public static function manage() { $league = current(LeagueModel::get($_GET["id"])); // check permissions $visitor = User::getVisitor(); if ($visitor->id != $league->managerId) { Controller::requirePermissions(["AdminAllLeagues"]); } if (!empty($_POST)) { if (array_key_exists("update-team-numbers", $_POST)) { $teams = $league->getAssignedTeams(); foreach ($teams as $team) { if (array_key_exists("team" . $team->id . "number", $_POST)) { Team::update($team->id, null, null, null, null, $_POST["team" . $team->id . "number"]); } } Controller::addAlert(new Alert("success", "Team assigned numbers updated successfully")); } else { if (array_key_exists("update-league-details", $_POST)) { LeagueModel::update($_POST["id"], $_POST["name"], $_POST["manager"]); Controller::addAlert(new Alert("success", "League details updated successfully")); $league = current(LeagueModel::get($_POST["id"])); } } } // construct fixtures $fixtures = Fixture::get(null, $league->id); View::load("acp/league_manage.twig", ["users" => User::get(), "league" => $league, "fixtures" => $fixtures, "unassignedTeams" => Team::get(null, null, null, false, $_GET["id"])]); }
public static function delete() { Controller::requirePermissions(["AdminAccessDashboard"]); $fixture = current(FixtureModel::get($_GET["id"])); if (!$fixture) { Controller::addAlert(new Alert("success", "The specified fixture does not exist")); Controller::redirect("/acp/league"); } $league = $fixture->getLeague(); // check permissions $visitor = UserModel::getVisitor(); if ($visitor->id != $league->managerId) { Controller::requirePermissions(["AdminAllLeagues"]); } $fixture->delete(); Controller::addAlert(new Alert("success", "Fixture deleted successfully")); Controller::redirect("/acp/league/manage?id=" . $league->id); }
public static function delete() { Controller::requirePermissions(["AdminAccessDashboard"]); if (!array_key_exists("id", $_GET)) { Controller::redirect("/acp/league"); } $section = current(LeagueSectionModel::get($_GET["id"])); // check permissions $visitor = User::getVisitor(); if ($visitor->id != $section->getLeague()->managerId) { Controller::requirePermissions(["AdminAllLeagues"]); } try { $section->delete(); Controller::addAlert(new Alert("success", "League section deleted successfully")); } catch (ObjectCannotBeDeletedException $e) { Controller::addAlert(new Alert("danger", "You cannot delete a section which has teams assigned to it. Please reassign the teams to an alternative section first")); } Controller::redirect("/acp/league/manage?id=" . $section->getLeague()->id); }
public static function login() { if (UserModel::getVisitor()->id != 0) { Controller::redirect(array_key_exists("r", $_GET) ? urlencode($_GET["r"]) : ""); } if (empty($_POST)) { View::load("user/login.twig", ["redirectTo" => array_key_exists("r", $_GET) ? urlencode($_GET["r"]) : ""]); } else { if (isset($_POST["register"]) && $_POST["register"]) { Controller::redirect(ForumsFactory::getForumsInstance()->getRegistrationPage(isset($_POST["email"]) ? $_POST["email"] : null), true); } try { UserModel::attemptLogin($_POST["email"], $_POST["password"], isset($_POST["remember-me"])); Controller::addAlert(new Alert("success", "You have been logged in successfully")); Controller::redirect(array_key_exists("r", $_GET) ? $_GET["r"] : ""); } catch (Exception $e) { Controller::addAlert(new Alert("danger", "The login credentials you entered were incorrect, please try again")); Controller::redirect("/user/login"); } } }
/** * Check if user has proper permissions and throw exception if not * * @param \sma\models\Permission|\sma\models\Permission[] $permissions required permissions * @param string $requirement 'all' to require all permissions listed, 'any' to require at least * one of them */ public static function requirePermissions($permissions, $requirement = "all") { static::requireLoggedInUser(); if (!User::getVisitor()->checkPermissions($permissions, $requirement)) { ErrorHandler::forbidden(); } }
/** * Register global variables * * @param Twig_Environment $twig twig environment * @return Twig_Environment twig environment */ private static function registerGlobalVariables($twig) { $twig->addGlobal("base_url", BASE_URL); $twig->addGlobal("base_links_url", BASE_LINKS_URL); $twig->addGlobal("base_view_url", BASE_VIEW_URL); $twig->addGlobal("base_assets_url", BASE_ASSETS_URL); $twig->addGlobal("site_name", SITE_NAME); $twig->addGlobal("show_request_times", SHOW_REQUEST_TIMES); $alerts = Controller::getAlerts(); if (!empty($alerts)) { $twig->addGlobal("alerts", $alerts); } if (Installer::getDatabaseStatus() == Installer::DATABASE_STATUS_INSTALLED) { $twig->addGlobal("visitor", User::getVisitor()); } return $twig; }
public static function updateplayer() { Controller::requireFields("get", ["id"], "/acp/team"); $player = current(Player::get($_GET["id"])); if (!User::getVisitor()->checkPermissions(["RegisterTeamsForAnyOrganization"])) { Controller::requirePermissions(["RegisterTeamsForOwnOrganization"]); if ($player->getTeam()->organizationId != User::getVisitor()->organizationId) { ErrorHandler::forbidden(); } } if ($_GET["exempt"] == 1 && !$player->exempt) { if ($player->getTeam()->getNumberOfExemptPlayers() >= MAX_EXEMPTS) { Controller::addAlert(new Alert("danger", "You have already starred the maximum number of players")); Controller::redirect("/team/edit?id=" . $player->getTeam()->id); } } Player::update($player->id, null, (bool) $_GET["exempt"]); Controller::addAlert(new Alert("success", "Player updated successfully")); Controller::redirect("/team/edit?id=" . $player->getTeam()->id); }
public static function submitted() { Controller::requirePermissions(["SubmitMatchReports"]); $visitor = User::getVisitor(); $teams = Team::get(null, $visitor->organizationId); $teamIds = []; foreach ($teams as $team) { $teamIds[] = $team->id; } $reports = MatchReport::get(null, null, null, $teamIds, 25); View::load("match/submitted.twig", ["organizationReports" => $reports, "userReports" => MatchReport::get(null, null, $visitor->id, null, 25)]); }