Example #1
0
 /**
  * View users profile
  */
 public function action_index()
 {
     $id = $this->request->param('id');
     $user = ORM::factory('User', $id);
     if (!$user->loaded()) {
         throw HTTP_Exception::Factory('404', 'No such user');
     }
     $container = new Tabs();
     $about = new Tab('About me');
     $about->add_content(new Tab_Text($user->get_property('about')));
     $about->add_content(new Tab_Text($user->get_property('signature')));
     $container->add_tab($about);
     Event::fire('user.profile_tabs', array($user, $container));
     $this->view = new View_User_Profile();
     $this->view->user = $user;
     $this->view->tabs = $container->render();
     /*
     // @TODO, This belongs to the pet module, better to use events?
     $pets = ORM::factory('User_Pet')
     	->where('user_id', '=', $user->id)
     	->order_by('active', 'desc');
     
     $paginate = Paginate::factory($pets)
     	->execute();
     
     $this->view = new View_User_Profile;
     $this->view->pagination = $paginate->render();
     $this->view->profile_user = $user;
     // $this->view->pets = ORM::factory('User_Pet')->where('user_id', '=', $user->id)->order_by('active', 'desc')->find_all()->as_array();
     $this->view->pets = $paginate->result();
     */
 }
Example #2
0
 /**
  * Check to ensure POST requests contains CSRF.
  * @throws HTTP_Exception
  */
 private function _validate_csrf()
 {
     if ($this->request->method() == HTTP_Request::POST) {
         $validation = Validation::factory($this->request->post())->rule('csrf', 'not_empty')->rule('csrf', 'Security::check');
         if (!$validation->check()) {
             throw HTTP_Exception::Factory(403, 'CSRF check failed!');
         }
     }
 }
Example #3
0
 /**
  * Show company profile
  */
 public function action_profile()
 {
     // Defaults to ID = 1
     $id = $this->request->param('id');
     if ($id == '') {
         $id = 1;
     }
     $company = Model::factory('Company');
     $company_data = $company->load($id);
     if ($company_data === FALSE) {
         throw HTTP_Exception::Factory(404, "File not found!");
     }
     $view = View::factory('company/profile');
     $view->set('id', $id);
     $view->set('company_data', $company_data);
     $this->response->body($view);
 }
Example #4
0
 /**
  * View message
  */
 public function action_index()
 {
     $id = $this->request->param('id');
     $message = ORM::factory('Message', $id);
     if (!$message->loaded()) {
         throw HTTP_Exception::Factory('404', 'No such message');
     }
     if (!$this->user->can('Message_View_Index', array('message' => $message))) {
         throw HTTP_Exception::Factory('403', 'Message does not belong to you');
     }
     if (!$message->read) {
         $message->read = 1;
         $message->save();
     }
     if ($message->sent) {
         $message->sender = $message->receiver;
     }
     $this->view = new View_Message_View();
     $this->view->message = $message;
 }
Example #5
0
 /**
  * Ensure the user is logged in, else throw a 403 Exception.
  *
  * @throws HTTP_Exception
  */
 protected function logged_in_required()
 {
     if ($this->auth->logged_in() == FALSE) {
         throw HTTP_Exception::Factory(401, 'Login to access this page!');
     }
 }
Example #6
0
 public function action_view()
 {
     $id = $this->request->param('id');
     $shop = ORM::factory('User_Shop', $id);
     if (!$shop->loaded()) {
         throw HTTP_Exception::Factory('404', 'No such user shop.');
     }
     $this->view = new View_Item_Shop_View();
     $this->view->shop = $shop->as_array();
     $this->view->owner = $shop->user->as_array();
     $inventory = Item::location('shop', FALSE, NULL, $shop->user)->where('parameter', '>', '0')->find_all();
     $this->view->items = $inventory;
 }