public function executeDelete(sfWebRequest $request) { $request->checkCSRFProtection(); $this->forward404Unless($company_category = Doctrine_Core::getTable('CompanyCategory')->find(array($request->getParameter('id'))), sprintf('Object company_category does not exist (%s).', $request->getParameter('id'))); //Get user Id $userId = $this->getUser()->getGuardUser()->getId(); //Get company owned by that user $companyUserId = CompanyTable::getInstance()->findOneByUserId($userId)->getId(); //Get id number sent by the user (never trust the users) $companyCategoryId = $request->getParameter('id'); $companyId = CompanyCategoryTable::getInstance()->findOneById($companyCategoryId)->getCompanyId(); $this->forward404Unless($companyId == $companyUserId, sprintf('Category does not exist (%s).', $request->getParameter('id'))); //Delete node and its descendants $company_category->getNode()->delete(); $this->redirect('category/index'); }
public function executeUpdate(sfWebRequest $request) { $this->forward404Unless($request->isMethod(sfRequest::POST) || $request->isMethod(sfRequest::PUT)); $this->forward404Unless($company = Doctrine_Core::getTable('Company')->find(array($request->getParameter('id'))), sprintf('Object company does not exist (%s).', $request->getParameter('id'))); //Get user Id $userId = $this->getUser()->getGuardUser()->getId(); //Get company owned by that user and insert value in form $companyUserId = CompanyTable::getInstance()->findOneByUserId($userId)->getId(); //Get id number sent by the user (never trust the users) $id = $request->getParameter('id'); $companyId = CompanyTable::getInstance()->findOneById($id)->getId(); $this->forward404Unless($companyId == $companyUserId, sprintf('Company does not exist (%s).', $request->getParameter('id'))); $this->form = new CompanyForm($company); $this->processForm($request, $this->form); $this->setTemplate('edit'); }
public function executeUpdateLink(sfWebRequest $request) { $this->forward404Unless($request->isMethod(sfRequest::POST) || $request->isMethod(sfRequest::PUT)); $this->forward404Unless($officeAds = Doctrine_Core::getTable('OfficeAds')->find(array($request->getParameter('id'))), sprintf('Object office ads does not exist (%s).', $request->getParameter('id'))); //Get user Id $userId = $this->getUser()->getGuardUser()->getId(); //Get company owned by that user and insert value in form $companyUserId = CompanyTable::getInstance()->findOneByUserId($userId)->getId(); //Get id number sent by the user (never trust the users) $officeAdsId = $request->getParameter('id'); $companyOfficeId = OfficeAdsTable::getInstance()->findOneById($officeAdsId)->getOffice()->getCompanyId(); $this->forward404Unless($companyOfficeId == $companyUserId, sprintf('Office does not exist (%s).', $request->getParameter('id'))); $this->form = new OfficeAdsForm($officeAds, array('companyId' => $companyOfficeId)); $this->sort = $request->getParameter('sort', 'id'); $this->page = $request->getParameter('page', 1); $this->officeId = $officeAds->getOfficeId(); $this->processAdsForm($request, $this->form, $this->sort, $this->page); $this->setTemplate('link'); }
public function executeDelete(sfWebRequest $request) { $request->checkCSRFProtection(); $this->forward404Unless($ad = Doctrine_Core::getTable('Ad')->find(array($request->getParameter('id'))), sprintf('Object ad does not exist (%s).', $request->getParameter('id'))); //Get user Id $userId = $this->getUser()->getGuardUser()->getId(); //Get company owned by that user $companyUserId = CompanyTable::getInstance()->findOneByUserId($userId)->getId(); //Get id number sent by the user (never trust the users) $adId = $request->getParameter('id'); $companyId = AdTable::getInstance()->findOneById($adId)->getCompanyId(); $this->forward404Unless($companyId == $companyUserId, sprintf('Ad does not exist (%s).', $request->getParameter('id'))); //Remove picture from file system. $fs = new sfFilesystem(); $fs->remove(sfConfig::get('app_default_picture_directory') . $ad->getAdMobileImage()); //Remove ad from database. $ad->delete(); $this->redirect('ad/index'); }
/** * @param string $name * @return Company */ public function findOneByName($name) { return CompanyTable::getInstance()->findOneByName($name); }