/**
User logs in
*/
public static function login($l, $p)
{
$user = R::findOne("user", "(@email=:l) and pwhash=:p", array('l' => $l, 'p' => sha1($p)));
if (!$user) {
RedView::end('error', 'User name and password don\'t match.');
}
$_SESSION['user'] = $user->export();
RedView::end('message', 'Logged in.');
}
/**
simple access control
*/
protected static function access($roles)
{
$user = self::getUser() or RedView::end('error', 'Log in first.');
$rs = explode(',', trim($roles, ','));
$us = explode(',', trim($user->roles, ','));
foreach ($rs as $r) {
foreach ($us as $u) {
if ($r == $u) {
return $user;
}
}
}
RedView::end('error', 'You don\'t have permission to do that.');
}
/**
Update a mailing list
*/
public static function updateList()
{
self::access('admin');
Model_List::updateBean($_REQUEST);
RedView::end('message', 'List updated.');
}
public function edit()
{
$this->beanType = RedView::args(1);
$this->id = RedView::args(2);
$model = "Model_{$this->beanType}";
if ($this->id) {
$_REQUEST['id'] = $this->id;
$model::updateBean($_REQUEST);
} else {
$model::createBean($_REQUEST);
}
$verb = $this->id ? "updated" : "created";
RedView::end('message', "{$this->name} {$verb}.");
}
public function onConstraintFail($eventName, $sender, $message = null)
{
die($message);
RedView::end('error', $message);
}
/**
User registers
*/
public static function register()
{
$bean = Model_User::createBean($_REQUEST);
$_SESSION['user'] = $bean->export();
RedView::end('message', 'Your account has been created.');
}
