public function configure()
{
//Narrow down options.
//We must just show those ads owned by the office's company.
$query = AdTable::getInstance()->getAdsByCompanyIdQuery($this->getOption('companyId'));
$this->useFields(array('ad_id'));
$this->widgetSchema['ad_id'] = new sfWidgetFormDoctrineChoice(array('model' => $this->getRelatedModelName('Ad'), 'add_empty' => false, 'multiple' => true, 'expanded' => false, 'renderer_class' => 'sfWidgetFormSelectDoubleList', 'query' => $query));
$this->validatorSchema['ad_id'] = new sfValidatorDoctrineChoice(array('model' => $this->getRelatedModelName('Ad'), 'multiple' => true, 'query' => $query));
$this->widgetSchema->setLabel('ad_id', false);
$this->widgetSchema->getFormFormatter()->setTranslationCatalogue('office_ads_form');
}
<?php
require_once "../models/AdTable.php";
session_start();
$ads = new AdTable();
if (isset($_POST["delete"]) && isset($_SESSION["user"]) && isset($_GET["ad"])) {
$ads->user = $_SESSION["user"];
$ads->deleteAd($_GET["ad"]);
header("Location: http://adlister.dev");
exit;
}
if (isset($_POST["title"]) && isset($_SESSION["user"]) && isset($_GET["ad"])) {
$ads->user = $_SESSION["user"];
$ads->editAd($_POST, $_GET["ad"]);
header("Location: http://adlister.dev/ads.show.php?ad={$_GET["ad"]}");
}
if (isset($_GET["ad"])) {
if (isset($_SESSION["user"])) {
try {
$ad = $ads->loadAd($_GET["ad"]);
} catch (Exception $e) {
echo "Invalid Ad id.";
exit;
}
if ($_SESSION["user"] != $ad["owner"]) {
echo "this is not your ad, you do not have permission to edit it.";
exit;
} else {
extract($ad);
}
} else {
public function executeDelete(sfWebRequest $request)
{
$request->checkCSRFProtection();
$this->forward404Unless($ad = Doctrine_Core::getTable('Ad')->find(array($request->getParameter('id'))), sprintf('Object ad does not exist (%s).', $request->getParameter('id')));
//Get user Id
$userId = $this->getUser()->getGuardUser()->getId();
//Get company owned by that user
$companyUserId = CompanyTable::getInstance()->findOneByUserId($userId)->getId();
//Get id number sent by the user (never trust the users)
$adId = $request->getParameter('id');
$companyId = AdTable::getInstance()->findOneById($adId)->getCompanyId();
$this->forward404Unless($companyId == $companyUserId, sprintf('Ad does not exist (%s).', $request->getParameter('id')));
//Remove picture from file system.
$fs = new sfFilesystem();
$fs->remove(sfConfig::get('app_default_picture_directory') . $ad->getAdMobileImage());
//Remove ad from database.
$ad->delete();
$this->redirect('ad/index');
}
<?php
require_once "../models/AdTable.php";
if (isset($_POST["amount"])) {
$amount = (int) $_POST["amount"];
} else {
$amount = 12;
}
if (isset($_POST["page"])) {
$offset = ($_POST["page"] - 1) * $amount;
} else {
$offset = 0;
}
$load = new AdTable();
if ($_POST["search"] == "") {
$ads = $load->loadAds($offset, $amount);
} else {
$ads = $load->searchAll($offset, $amount, $_POST["search"]);
}
if (!isset($data["images"][0])) {
$data["images"][0] = "img/no_image_available.png";
}
echo $ads;
<?php
require_once "../models/AdTable.php";
if (isset($_POST["change"])) {
if ($_POST["change"] == "add") {
if (!empty($_FILES["images"])) {
$data["images"] = $_FILES["images"];
}
foreach ($_POST as $key => $value) {
$data[$key] = $value;
}
session_start();
unset($data["change"]);
$data["categories"] = "derp";
$add = new AdTable();
$add->user = $_SESSION["user"];
$add->addAd($data);
header('Location: http://adlister.dev');
}
}
<?php
session_start();
require_once "../models/AdTable.php";
if (isset($_GET["ad"])) {
$ad = new AdTable();
$data = $ad->loadAd($_GET["ad"]);
if (!isset($data["images"][0])) {
$data["images"][0] = "img/no_image_available.png";
}
}
?>
<!DOCTYPE html>
<head>
<script src="https://ajax.googleapis.com/ajax/libs/jquery/2.1.3/jquery.min.js"></script>
<link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.5/css/bootstrap.min.css">
<link rel="stylesheet" href="../css/home.css">
<title>Krieger's List</title>
<?php
include '../views/partials/navbar.php';
?>
</head>
<style type="text/css">
.carousel-inner{
width:100%;
max-height: 500px !important;
min-height: 500px;
}
</style>
<html>
