Exemple #1
0
 public function modifyUser()
 {
     $post = $this->input->post();
     if (isset($post['id']) && $post['id'] !== null) {
         if ($this->session->admin == true) {
             $mode = 'enabled';
         } else {
             $mode = 'disabled';
         }
         if ($mode == 'disabled' && $post['id'] != $this->uid) {
             $error = array('status' => 'error', 'msg' => 'You do not have permission to edit this user.');
             echo json_encode($error);
             exit;
         }
         $userForm = array('name' => 'update', 'id' => 'modifyUserForm', 'enctype' => 'multipart/form-data', 'class' => 'form-horizontal');
         $data = array('userDetails' => User_Model::getAllUserDetails($post['id']), 'allDepts' => Department_Model::getAllDepartments(), 'userReviewDepts' => Reviewer_Model::getDepartmentsForReviewer($post['id']), 'newUserObj' => new User_Model($post['id']), 'mode' => $mode, 'formDetails' => $userForm);
         $this->load->view('user/modify_user_view', $data);
     } else {
         $this->session->set_flashdata('error', 'You attempted to access the profile page in an unauthorized manner.');
         redirect($_SERVER['HTTP_REFERER']);
     }
 }
Exemple #2
0
 public function processUserInformation($post)
 {
     $newUserObj = new User_Model($post['id']);
     if ($post['id'] !== $this->session->id && !$this->session->admin) {
         $error = array('status' => 'error', 'msg' => 'You do not have permission to edit this user.');
         echo json_encode($error);
         exit;
     }
     if (!isset($post['admin']) or $post['admin'] == '') {
         $post['admin'] = '0';
     }
     if (!isset($post['can_add']) or $post['can_add'] == '') {
         $post['can_add'] = '0';
     }
     if (!isset($post['can_checkin']) or $post['can_checkin'] == '') {
         $post['can_checkin'] = '0';
     }
     // UPDATE admin info
     if ($this->admin) {
         $adminArray = array('admin' => $post['admin'], 'id' => $post['id']);
         self::updateAdmin($adminArray);
     }
     // UPDATE into user
     if ($this->session->admin) {
         $this->db->set('username', $post['username']);
         $this->db->set('can_add', $post['can_add']);
         $this->db->set('can_checkin', $post['can_checkin']);
     }
     if (!empty($post['password'])) {
         $this->db->set('password', password_hash($post['password'], PASSWORD_DEFAULT));
     }
     if ($newUserObj->isAdmin()) {
         if (isset($post['department'])) {
             $this->db->set('department', $post['department']);
         }
     }
     if (isset($post['phonenumber'])) {
         $this->db->set('phone', $post['phone']);
     }
     if (isset($post['email'])) {
         $this->db->set('email', $post['email']);
     }
     if (isset($post['last_name'])) {
         $this->db->set('last_name', $post['last_name']);
     }
     if (isset($post['first_name'])) {
         $this->db->set('first_name', $post['first_name']);
     }
     $this->db->where('id', $post['id']);
     $this->db->update('user');
     if ($this->session->admin) {
         Reviewer_Model::deleteReviewer($post['id']);
         if (isset($post['department_review'])) {
             for ($i = 0; $i < sizeof($post['department_review']); $i++) {
                 $reviewerArray = array('dept_id' => $post['department_review'][$i], 'user_id' => $post['id']);
                 Reviewer_Model::newReviewer($reviewerArray);
             }
         }
     }
     $msg = array('status' => 'success', 'msg' => 'You have successfully updated this users profile.');
     echo json_encode($msg);
 }