/** * Before we do anything, check to see if the user is an admin. If it's * an un-auth'd call, log the user info (if they are logged in as a non-admin), * and the IP address */ public function __construct() { parent::__construct(); if (!UserHelper::isAdmin()) { log_message('error', "Attempted unauthorized access to admin section: " . UserHelper::getEmail() . '-' . UserHelper::getId() . '-' . $this->input->ip_address()); show_error("You do not have permission to access this resource. This has been logged."); } }
/** * Rate a package */ public function rate($package_name) { $this->load->model('spark'); $this->load->model('rating'); $spark = Spark::getInfo($package_name); if (!$spark) { show_404(); } if ($this->input->post('rating') && UserHelper::isLoggedIn()) { $this->load->model('rating'); $this->rating->rate(UserHelper::getId(), $spark->id, $this->input->post('rating')); } else { $this->error("You are not logged in, or your request was invalid"); } $this->success(array('ratings' => $this->rating->getRatings($spark->id))); }
<a href="<?php echo base_url(); ?> packages/<?php echo $contribution->name; ?> /edit"> Edit Details </a> </p> <?php } ?> <?php if (UserHelper::getId() == $contribution->contributor_id) { ?> <div class="form-wrapper clearfix"> <form action="<?php echo base_url(); ?> versions/add" method="post"> <h5>Author: Add a new version (via repository tag): <br /></h5> <p> <small> After you add this, the spark will be processed on our end. <br/> The string you enter below should correspond to a tag in your source repository. If the tag isn't valid, we'll pull the latest.<br/> <strong>Remember to update the version string in spark.info!</strong><br/> </small>
/** * A CI validation callback to make sure the package being edited is owned by the * logged-in user * @param int $spark_id The id of the spark * @return bool True if the logged in user is the owner, false if not */ public function is_owner($spark_id) { $this->load->model('spark'); if (Spark::getById($spark_id)->contributor_id == UserHelper::getId()) { return true; } $this->form_validation->set_message('is_owner', "Sorry, you don't own that spark. That also means you're an ass."); return FALSE; }
<?php $this->load->view('global/_new_header.php'); ?> <h2>Profile for <?php echo $contributor->real_name; ?> (<?php echo $contributor->username; ?> )</h2> <?php if ($contributor->id == UserHelper::getId()) { ?> <p><a href="<?php echo base_url(); ?> contributors/<?php echo $contributor->username; ?> /profile/edit">Edit Your Profile</a></p> <?php } ?> <table style="margin-bottom:15px"> <tr> <td>Username</td> <td>: <?php
/** * Called when to show the edit page for a user's profile. Works of the current * logged in user */ public function edit() { $this->load->model('contributor'); $this->load->helper('form'); $this->load->library('form_validation'); $contributor_id = UserHelper::getId(); $contributor = Contributor::findById($contributor_id); $submit = $this->input->post('submit'); if ($submit) { if ($this->form_validation->run('edit_profile')) { $update = elements(array('email', 'website', 'real_name', 'password'), $_POST); Contributor::update($contributor_id, $update); if ($update['password']) { UserHelper::setNotice("Nice, everything saved, including your new password"); } else { UserHelper::setNotice("Nice, everything saved"); } } else { UserHelper::setNotice("Hrm, there was a problem (see below)", FALSE); } } $data = array('contributor' => $contributor); $this->load->view('contributors/edit', $data); }