");
         $newaward->justification = $this->PostData("justification");
         $newaward->awarded_by_id = Site::CurrentUser()->id;
         if (!$this->csrf) {
             Site::InstantFlash('error', 'Invalid form submission');
         } elseif ($newaward->save()) {
             Site::Flash("notice", "The loyalty points have been awarded");
             Redirect("admin/users/" . $user->permalink() . "/loyalty");
         } else {
             Site::InstantFlash('error', 'Unable to award loyalty points');
         }
     }
     $page = 1;
     if ($this->GetData('page')) {
         $page = $this->GetData('page');
     }
     $id = mysql_real_escape_string($user->id);
     $awards = LoyaltyAward::paginate("users.id = '{$id}'", "loyalty_awards.id DESC", $page, 50);
     $this->assign("user", $user);
     $this->assign("awards", $awards);
     $this->assign('newaward', $newaward);
     $this->title = "{$user->nickname} :: Loyalty";
     $this->render("loyalty_award/user_index.tpl");
 }
 protected function load_user($nickname = null)
 {
     if (!$nickname) {
         $nickname = $this->GetData('nickname');
     }
     $user = User::find_by_nickname($nickname);
     if ($user) {
         return $user;
     } else {
         Error404();
     }
 }
Example #3
0
 public static function login($nickname, $password)
 {
     if (!$nickname or !$password) {
         return array("code" => 400, "error" => "Username or password is incorrect");
     }
     $user = User::find_by_nickname($nickname);
     if (!$user) {
         return array("code" => 401, "error" => "Username or password is incorrect");
     }
     if (!$user->checkPassword($password)) {
         return array("code" => 401, "error" => "Username or password is incorrect");
     }
     if (!$user->activated) {
         return array("code" => 402, "error" => "Your account has not been activated");
     }
     if ($user->suspended) {
         return array("code" => 403, "error" => "Your account has been suspended");
     }
     $user->sync_forums();
     return array("code" => 200, "user" => $user);
 }
 public function edit()
 {
     $signup = self::load_signup($id);
     if ($signup->event->enddate <= time()) {
         Site::Flash("error", "It is not possible to edit this booking");
         Redirect("bookings/{$signup->id}");
     }
     // Seating Manager
     $managers = array('' => 'None');
     $clan = mysql_real_escape_string(Site::CurrentUser()->clan);
     if ($clan != '') {
         $id = mysql_real_escape_string(Site::CurrentUser()->id);
         $allManagers = User::find_all("users.clan = '{$clan}'", "users.nickname ASC");
         foreach ($allManagers as $manager) {
             $permalink = $manager->permalink();
             $managers[$permalink] = $manager->nickname;
         }
     }
     $currentManager = '';
     if ($signup->manager_id) {
         $currentManager = $signup->manager->permalink();
     }
     if ($this->post and !$this->csrf) {
         global $site;
         $site['flash']['error'] = "Invalid form submission";
     } elseif ($this->post) {
         $signup->lift_required = $_POST['lift_required'];
         if (!$signup->paid and !$signup->event_ticket->hidden) {
             $ticket_id = mysql_real_escape_string($_POST['ticket']);
             if ($ticket_id != $signup->event_ticket_id) {
                 $event_id = mysql_real_escape_string($signup->event_id);
                 $ticket = EventTicket::find("event_tickets.id = '{$ticket_id}' AND event_tickets.event_id = '{$event_id}' AND event_tickets.hidden = false");
                 if ($ticket) {
                     $signup->event_ticket_id = $ticket->id;
                     $signup->event_ticket = $ticket;
                 }
             }
         }
         $save = true;
         if ($this->PostData('manager_id')) {
             $manager = User::find_by_nickname($this->PostData('manager_id'));
             if ($manager && array_key_exists($manager->permalink(), $managers)) {
                 $signup->manager_id = $manager->id;
             } else {
                 global $site;
                 $site['flash']['error'] = "Unable to find the seat manager you selected";
                 $save = false;
             }
         } else {
             $signup->manager_id = null;
         }
         if ($save && $signup->save()) {
             // Remove any services that don't fit this booking
             if (!$signup->event_ticket->participant) {
                 $signup_id = mysql_real_escape_string($signup->id);
                 $services = EventService::find_all("event_services.event_signup_id = '{$signup_id}' AND participant = true");
                 $paid = array();
                 foreach ($services as $service) {
                     if ($service->paid) {
                         // Service has been paid, don't remove it, email staff
                         $paid[] = $service;
                     } else {
                         $service->destroy();
                     }
                 }
                 if (count($paid) > 0) {
                     // One or more services were unsuitable but paid for (this should
                     // really not happen! Let's email staff and they can handle it
                 }
             }
             Site::Flash("notice", "Your event booking has been updated");
             Redirect("bookings/{$signup->id}");
         }
     }
     $this->assign("signup", $signup);
     $this->assign("tickets", $signup->event->public_tickets());
     $this->assign("managers", $managers);
     $this->assign("currentManager", $currentManager);
     $this->title = "My Bookings :: " . $signup->event->name . " :: Edit";
     $this->render("event_signup/edit.tpl");
 }
 protected static function load_user($nickname = null)
 {
     if (!$nickname && isset($_GET['nickname'])) {
         $nickname = $_GET['nickname'];
     }
     $user = User::find_by_nickname($nickname);
     if ($user) {
         return $user;
     } else {
         Error404();
     }
 }
 public static function award_loyalty($to, $awarded_by = null, $points = 0, $justification = "Automated award", $redeemed = false)
 {
     if (is_a($awarded_by, 'User')) {
         $awarded_by = $awarded_by->id;
     }
     if (is_a($to, 'User')) {
         $to = $to->id;
     }
     if (!$awarded_by) {
         $awarded_by = User::find_by_nickname('Administrator')->id;
     }
     $award = new LoyaltyAward();
     $award->user_id = $to;
     $award->awarded_by_id = $awarded_by;
     $award->justification = $justification;
     $award->points = $points;
     $award->redeemed = $redeemed;
     if ($award->save()) {
         return true;
     } else {
         return false;
     }
 }