public function index()
{
try {
Session::clear_error_output();
$this->_view->set_header();
$this->_view->set_footer();
$username = Session::get('username');
if (empty($username)) {
Session::redirect(DEFAULT_PAGE);
}
//print welcome label here. no check needed
return $this->_view->render();
} catch (Exception $e) {
Session::set_error_output($e->getMessage());
}
}
public function index()
{
try {
//this part works right
$this->_view->set_header();
$this->_view->set_footer();
$posts = $this->_model->getPosts();
$this->_view->set('posts', $posts);
//-------------------------------
$username = Session::get('username');
if (empty($username)) {
Session::redirect(DEFAULT_PAGE);
}
$this->_view->set('title', 'New Posts');
return $this->_view->render();
} catch (Exception $e) {
echo "Application error:" . $e->getMessage();
}
}
<?php
Session::destroySession();
Session::setSuccess('You have been successfully logged out.');
// Redirect to homepage
Session::redirect('/login');
// Make sure this is the first time
// the user has used the website
if (!User::firstUse()) {
Session::setError('Cannot register, you have already registered before.');
Session::redirect('/');
}
// If the request is post, try and sign them up
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
foreach ($_POST['register'] as $key => $value) {
if (is_array($value)) {
$result = User::setEducation($value);
} else {
$result = User::setAttribute($key, $value);
}
if ($result == false) {
Session::setError('Unable to complete your registration, please try again.');
Session::redirect('/register');
}
}
$user = User::getUser();
$registration = UTSHelpsAPI::RegisterStudent(['StudentId' => $user['student_id'], 'DateOfBirth' => $user['dob'], 'Gender' => $user['gender'], 'Degree' => $user['degree'], 'Status' => $user['status'], 'FirstLanguage' => $user['first_language'], 'CountryOrigin' => $user['country_of_origin'], 'DegreeDetails' => $user['year'], 'AltContact' => $user['best_contact_no'], 'PreferredName' => $user['preferred_first_name'], 'HSC' => (bool) $user['hsc'], 'HSCMark' => $user['hsc_mark'], 'IELTS' => (bool) $user['ielts'], 'IELTSMark' => $user['ielts_mark'], 'TOEFL' => (bool) $user['toefl'], 'TOEFLMark' => $user['toefl_mark'], 'TAFE' => (bool) $user['tafe'], 'TAFEMark' => $user['tafe_mark'], 'CULT' => (bool) $user['cult'], 'CULTMark' => $user['cult_mark'], 'InsearchDEEP' => (bool) $user['insearch_deep'], 'InsearchDEEPMark' => $user['insearch_deep_mark'], 'InsearchDiploma' => (bool) $user['insearch_diploma'], 'InsearchDiplomaMark' => $user['insearch_diploma_mark'], 'FoundationCourse' => (bool) $user['foundation_course'], 'FoundationCourseMark' => $user['foundation_course_mark'], 'CreatorId' => 123456]);
$message = Notification::renderEmail('emails/registration.html', ['name' => $user['name']]);
Notification::sendEmail($user['email'], $user['name'], 'Registration Successful', $message);
User::setFirstUse();
User::setLastLogin();
Session::setSuccess('You have successfully saved your registration details.');
Session::redirect('/');
}
// Get the user
$page['user'] = User::getUser();
$page['educational-backgrounds'] = ['hsc' => ['label' => 'HSC', 'key' => 'hsc'], 'ielts' => ['label' => 'IELTS', 'key' => 'ielts'], 'toefl' => ['label' => 'TOEFL', 'key' => 'toefl'], 'tafe' => ['label' => 'TAFE', 'key' => 'tafe'], 'cult' => ['label' => 'CULT', 'key' => 'cult'], 'insearchDeep' => ['label' => 'Insearch DEEP', 'key' => 'insearchDeep'], 'insearchDiploma' => ['label' => 'Insearch Diploma', 'key' => 'insearchDiploma'], 'foundationCourse' => ['label' => 'Foundation Course', 'key' => 'foundationCourse']];
if ($value->BookingArchived == null && $value->attended == null && strtotime(Session::getCurrentDateTime()) > strtotime($value->starting)) {
$page['booking'] = $value;
} else {
Session::setError('Booking has not been completed, please try again.');
Session::redirect('/bookings');
}
}
}
}
if ($page['booking'] == null) {
Session::setError('Booking does not exist, please try again.');
Session::redirect('/bookings');
}
// Make sure attendance hasn't already been recorded for this booking,
// or the booking hasn't been set as cancelled
$attendance = Attendance::getAttendance($bookingId);
if ($attendance != null) {
Session::setError('You have already recorded attendance for this workshop.');
Session::redirect('/bookings');
}
// If the request is a post
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
$createNonAttendance = Attendance::createNonAttendance($bookingId, $page['booking']->workshopID);
$updateBooking = UTSHelpsAPI::UpdateWorkshopBooking(['workshopId' => $page['booking']->workshopID, 'studentId' => User::getPaddedId(), 'Attended' => 0, 'Canceled' => 0, 'userId' => 123]);
if ($createNonAttendance && $updateBooking != null && $updateBooking->IsSuccess == 1 && User::addStrike()) {
Session::setSuccess('Successfully recorded non-attendance for this booking.');
Session::redirect('/bookings');
}
Session::setError('Unable to record non-attendance for this booking, please try again.');
Session::redirect('/bookings');
}
<?php
// Import our modules
require __DIR__ . '/modules/AltoRouter/AltoRouter.php';
require __DIR__ . '/modules/h2o-php/h2o.php';
require __DIR__ . '/modules/UTSHelpsAPI/UTSHelpsAPI.php';
require __DIR__ . '/modules/mandrill/Mandrill.php';
// Import our models
require __DIR__ . '/models/autoload.php';
// Import our config files
require __DIR__ . '/config/session.php';
require __DIR__ . '/config/config.php';
$router = new AltoRouter();
require __DIR__ . '/config/routes.php';
$match = $router->match();
header("X-Processed-By: AltoRouter");
if ($match && is_callable($match['target'])) {
call_user_func_array($match['target'], $match['params']);
} else {
Session::redirect('/404');
}
if (isset($_GET['url'])) {
$params = array();
$params = explode("/", filter_var($_GET['url'], FILTER_SANITIZE_URL));
$controller = ucwords($params[0]);
if (isset($params[1]) && !empty($params[1])) {
$action = $params[1];
}
if (isset($params[2]) && !empty($params[2])) {
$query = $params[2];
}
if (isset($params[3]) && !empty($params[3])) {
$key = '&' . $params[3];
}
}
$modelName = $controller;
$controller .= 'Controller';
$query .= $key;
Session::set('url_query', $query);
try {
if (file_exists(HOME . DS . '/Controllers/' . $controller . '.php')) {
$load = new $controller($modelName, $action);
if (method_exists($load, $action)) {
$load->{$action}($query);
}
} else {
/* invalid controller go to login page as may be an attack */
Session::redirect(DEFAULT_PAGE);
}
} catch (Exception $e) {
echo 'Error: ' . $e->getMessage();
}
<?php
/**
* @var $page
*/
if ($page['user']['usertype'] != "1") {
Session::setError('You are not able to accept an Offer');
Session::redirect('/');
}
$offer = Offer::getOfferSingle($page['parameters']['id']);
if ($offer == null) {
Session::setError('Offer does not exist');
Session::redirect('/');
}
$advertisement = Advertisement::getAdvertisement($offer['advertisement']);
if ($advertisement['owner'] != $page['user']['id']) {
Session::setError('You do not own this offers parent advertisement');
Session::redirect('/');
}
if ($offer['status'] != "0") {
Session::setError('Offer can not be accepted.');
Session::redirect('/');
}
$accepted = Offer::acceptOffer($page['parameters']['id']);
if ($accepted) {
Session::setSuccess('Successfully accepted offer');
Session::redirect('/offers/view/' . $offer['advertisement']);
}
Session::setError('Something went wrong, please try again.');
Session::redirect('/offers/view/' . $offer['advertisement']);
/**
* Create a new user
*
* @param $details
* @return bool
*/
static function createUser($details)
{
// Make sure the email doesn't already exist
if (self::getUserId($details['email']) != null) {
Session::setError('Email has already been used before, please use a different one.');
Session::redirect('/signup');
}
$id = self::getNextId();
if ($details['user-type'] == "employer") {
$usertype = 1;
} else {
$usertype = 0;
}
if ($details['password'] == $details['confirm-password']) {
$password = self::hashPassword($details['password']);
} else {
$password = '';
Session::setError('Passwords do not match, please try again.');
Session::redirect('/signup');
}
$mysql = new MySQL();
$results = $mysql->query('INSERT INTO user(id, usertype, name, email, password, contactno, aboutme, qualifications, website, companyname, companylocation, availability) VALUES (:id, :usertype, :name, :email, :password, :contactno, :aboutme, :qualifications, :website, :companyname, :companylocation, :availability)', [':id' => $id, ':usertype' => $usertype, ':name' => $details['name'], ':email' => $details['email'], ':password' => $password, ':contactno' => $details['contactno'], ':aboutme' => $details['aboutme'], ':qualifications' => $details['qualifications'], ':website' => $details['website'], ':companyname' => $details['companyname'], ':companylocation' => $details['companylocation'], ':availability' => $details['availability']]);
return $results['success'];
}
public function logout()
{
try {
Session::destroy();
Session::redirect('/users/index');
} catch (Exception $e) {
echo "Application error:" . $e->getMessage();
}
}
<?php
/**
* @var $page
*/
if ($page['user'] != null) {
Session::setError('You are already signed up!');
Session::redirect('/profile');
}
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
$createUser = User::createUser($_POST['signup']);
if ($createUser) {
Session::setSuccess('Signup successful! You can now login.');
Session::redirect('/login');
}
Session::setError('Unable to sign you up, please try again.');
Session::redirect('/signup');
}
<?php
$page['loggedin'] = false;
if (User::isLoggedIn()) {
// If it's the user's first use, make sure they register
if (User::firstUse()) {
Session::setError('You have to register first before using this service.');
Session::redirect('/register');
}
$page['loggedin'] = true;
// search for the users bookings
$bookings = UTSHelpsAPI::SearchWorkshopBookings(['studentId' => User::getPaddedId(), 'pageSize' => 9999, 'active' => true]);
$currentTime = strtotime(Session::getCurrentDateTime());
$count = 0;
// Get all the upcoming bookings
if ($bookings != null && $bookings->IsSuccess == 1) {
foreach ($bookings->Results as $booking) {
// if booking archived field does not have a date, it hasn't been canceled or attended
if ($booking->BookingArchived == null && strtotime($booking->starting) > $currentTime && $booking->canceled === null && $booking->attended === null) {
$count++;
}
}
}
$page['bookingCount'] = $count;
// Get all of the workshops for the workshop listings
$workshops = UTSHelpsAPI::ListWorkshopSets(true);
if ($workshops != null && $workshops->IsSuccess == 1) {
$page['workshops'] = count($workshops->Results);
} else {
$page['workshops'] = 0;
}
// Make sure the user is a user that can make an offer
$user = User::getUser();
if ($user['usertype'] != "0") {
Session::setError('You are not the correct user type to make an offer');
Session::redirect('/');
}
// Make sure it is a valid advertisement and it can take offers
$advertisement = Advertisement::getAdvertisement($page['parameters']['id']);
if ($advertisement == null || $advertisement['status'] != "1") {
Session::setError('This advertisement does not exist or is not able to be offered.');
Session::redirect('/');
}
$page['advertisement'] = $advertisement;
// Check if this user has already made an offer
$offers = Offer::getOffersForUser(User::getId());
foreach ($offers as $offer) {
if ($offer['advertisement'] == $page['parameters']['id']) {
Session::setError('You have already sent an offer for this Advertisement.');
Session::redirect('/advertisement/' . $page['parameters']['id']);
}
}
// if the form is posted
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
$newOffer = Offer::createOffer(User::getId(), $page['parameters']['id'], $_POST['makeOffer']['description']);
if ($newOffer) {
Session::setSuccess('Successfully added offer!');
Session::redirect('/profile');
}
Session::setError('Unable to create offer, an unknown error occured, please try again');
Session::redirect('/advertisement/' . $page['parameters']['id']);
}
<?php
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
Session::setSuccess('Message sent successfully!');
Session::redirect('/contact');
}
foreach ($page['offers'] as &$offer) {
// trim the description
if (strlen($offer['description']) > 150) {
$offer['description'] = substr($offer['description'], 0, 150) . '...';
}
$offer['parentAdvertisement'] = Advertisement::getAdvertisement($offer['advertisement']);
// get the owner details if the offer has been accepted
if ($offer['status'] == "1" || $offer['status'] == "3") {
$offer['ownerDetails'] = User::getUser($offer['parentAdvertisement']['owner']);
}
if ($offer['status'] == "3") {
$offer['yourRating'] = Rating::getRating($offer['id'], User::getId());
if ($offer['yourRating'] != null) {
$offer['yourRating']['rating'] = Rating::getStarsArray($offer['yourRating']['rating']);
}
$offer['theirRating'] = Rating::getRating($offer['id'], $offer['ownerDetails']['id']);
if ($offer['theirRating'] != null) {
$offer['theirRating']['rating'] = Rating::getStarsArray($offer['theirRating']['rating']);
}
}
}
// if it is posted
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
$updateUser = User::updateUser($_POST['profile']);
if ($updateUser) {
Session::setSuccess('Details updated successfully!');
Session::redirect('/profile');
}
Session::setError('Unable to update details, please try again.');
Session::redirect('/profile');
}
