public function postCreate() { if (Helper::isBusinessOwner(Input::get('business_id'), Helper::userId())) { // PAG added permission checking $terminal_id = count(Terminal::getTerminalsByBusinessId(Input::get('business_id'))); if ($this->validateTerminalName(Input::get('business_id'), Input::get('name'), $terminal_id)) { Terminal::createBusinessNewTerminal(Input::get('business_id'), Input::get('name')); $business = Business::getBusinessDetails(Input::get('business_id')); return json_encode(['success' => 1, 'business' => $business]); } else { return json_encode(['status' => 0]); } } else { return json_encode(array('message' => 'You are not allowed to access this function.')); } }
public function getBusinessdetails($business_id) { if (Helper::isBusinessOwner($business_id, Helper::userId())) { // PAG added permission checking $business = Business::getBusinessDetails($business_id); return json_encode(['success' => 1, 'business' => $business]); } else { return json_encode(array('status' => 0, 'message', 'You are not allowed to access this function.')); } }
<?php $results = $business->getBusiness(); echo '<div class="col-md-8"> <h1>' . $results . '</h1></div>'; // Edit only for admin $adminCheck = $business->isAdmin(); echo "<script>console.log('isAdmin: " . json_encode($adminCheck) . "');</script>"; if ($adminCheck) { echo '<div class="col-md-4"><a class="btn btn-info btn-raised" style="float: right;" data-toggle="modal" data-dismiss="modal" data-target="#EditB">Edit Business</a></div>'; } ?> </div> <div class="row placeholders panel panel-primary" style="margin-top:15px;margin:20px 0px;width: 30xp"> <?php $businessDetails = $business->getBusinessDetails(); $hasB = false; echo "<script>console.log('results_row: " . json_encode($businessDetails) . "');</script>"; if ($businessDetails->num_rows >= 1) { $hasB = true; } if ($hasB) { while ($row = $businessDetails->fetch_object()) { echo "<script>console.log('PHP: getBusinessDetails " . json_encode($row) . "');</script>"; echo '<h3 style="text-align:left;margin-left: 1em;"> Coordinator:</h3>'; echo '<h4 style="text-align:left; padding-left:35px;margin-left: 1em;"> ' . $row->first_name . " " . $row->last_name . '</h4>'; echo '<h3 style="text-align:left;margin-left: 1em;"> Category:</h3>'; if (isset($row->category)) { echo '<h4 style="text-align:left; padding-left:35px;margin-left: 1em;"> ' . $row->category . '</h4>'; } echo '<h3 style="text-align:left;margin-left: 1em;"> Description:</h3>';