public function configure() { //Narrow down options. //We must just show those ads owned by the office's company. $query = AdTable::getInstance()->getAdsByCompanyIdQuery($this->getOption('companyId')); $this->useFields(array('ad_id')); $this->widgetSchema['ad_id'] = new sfWidgetFormDoctrineChoice(array('model' => $this->getRelatedModelName('Ad'), 'add_empty' => false, 'multiple' => true, 'expanded' => false, 'renderer_class' => 'sfWidgetFormSelectDoubleList', 'query' => $query)); $this->validatorSchema['ad_id'] = new sfValidatorDoctrineChoice(array('model' => $this->getRelatedModelName('Ad'), 'multiple' => true, 'query' => $query)); $this->widgetSchema->setLabel('ad_id', false); $this->widgetSchema->getFormFormatter()->setTranslationCatalogue('office_ads_form'); }
<?php require_once "../models/AdTable.php"; session_start(); $ads = new AdTable(); if (isset($_POST["delete"]) && isset($_SESSION["user"]) && isset($_GET["ad"])) { $ads->user = $_SESSION["user"]; $ads->deleteAd($_GET["ad"]); header("Location: http://adlister.dev"); exit; } if (isset($_POST["title"]) && isset($_SESSION["user"]) && isset($_GET["ad"])) { $ads->user = $_SESSION["user"]; $ads->editAd($_POST, $_GET["ad"]); header("Location: http://adlister.dev/ads.show.php?ad={$_GET["ad"]}"); } if (isset($_GET["ad"])) { if (isset($_SESSION["user"])) { try { $ad = $ads->loadAd($_GET["ad"]); } catch (Exception $e) { echo "Invalid Ad id."; exit; } if ($_SESSION["user"] != $ad["owner"]) { echo "this is not your ad, you do not have permission to edit it."; exit; } else { extract($ad); } } else {
public function executeDelete(sfWebRequest $request) { $request->checkCSRFProtection(); $this->forward404Unless($ad = Doctrine_Core::getTable('Ad')->find(array($request->getParameter('id'))), sprintf('Object ad does not exist (%s).', $request->getParameter('id'))); //Get user Id $userId = $this->getUser()->getGuardUser()->getId(); //Get company owned by that user $companyUserId = CompanyTable::getInstance()->findOneByUserId($userId)->getId(); //Get id number sent by the user (never trust the users) $adId = $request->getParameter('id'); $companyId = AdTable::getInstance()->findOneById($adId)->getCompanyId(); $this->forward404Unless($companyId == $companyUserId, sprintf('Ad does not exist (%s).', $request->getParameter('id'))); //Remove picture from file system. $fs = new sfFilesystem(); $fs->remove(sfConfig::get('app_default_picture_directory') . $ad->getAdMobileImage()); //Remove ad from database. $ad->delete(); $this->redirect('ad/index'); }
<?php require_once "../models/AdTable.php"; if (isset($_POST["amount"])) { $amount = (int) $_POST["amount"]; } else { $amount = 12; } if (isset($_POST["page"])) { $offset = ($_POST["page"] - 1) * $amount; } else { $offset = 0; } $load = new AdTable(); if ($_POST["search"] == "") { $ads = $load->loadAds($offset, $amount); } else { $ads = $load->searchAll($offset, $amount, $_POST["search"]); } if (!isset($data["images"][0])) { $data["images"][0] = "img/no_image_available.png"; } echo $ads;
<?php require_once "../models/AdTable.php"; if (isset($_POST["change"])) { if ($_POST["change"] == "add") { if (!empty($_FILES["images"])) { $data["images"] = $_FILES["images"]; } foreach ($_POST as $key => $value) { $data[$key] = $value; } session_start(); unset($data["change"]); $data["categories"] = "derp"; $add = new AdTable(); $add->user = $_SESSION["user"]; $add->addAd($data); header('Location: http://adlister.dev'); } }
<?php session_start(); require_once "../models/AdTable.php"; if (isset($_GET["ad"])) { $ad = new AdTable(); $data = $ad->loadAd($_GET["ad"]); if (!isset($data["images"][0])) { $data["images"][0] = "img/no_image_available.png"; } } ?> <!DOCTYPE html> <head> <script src="https://ajax.googleapis.com/ajax/libs/jquery/2.1.3/jquery.min.js"></script> <link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.5/css/bootstrap.min.css"> <link rel="stylesheet" href="../css/home.css"> <title>Krieger's List</title> <?php include '../views/partials/navbar.php'; ?> </head> <style type="text/css"> .carousel-inner{ width:100%; max-height: 500px !important; min-height: 500px; } </style> <html>