/**
* Authenticates a user.
* @return boolean whether authentication succeeds.
*/
public function authenticate()
{
if ($this->user_type == 1 || $this->user_type == 2) {
$criteria = new CDbCriteria();
$criteria->condition = 'LOWER(mid)=' . strtolower($this->username) . ' AND management_user_level_id=' . $this->user_type;
$user = Management::model()->find($criteria);
} else {
if ($this->user_type == 4) {
$user = Doctor::model()->find('LOWER(did)=?', array(strtolower($this->username)));
} else {
if ($this->user_type == 3) {
$user = Patient::model()->find('LOWER(pid)=?', array(strtolower($this->username)));
} else {
$user = Nurses::model()->find('LOWER(nid)=?', array(strtolower($this->username)));
}
}
}
if ($user === null) {
$this->errorCode = self::ERROR_USERNAME_INVALID;
} else {
if (!($user->pass == $this->password)) {
$this->errorCode = self::ERROR_PASSWORD_INVALID;
} else {
if ($this->user_type == 1 || $this->user_type == 2) {
$this->_id = $user->mid;
$this->username = $user->mid;
} else {
if ($this->user_type == 4) {
$this->_id = $user->did;
$this->username = $user->did;
} else {
if ($this->user_type == 3) {
$this->_id = $user->pid;
$this->username = $user->pid;
} else {
$this->_id = $user->nid;
$this->username = $user->nid;
}
}
}
$this->_type = $this->user_type;
$this->errorCode = self::ERROR_NONE;
$this->setState("type", $this->_type);
}
}
return $this->errorCode == self::ERROR_NONE;
}
public function actionViewManagement()
{
$this->authenUser();
$this->authenManagement();
$managementId;
$managementData;
if (isset($_REQUEST['managementId'])) {
$managementId = $_REQUEST['managementId'];
if (!is_numeric($managementId)) {
$this->redirect($statusCode = 404);
} else {
$managementData = Management::model()->find('mid=?', array($managementId));
if ($managementData == null) {
$this->redirect($statusCode = 404);
}
// invalid request redirected to 404 not found page
}
}
$this->render('viewManagement', array('managementProfile' => $managementData));
}