public function manage() { // If not logged in, go back to the start $session = Session::instance(); $mhi_user_id = $session->get('mhi_user_id'); if ($mhi_user_id == FALSE) { url::redirect('/'); } $this->template->header->this_page = 'mhi'; $this->template->content = new View('mhi_manage'); $this->template->content->domain_name = $_SERVER['HTTP_HOST'] . Kohana::config('config.site_domain'); $mhi_site = new Mhi_Site_Model(); $this->template->content->sites = $mhi_site->get_user_sites($mhi_user_id); }
public function manage() { // If not logged in, go back to the start $session = Session::instance(); $mhi_user_id = $session->get('mhi_user_id'); if ($mhi_user_id == FALSE) { // If the user is not logged in, go home. url::redirect('/'); } // Activate or deactivate a site if (isset($_GET['deactivate']) or isset($_GET['activate'])) { $this->activation(); } $this->template->header->this_body = ''; $this->template->content = new View('mhi/mhi_manage'); $this->template->content->sites_pw_changed = array(); // Manage JS $this->template->header->js .= new View('mhi/mhi_manage_js'); $this->template->content->domain_name = $_SERVER['HTTP_HOST'] . Kohana::config('config.site_domain'); $mhi_site = new Mhi_Site_Model(); $all_user_sites = $mhi_site->get_user_sites($mhi_user_id, TRUE); $this->template->content->sites = $all_user_sites; if ($_POST) { $new_password = $_POST['admin_password']; if ($_POST['change_pw_for'] == 'all') { // Get all domains $site_domains = array(); foreach ($all_user_sites as $site) { $site_domains[] = $site->site_domain; } } else { // If we are only changing one domain $site_domains = array($_POST['site_domain']); } $db_genesis = new DBGenesis(); $mhi_site = new Mhi_Site_Model(); // Check if the logged in user is the owner of the site $domain_owners = $mhi_site->domain_owner($site_domains); // using array_unique to see if there is only one owner $domain_owners = array_unique($domain_owners); if (count($domain_owners) != 1) { // If there are more than one owner, the we shouldn't be able to change all those passwords. throw new Kohana_User_Exception('Site Ownership Error', "Improper owner for site to change password."); } $domain_owner = current($domain_owners); // If the owner of the site isn't the person updating the password for the site, there's something fishy going on if ($domain_owner == $mhi_user_id) { $db_genesis->change_admin_password($site_domains, $new_password); $this->template->content->sites_pw_changed = $site_domains; } } }