// Admin only if ($user->role !== 1) { $response->status = 403; $response->message = 'Forbidden'; $response->json($response); } // Prepare and sanitize post input $api->setInputs($_POST); //$response->data = $model->usersAll(NULL); $user = $model->userFind(array('mail' => $api->getInputVal('mail'))); if ($user) { $response->status = 409; $response->message = 'User with email ' . $api->getInputVal('mail') . ' already exists'; $response->json($response); } if (!$model->userCreate(array('sid' => Ut::token(), 'mail' => $api->getInputVal('mail'), 'pw' => md5($api->getInputVal('pw'))))) { $response->status = 500; $response->message = 'Unable to create an user'; $response->json($response); } $response->data = array('id' => $db->inserId()); $response->json($response); } elseif ($route->match('adminuserread', 1)) { // Admin only if ($user->role !== 1) { $response->status = 403; $response->message = 'Forbidden'; $response->json($response); } $api->setInputs(array('id' => $route->getParam(0))); $response->data = $model->userFind(array('id' => $api->getInputVal('id')));
/** * Update password * * @return void */ public function passwordUpdate() { $token = $this->getInputVal('token'); if (!$token) { $this->setErrors('Token not found'); return false; } $password = $this->model->passwordFind(array('token' => $token, 'confirmed' => 0)); if (!$password) { $this->setErrors('Password request not found'); return false; } $input = array('sid' => Ut::token(), 'pw' => md5($this->getInputVal('pw'))); if (!$this->model->userUpdate($input, array('id' => $password->user_id))) { $this->setErrors('Cannot update password'); return false; } $this->model->passwordUpdate(array('confirmed' => 1), array('id' => $password->id)); return true; }