public function modifyUser()
{
$post = $this->input->post();
if (isset($post['id']) && $post['id'] !== null) {
if ($this->session->admin == true) {
$mode = 'enabled';
} else {
$mode = 'disabled';
}
if ($mode == 'disabled' && $post['id'] != $this->uid) {
$error = array('status' => 'error', 'msg' => 'You do not have permission to edit this user.');
echo json_encode($error);
exit;
}
$userForm = array('name' => 'update', 'id' => 'modifyUserForm', 'enctype' => 'multipart/form-data', 'class' => 'form-horizontal');
$data = array('userDetails' => User_Model::getAllUserDetails($post['id']), 'allDepts' => Department_Model::getAllDepartments(), 'userReviewDepts' => Reviewer_Model::getDepartmentsForReviewer($post['id']), 'newUserObj' => new User_Model($post['id']), 'mode' => $mode, 'formDetails' => $userForm);
$this->load->view('user/modify_user_view', $data);
} else {
$this->session->set_flashdata('error', 'You attempted to access the profile page in an unauthorized manner.');
redirect($_SERVER['HTTP_REFERER']);
}
}
public function processUserInformation($post)
{
$newUserObj = new User_Model($post['id']);
if ($post['id'] !== $this->session->id && !$this->session->admin) {
$error = array('status' => 'error', 'msg' => 'You do not have permission to edit this user.');
echo json_encode($error);
exit;
}
if (!isset($post['admin']) or $post['admin'] == '') {
$post['admin'] = '0';
}
if (!isset($post['can_add']) or $post['can_add'] == '') {
$post['can_add'] = '0';
}
if (!isset($post['can_checkin']) or $post['can_checkin'] == '') {
$post['can_checkin'] = '0';
}
// UPDATE admin info
if ($this->admin) {
$adminArray = array('admin' => $post['admin'], 'id' => $post['id']);
self::updateAdmin($adminArray);
}
// UPDATE into user
if ($this->session->admin) {
$this->db->set('username', $post['username']);
$this->db->set('can_add', $post['can_add']);
$this->db->set('can_checkin', $post['can_checkin']);
}
if (!empty($post['password'])) {
$this->db->set('password', password_hash($post['password'], PASSWORD_DEFAULT));
}
if ($newUserObj->isAdmin()) {
if (isset($post['department'])) {
$this->db->set('department', $post['department']);
}
}
if (isset($post['phonenumber'])) {
$this->db->set('phone', $post['phone']);
}
if (isset($post['email'])) {
$this->db->set('email', $post['email']);
}
if (isset($post['last_name'])) {
$this->db->set('last_name', $post['last_name']);
}
if (isset($post['first_name'])) {
$this->db->set('first_name', $post['first_name']);
}
$this->db->where('id', $post['id']);
$this->db->update('user');
if ($this->session->admin) {
Reviewer_Model::deleteReviewer($post['id']);
if (isset($post['department_review'])) {
for ($i = 0; $i < sizeof($post['department_review']); $i++) {
$reviewerArray = array('dept_id' => $post['department_review'][$i], 'user_id' => $post['id']);
Reviewer_Model::newReviewer($reviewerArray);
}
}
}
$msg = array('status' => 'success', 'msg' => 'You have successfully updated this users profile.');
echo json_encode($msg);
}