Ejemplo n.º 1
0
 /**
  * Show the profile of a student
  */
 public function view($params)
 {
     $this->setView('view.php');
     $is_logged = isset(User_Model::$auth_data);
     $is_student = $is_logged && isset(User_Model::$auth_data['student_number']);
     $is_admin = $is_logged && User_Model::$auth_data['admin'] == '1';
     // If the user isn't logged in
     if (!$is_logged) {
         throw new ActionException('User', 'signin', array('redirect' => $_SERVER['REQUEST_URI']));
     }
     try {
         $student = $this->model->getInfo($params['username']);
         $post_model = new Post_Model();
         $this->setTitle(htmlspecialchars($student['firstname'] . ' ' . $student['lastname']));
         $this->set(array('student' => $student, 'groups' => isset($student['id']) ? Group_Model::getAuth((int) $student['id']) : array(), 'is_owner' => User_Model::$auth_data['username'] == $student['username'], 'is_logged' => true, 'is_student' => $is_student, 'is_admin' => $is_admin, 'username' => User_Model::$auth_data['username']));
         if ($is_student) {
             $this->set(array('firstname' => User_Model::$auth_data['firstname'], 'lastname' => User_Model::$auth_data['lastname'], 'avatar_url' => User_Model::$auth_data['avatar_url']));
         }
         // If the student is a user, we show their posts
         if (isset($student['id'])) {
             $category = isset($params['category']) ? $params['category'] : null;
             $category_model = new Category_Model();
             $this->set(array('posts' => $post_model->getPosts(array('restricted' => true, 'user_id' => (int) $student['id'], 'category_name' => $category, 'official' => false, 'show_private' => $is_student), Config::POST_DISPLAYED), 'categories' => $category_model->getAll(), 'current_category' => $category));
         }
     } catch (Exception $e) {
         throw new ActionException('Page', 'error404');
     }
 }
Ejemplo n.º 2
0
 /**
  * Delete a post
  */
 public function delete($params)
 {
     $this->setView('delete.php');
     try {
         $comment = $this->model->get((int) $params['id']);
         $is_logged = isset(User_Model::$auth_data);
         $is_admin = $is_logged && User_Model::$auth_data['admin'] == '1';
         $groups_auth = isset($is_logged) ? Group_Model::getAuth() : array();
         if ($is_logged && User_Model::$auth_data['id'] == $comment['user_id'] || $is_admin || isset($post['group_id']) && isset($groups_auth[(int) $post['group_id']]) && $groups_auth[(int) $post['group_id']]['admin']) {
             $this->model->delete((int) $params['id']);
             $this->set('success', true);
         } else {
             $this->set('success', false);
         }
     } catch (Exception $e) {
         // Post not found
         $this->set('success', true);
     }
 }
Ejemplo n.º 3
0
 /**
  * Delete a group
  */
 public function delete($params)
 {
     $this->setView('delete.php');
     $is_logged = isset(User_Model::$auth_data);
     $is_admin = $is_logged && User_Model::$auth_data['admin'] == '1';
     try {
         if (!$is_logged) {
             throw new Exception();
         }
         $group = $this->model->getInfoByName($params['group']);
     } catch (Exception $e) {
         throw new ActionException('Page', 'error404');
     }
     $this->setTitle(__('GROUP_DELETE_TITLE'));
     // Authorization
     $groups_auth = Group_Model::getAuth();
     if (!$is_admin && !(isset($groups_auth[(int) $group['id']]) && $groups_auth[(int) $group['id']]['admin'])) {
         throw new ActionException('Page', 'error404');
     }
     $this->set('group_name', $group['name']);
     $this->model->delete((int) $group['id']);
 }