/** * @before _secure * @todo @Faizan_Ayubi Remove UNSAFE Actions from GET Request */ public function postback($id) { $this->JSONView(); $view = $this->getActionView(); $postback = PostBack::first(["id" => $id, "org_id" => $this->org->_id]); if ($postback) { switch (strtolower(RM::type())) { case 'delete': $postback->delete(); $view->set('message', 'PostBack Deleted Successfully'); break; case 'post': $postback->live = (int) RM::post("live"); $postback->save(); $view->set('message', 'PostBack Updated Successfully'); break; } } else { $view->set('message', "Invalid Request!!"); } }
/** * @before _session * @after _csrfToken */ public function register() { $this->seo(array("title" => "Advertiser Register", "description" => "Register")); $view = $this->getActionView(); $view->set('errors', []); $token = RM::post("token", ''); if (RM::post("action") == "register" && $this->verifyToken($token)) { $this->_advertiserRegister($this->org, $view); } }
/** * @before _secure */ public function notification() { $this->seo(array("title" => "Notification")); $view = $this->getActionView(); $fields = ['_id', 'name']; $arr = User::all(['org_id' => $this->org->_id, 'type' => 'publisher'], $fields); $publishers = User::objectArr($arr, $fields); $arr = User::all(['org_id' => $this->org->_id, 'type' => 'advertiser'], $fields); $advertisers = User::objectArr($arr, $fields); $view->set('publishers', $publishers)->set('advertisers', $advertisers); switch (RM::post("action")) { case 'save': $meta = RM::post("meta", "all"); $message = RM::post("message"); $success = "Saved Successfully"; if ($meta !== "all" && (!in_array($meta, array_keys($publishers)) && !in_array($meta, array_keys($advertisers)))) { $view->set('message', "Invalid Request!!"); break; } else { if ($meta !== "all") { // send mail to the user $usr = User::first(['_id' => $meta], ['name', 'email']); \Shared\Services\Smtp::sendMail($this->org, ['template' => 'notification', 'user' => $usr, 'notification' => $message, 'to' => [$usr->email], 'subject' => "Notification from " . $this->org->name]); $success .= " And Mail sent"; } } $n = new Notification(["org_id" => $this->org->id, "message" => $message, "target" => RM::post("target"), "meta" => $meta]); $n->save(); $view->set("message", $success); break; } if (RM::type() === 'DELETE') { $id = RM::get("id"); $n = Notification::first(["org_id = ?" => $this->org->id, "id = ?" => $id]); if ($n) { $n->delete(); $view->set("message", "Deleted Successfully"); } else { $view->set("message", "Notification does not exist"); } } $notifications = Notification::all(["org_id = ?" => $this->org->id], [], "created", "desc"); $view->set("notifications", $notifications); }
/** * @before _secure */ public function settings() { $this->seo(array("title" => "Campaign: Settings")); $view = $this->getActionView(); $user = $this->user; $org = $this->org; if (RM::type() === 'DELETE') { switch (RM::get("action")) { case 'commDel': $comm = Commission::first(['_id' => RM::get("comm_id"), "org_id" => $this->org->_id]); if ($comm) { $comm->delete(); $view->set('message', 'Commission removed!!'); } else { $view->set('message', 'Invalid request!!'); } return; } } if (RM::type() == 'POST') { $action = RM::post('action', ''); switch ($action) { case 'commadd': case 'commedit': $fields = ['model' => RM::post('model'), 'rate' => RM::post('rate'), 'coverage' => RM::post('coverage') ?? ['ALL']]; $comm_id = RM::post('comm_id'); if ($comm_id) { $comm = Commission::first(['_id' => $comm_id, 'org_id' => $this->org->_id]); if (!$comm) { $view->set('Invalid Request!!'); break; } } else { $comm = new Commission(['org_id' => $this->org->_id]); } foreach ($fields as $key => $value) { $comm->{$key} = $value; } $comm->save(); //echo "<pre>", print_r($_POST), "</pre>";die(); $view->set('message', 'Commission saved successfully!!'); break; case 'domains': $message = $org->updateDomains(); $this->setOrg($org); $view->set('message', $message); break; case 'categories': $success = Category::updateNow($this->org); if ($success) { $msg = 'Categories updated Successfully!!'; } else { $msg = 'Failed to delete some categories because in use by campaigns!!'; } $view->set('message', $msg); break; } $this->setUser($user); } $commissions = Commission::all(['org_id' => $this->org->_id]); $categories = \Category::all(['org_id' => $this->org->_id]); $view->set('categories', $categories)->set('hideRevenue', true)->set('commissions', $commissions); }
/** * @before _secure */ public function update($invoice_id) { $this->JSONView(); $view = $this->getActionView(); $i = \Invoice::first(["_id = ?" => $invoice_id, "org_id = ?" => $this->org->_id]); if (!$i || RM::type() !== 'POST') { return $view->set('message', 'Invalid Request!!'); } $view->set('message', 'Updated successfully!!'); $allowedFields = ['live']; foreach ($allowedFields as $f) { $i->{$f} = RM::post($f, $i->{$f}); } $i->save(); $view->set('invoice', $i); }
/** * @before _session * @after _csrfToken */ public function register() { $this->seo(array("title" => "Publisher Register", "description" => "Register")); $view = $this->getActionView(); $view->set('errors', []); $afields = Meta::search('customField', $this->org); $view->set('afields', $afields ?? []); $token = RM::post("token", ''); if (RM::post("action") == "register" && $this->verifyToken($token)) { $this->_publisherRegister($this->org, $view); } }
protected function _postback($case, $extra = []) { $view = $this->getActionView(); switch ($case) { case 'add': $search = ["org_id" => $this->org->_id, "user_id" => $this->user->_id, "event" => RM::post("event")]; if (isset($extra['ad'])) { $search["ad_id"] = $extra['ad']->_id; } $foundPostback = PostBack::first($search); if (RM::post('action') === 'addCallback' && !$foundPostback) { $postback = new PostBack(array_merge($search, ["data" => RM::post("data"), "type" => RM::post("type")])); $postback->save(); $view->set('message', 'Postback Saved Successfully'); } else { $view->set('message', 'Postback already added'); } break; case 'delete': $postback = PostBack::first(["_id" => RM::get("postback_id"), "user_id" => $this->user->_id, "org_id" => $this->org->_id]); // check for valid request as a fallback if (RM::type() === 'DELETE' && RM::get('removeCallback') && $postback) { $postback->delete(); $view->set('message', "Postback removed!!"); } else { $view->set('message', "Invalid Request!!"); } break; case 'show': $query = ['user_id' => $this->user->_id, 'org_id' => $this->org->_id]; if (isset($extra['ad'])) { $query["ad_id"] = $extra['ad']->_id; $postbacks = PostBack::all($query); } else { $postbacks = PostBack::all($query); $ans = []; foreach ($postbacks as $p) { if (!$p->ad_id) { $ans[$p->_id] = $p; } } $postbacks = $ans; } $view->set('postbacks', $postbacks); break; } }