/**
  * @Route("PhoneNumber/edit")
  * @Authorize error:("Error message")
  * @Post
  * @param EditPhoneNumberBindingModel $model
  * @throws \Exception
  */
 public function edit(EditPhoneNumberBindingModel $model)
 {
     $this->db->prepare("SELECT id\n                                FROM phoneNumber\n                                WHERE number = ?", array($model->getPhoneNumber()));
     $response = $this->db->execute()->fetchRowAssoc();
     $id = $response['id'];
     if ($id !== null) {
         $phonenumber = $model->getPhoneNumber();
         $_SESSION['error'] = "Phone number '{$phonenumber}' already exists!";
         $_SESSION['errornumber'] = 400;
         $this->redirect("/PhoneNumber/editPhoneNumber/" . $_SESSION['PhoneNumberToEdit'] . "/edit");
         throw new \Exception("Phone number '{$phonenumber}' already exists!", 400);
     }
     if (strlen($model->getName()) <= 2 || $model->getName() === null) {
         $_SESSION['error'] = 'Invalid name!';
         $_SESSION['errornumber'] = 400;
         $this->redirect("/PhoneNumber/editPhoneNumber/" . $_SESSION['PhoneNumberToEdit'] . "/edit");
         throw new \Exception("Invalid name!", 400);
     }
     if (!preg_match('/\\b\\d{3}[-.]?\\d{3}[-.]?\\d{4}\\b/', $model->getPhoneNumber())) {
         $_SESSION['error'] = 'Invalid phone number format!';
         $_SESSION['errornumber'] = 400;
         $this->redirect("/PhoneNumber/editPhoneNumber/" . $_SESSION['PhoneNumberToEdit'] . "/edit");
         throw new \Exception("Invalid phone number format!", 400);
     }
     $this->db->prepare("UPDATE phoneNumber\n                            SET name = ?, number = ?\n                            WHERE id = ?", array($model->getName(), $model->getPhoneNumber(), $_SESSION['PhoneNumberToEdit']));
     $this->db->execute();
     $this->db->prepare("SELECT\n                            id\n                            FROM phoneNumber\n                            WHERE name = ? AND number = ?", array($model->getName(), $model->getPhoneNumber()));
     $response = $this->db->execute()->fetchRowAssoc();
     $PhoneNumberId = Normalizer::normalize($response['id'], 'noescape|int');
     $this->redirect("/PhoneNumber");
 }
Beispiel #2
0
 public static function isAdmin() : bool
 {
     $statement = self::$database->prepare("SELECT u.id\n                                                FROM user_roles ur\n                                                JOIN users u\n                                                ON u.id = ur.user_id\n                                                WHERE (u.username = ? AND u.id = ?) AND ur.role_id = 2");
     $statement->bindParam(1, App::getInstance()->getSession()->_username);
     $statement->bindParam(2, App::getInstance()->getSession()->_login);
     $statement->execute();
     $response = $statement->fetch(\PDO::FETCH_ASSOC);
     if ($response) {
         $id = Normalizer::normalize($response['isAdmin'], 'bool');
         return true;
     }
     return false;
 }