function executeChange($userID, $recordID, $newRecordStatus) { if ($newRecordStatus !== "1" && $newRecordStatus !== "2" && $newRecordStatus !== "3") { return "Invalid status!"; } $userDAO = new UserDAO(); $user = $userDAO->getUserByID($userID); $recordDAO = new RecordDAO(); $record = $recordDAO->getRecordByID($recordID); if ($record === null) { return "Could not find this record!"; } if ($record->getDisplayStatus() === $newRecordStatus) { return "Old status is equal to new status, don't need to change!"; } if ($user->getRole()->getRoleID() === "3") { if ($record->getUser()->getUserID() !== $userID) { return "You have no right to change group status!"; } if ($newStatus === "3") { return "You have no right to delete this record!"; } } if ($newRecordStatus !== "3") { $record->setDisplayStatus($newRecordStatus); $recordDAO->updateRecord($record); // Do not have updateRecord function } else { $recordDAO->deleteRecord($record); //Do not have this function } return true; }
function uploadFile($userID, $groupID, $file) { $userDAO = new UserDAO(); $user = $userDAO->getUserByID($userID); if ($user->getRole()->getRoleID() == "4") { return "This user was forbidden to upload file!"; } if (!isValidID($groupID)) { return "Group id is not valid!"; } $groupDAO = new GroupDAO(); $group = $groupDAO->getGroupByID($groupID); if ($group === null) { return "Can not find this group!"; } if ($group->getActivateStatus() === "2") { return "Group is not activated!"; } $groupMemberDAO = new GroupMemberDAO(); $groupMember = $groupMemberDAO->getGroupMember($group, $user); if ($groupMember === null) { return "User didn't belong to this group!"; } if (gettype($file["error"]) == "array") { return "Only accept one file!"; } $res = isValidUploadFile($file["error"]); if ($res !== true) { return $res; } $fileType = -1; $res = isValidImage($file["name"]); if ($res === true) { $fileType = "2"; } $res = isValidFile($file["name"]); if ($res === true) { $fileType = "3"; } if ($fileType === -1) { return "Only accepts jpeg/jpg/gif/png/zip file!"; } $record = new Record($group, $user, $fileType, "temp", "1"); $recordDAO = new RecordDAO(); $recordDAO->insertRecord($record); $fileDir = "upload/"; $filePath = $fileDir . $record->getRecordID() . "_" . $file["name"]; $record->setContent($filePath); $recordDAO->updateRecord($record); if (file_exists($filePath)) { unlink($filePath); } if (!move_uploaded_file($file['tmp_name'], $filePath)) { return "Fail to move file, please contact administrator!"; } return true; }
function changeRecordStatus($adminID, $recordID, $displayStatus) { $userDAO = new UserDAO(); $admin = $userDAO->getUserByID($adminID); if ($admin->getRole()->getRoleID !== 1 || $admin->getRole()->getRoleID !== 2) { return "You do not have the right to change record status!"; } $recordDAO = new RecordDAO(); $record = $recordDAO->getRecordByID($recordID); //need function if ($record->getDisplayStatus() === $displayStatus) { return "Same Status, no need to change it!"; } $record->setDisplayStatus($displayStatus); $recordDAO->updateRecord($record); //need function }