public function invitepost()
{
$f3 = \Base::instance();
$this->_requireLogin();
$db = $f3->get('db.instance');
$user = $f3->get('user');
$user_obj = $f3->get('user_obj');
$user_org = $f3->get('user_org');
$user_org_links = $f3->get('user_org_links');
$orgId = (int) $f3->get('PARAMS.id');
// Check if user is part of the organisation
$result = $db->exec('SELECT * FROM organisation_members WHERE orgId = :orgId AND memberId = :memberId', array('orgId' => $orgId, 'memberId' => $user['id']));
if (empty($result)) {
// Not member
new Notification('You are not member of this organisation', 'danger', true);
$f3->reroute('/organisations');
return;
} else {
$orgMap = new Organisation();
$orgMap->load($orgId);
$f3->set('user_org_selected', $orgMap->cast());
if ($f3->exists('POST.name') and !empty($f3->get('POST.name'))) {
$invitedUser = new User();
$invitedUser->load(array('(email = :email OR username = :email) AND deleted_date IS NULL', 'email' => $f3->get('POST.name')));
if (!$invitedUser->loaded()) {
// No user with this email or username
$f3->set('error', 'No user with this email or password');
} else {
// Generate new invitation entry
$security = new Security();
$accept_key = sha1($security->rand_bytes(32));
$db->exec('INSERT INTO organisations_invites(targetId, fromId, orgId, create_time, accept_key) VALUES(:targetId, :fromId, :orgId, :createTime, :acceptKey)', array('targetId' => $invitedUser->id, 'fromId' => $user['id'], 'orgId' => $orgId, 'createTime' => date("Y-m-d H:i:s"), 'acceptKey' => $accept_key));
new Notification("Invited <b>{$invitedUser->name}</b> to join this organisation", 'success', true);
$f3->reroute($f3->get('PATH'));
}
}
$f3->set('target', 'dashboard/organisations/invite.html');
}
$this->_render('base.html');
}
public function resumepost()
{
$f3 = \Base::instance();
$this->_requireLogin();
$user = $f3->get('user');
$user_obj = $f3->get('user_obj');
$user_org = $f3->get('user_org');
$user_org_links = $f3->get('user_org_links');
$errors = [];
if ($f3->exists('POST.username')) {
$username = $f3->get('POST.username');
$username = $f3->scrub($username);
if (preg_match('/^[a-z0-9]{5,}$/', $username)) {
// Filter any already existing username
if ($username != $user['username']) {
$user = new User();
$user->load(array('username = ?', $username));
if ($user->loaded()) {
$errors[] = 'This username is taken.';
} else {
$user_obj->username = $username;
}
}
} else {
$errors[] = 'Username must be at least 5 characters long, with only numbers and lowercase letters in it.';
}
}
if ($f3->exists('POST.fullName')) {
$fullName = $f3->get('POST.fullName');
$fullName = $f3->scrub($fullName);
if (strlen($fullName) > 4) {
$user_obj->name = htmlspecialchars($fullName);
} else {
$errors[] = 'Full name must be at least 5 characters long';
}
}
if ($f3->exists('POST.email')) {
$email = $f3->get('POST.email');
if (filter_var($email, FILTER_VALIDATE_EMAIL)) {
// Filter any already existing email
if ($email != $user['email']) {
$user = new User();
$user->load(array('email = ?', $email));
if ($user->loaded()) {
$errors[] = 'This email is taken.';
} else {
$user_obj->email = $email;
}
}
} else {
$errors[] = 'Incorrect email';
}
}
if ($f3->exists('POST.age')) {
$age = (int) $f3->get('POST.age');
if ($age > 12) {
$user_obj->age = $age;
} else {
$errors[] = 'You need to be at least 13 years old to use this service.';
}
}
// Saving if no errors
if (empty($errors)) {
$user_obj->save();
new Notification('Profile saved', 'success', true);
$f3->reroute($f3->get('PATH'));
return;
} else {
$f3->set('errors', $errors);
}
// Display a notification to masquerading administrators
if ($f3->exists('SESSION.mask')) {
new Notification('You are currently masquerading as a client, <a href="/dashboard/admin/masquerade/reveal">back to your admin account</a>', 'danger', true);
}
$f3->set('target', 'account/resume.html');
$this->_render('base.html');
}
