public function initUser($userid = null, $alert = true, $forceinternal = false) { $user = JFactory::getUser(); $this->userid = $userid; $this->authed = false; // Check whether this call is legitimate if (!empty($user->id) && !$forceinternal) { // Overwrite the given userid when user is logged in $this->userid = $user->id; $this->authed = true; return null; } if (empty($this->userid) || $forceinternal) { // setup hybrid or internal call $this->authed = null; return null; } if (!$this->userid) { return null; } if (AECToolbox::quickVerifyUserID($this->userid) === true) { // This user is not expired, so she could log in... if ($alert) { return getView('access_denied'); } } else { $db = JFactory::getDBO(); $this->userid = xJ::escape($db, $userid); // Delete set userid if it doesn't exist if (!is_null($this->userid)) { $query = 'SELECT `id`' . ' FROM #__users' . ' WHERE `id` = \'' . $this->userid . '\''; $db->setQuery($query); if (!$db->loadResult()) { $this->userid = null; } } } return null; }
function cancelInvoice($option, $invoice_number, $pending = 0, $userid, $return = null) { $user = JFactory::getUser(); if (empty($user->id)) { if ($userid) { if (AECToolbox::quickVerifyUserID($userid) === true) { // This user is not expired, so he could log in... return getView('access_denied'); } } else { return getView('access_denied'); } } else { $userid = $user->id; } $invoiceid = aecInvoiceHelper::InvoiceIDfromNumber($invoice_number, $userid); // Only allow a user to access existing and own invoices if ($invoiceid) { $objInvoice = new Invoice(); $objInvoice->load($invoiceid); $objInvoice->cancel(); } else { return getView('access_denied'); } if ($pending) { getView('pending'); } else { if (!empty($return)) { aecRedirect(base64_decode($return)); } else { getView('subscriptiondetails', array('sub' => 'invoices')); } } }