public static function updateAgent($agentID, $data) { global $db; // check if exists if (Agents::getAgent($agentID)) { unset($data['username']); if (!Agents::isAdmin()) { unset($data['isAdmin']); } return $db->update('agents', $data, ['id' => $agentID]); } return -1; }
$response->header('Content-Type', 'application/json'); if (isset($_SERVER['HTTP_ACCESS_CONTROL_REQUEST_HEADERS'])) { $response->header('Access-Control-Allow-Headers', $_SERVER['HTTP_ACCESS_CONTROL_REQUEST_HEADERS']); } }); // Lock not logged in users from accessing the private api. $klein->respond(['POST', 'GET', 'OPTIONS'], "{$privateControllersBase}/[*]", function ($request, $response, $service) use($klein) { if (User::isLoggedIn() !== true) { $response->json('You are not allowed to access this page.'); $klein->skipRemaining(); // Skip remaining routing matches. } }); // Lock not admins users from accessing the admin api. $klein->respond(['POST', 'GET', 'OPTIONS'], "{$adminControllersBase}/[*]", function ($request, $response, $service) use($klein) { if (Agents::isAdmin() !== true) { $response->json('You are not allowed to access this page.'); $klein->skipRemaining(); // Skip remaining routing matches. } }); $klein->respond(['POST', 'GET', 'OPTIONS'], "{$publicControllersBase}/[*]", function ($request, $response, $service) use($klein) { }); $publicControllers = ['users']; $privateControllers = ['agents', 'assets-invest', 'assets-rent', 'contacts', 'control-panel', 'demands', 'investors', 'lids-for-review', 'logs', 'matching', 'notifications', 'rent-demands', 'rent-areas', 'rent-processes', 'tracked-assets', 'notes', 'conversations', 'investment-profiles', 'regions', 'files']; $adminControllers = ['agents', 'control-panel']; foreach ($publicControllers as $controller) { $klein->with("{$publicControllersBase}/{$controller}", "controllers/public/{$controller}.php"); } foreach ($privateControllers as $controller) { $klein->with("{$privateControllersBase}/{$controller}", "controllers/private/{$controller}.php");
$data = json_decode($request->body(), true); // Access only for Current Agent if (!Agents::isAdmin() && !Agents::isCurrentAgent($id)) { $response->json(Result::error('Access is denied')); } else { $result = Agents::updateAgent($id, $data); if ($result > 0) { $response->json(Result::success('Agent Updated.')); } elseif ($result === 0) { $response->json(Result::success('Agent not Updated.')); } else { $response->json(Result::error('Agent not found')); } } }); $this->respond(['GET', 'POST'], '/edit/password/[:id]', function ($request, $response, $service) { $id = $request->param('id'); $oldPassword = $request->param('oldPassword', ''); $newPassword = $request->param('newPassword', ''); // Access only for Current Agent if (!Agents::isAdmin() && !Agents::isCurrentAgent($id)) { $response->json(Result::error('Access is denied')); } else { $result = User::editPassword($oldPassword, $newPassword, $newPassword); if ($result === true) { $response->json(Result::success('edited password successfully')); } else { $response->json(Result::error($result)); } } });