Esempio n. 1
0
 public function action_edit()
 {
     $this->template->scripts[] = 'profile.js';
     $this->template->scripts[] = 'file_uploader.js';
     $this->template->styles[] = 'file_uploader.css';
     $lUserId = Input::get('user_id', null);
     $lUser = Model_User::query()->where('id', $lUserId)->get_one()->to_array();
     $lUser = array_merge($lUser, unserialize($lUser['profile_fields']));
     $lIsOwner = $lUser['id'] == $this->current_user['id'];
     $lIsAdmin = $this->current_user['role_id'] == AuthModule::UR_ADMIN;
     if (!$lIsOwner && !$lIsAdmin) {
         throw new Exception('You do not have access');
     }
     //$lUserData = Auth::get_profile_fields();
     //$lUserData['user_id']   = $this->current_user['id'];
     //$lUserData['email']     = Auth::get_email();
     //$lUserData['username']  = Auth::get('username');
     if (!empty($lUser['avatar_id'])) {
         $lUser['avatar'] = Model_Avatars::getById($lUser['avatar_id']);
     }
     $this->template->content = View::forge('user_edit', ['user_data' => $lUser, 'admin_mode' => $lIsAdmin && !$lIsOwner]);
     return $this->template;
 }
Esempio n. 2
0
File: Base.php Progetto: FTTA/devels
 public function before()
 {
     parent::before();
     $this->template = View::forge('main_template');
     $this->template->styles = ['bootstrap.css'];
     $this->template->scripts = ['jquery-1.9.0.min.js', 'sys_func.js', 'users_logout.js', 'form_getter.js', 'users_login.js', 'page.js'];
     $lSession = Session::instance();
     $this->lang = $lSession->get('language', 'en');
     $this->template->i18n = Model_Translations::getAll($this->lang);
     $this->is_logged = Auth::check();
     $this->current_user = null;
     $lSession->set('translation', $this->template->i18n);
     if ($this->is_logged) {
         $this->current_user = Auth::get_profile_fields();
         $this->current_user['id'] = Auth::get('id');
         $this->current_user['username'] = Auth::get('username');
         if (!empty($this->current_user['avatar_id'])) {
             $this->current_user['avatar'] = Model_Avatars::getById($this->current_user['avatar_id']);
         }
         if (!empty($this->current_user['is_deleted'])) {
             Auth::logout();
             HTTP::redirect('/main/accessDenied?msg=error_msg_1');
         }
         if (!empty($this->current_user['is_blocked'])) {
             Auth::logout();
             HTTP::redirect('/main/accessDenied?msg=User is blocked');
         }
     }
     if (!AuthModule::accessGuard(\Request::active()->controller, \Request::active()->action, $this->current_user)) {
         //Request::forge('/main/accessDenied')->execute();
         Response::redirect('/main/accessDenied');
     }
     View::set_global('is_logged', $this->is_logged, false);
     View::set_global('current_user', $this->current_user, false);
     $this->template->header = View::forge('header');
 }
Esempio n. 3
0
 public function action_edit()
 {
     $lUserData = Input::post('user', null);
     $lAvatar = Input::post('avatar', null);
     $lDeleteAvatar = Input::post('delete_avatar', null);
     if (empty($lUserData)) {
         die(json_encode(['status' => 'error', 'message' => 'Empty data for updating user'], JSON_UNESCAPED_UNICODE));
     }
     $lIsOwner = $lUserData['username'] == $this->current_user['username'];
     if ((empty($lUserData['username']) || !$lIsOwner) && !$this->is_admin) {
         die(json_encode(['status' => 'error', 'message' => 'Access denied'], JSON_UNESCAPED_UNICODE));
     }
     $lUserName = $lUserData['username'];
     unset($lUserData['username']);
     try {
         DB::start_transaction();
         $lOldData = Auth::get_profile_fields();
         if (!empty($lAvatar)) {
             $lNewAvatar = FileHandler::prepareFiles($lAvatar, FileHandler::tempFolder());
             foreach ($lNewAvatar as $lVal) {
                 $lUserData['avatar_id'] = Model_Avatars::add(['file_name' => $lVal]);
                 break;
             }
             if (!empty($lOldData['avatar_id'])) {
                 $lToDeleteAvatar = Model_Avatars::getById($lOldData['avatar_id']);
                 Model_Avatars::delete($lOldData['avatar_id']);
             }
         }
         if (!empty($lDeleteAvatar) && empty($lAvatar)) {
             $lOldAvatar = Model_Avatars::getById($lOldData['avatar_id']);
             foreach ($lDeleteAvatar as $lVal) {
                 if ($lVal != $lOldData['avatar_id']) {
                     break;
                 }
                 $lToDeleteAvatar = $lOldAvatar;
                 Model_Avatars::delete($lVal);
                 $lUserData['avatar_id'] = '';
                 break;
             }
         }
         $lResult = Auth::update_user($lUserData, $lUserName);
         if (!empty($lNewAvatar)) {
             FileHandler::moveFiles($lNewAvatar, FileHandler::tempFolder(), FileHandler::AVATAR_FOLDER);
         }
         if (!empty($lToDeleteAvatar)) {
             FileHandler::deleteFiles([FileHandler::AVATAR_FOLDER . $lToDeleteAvatar['file_name']]);
         }
         DB::commit_transaction();
     } catch (Exception $e) {
         DB::rollback_transaction();
         die(json_encode(['status' => 'error', 'message' => 'Error ' . $e], JSON_UNESCAPED_UNICODE));
     }
     if ($lResult) {
         die(json_encode(['status' => 'ok'], JSON_UNESCAPED_UNICODE));
     }
     die(json_encode(['status' => 'error', 'message' => 'Fields not were updated'], JSON_UNESCAPED_UNICODE));
 }