public function edit() { if (!isset($_SESSION['userId']) && $_SESSION['editor'] != true && $_SESSION['admin'] != true) { header('Location: /php_project/application/public/'); exit; } $promotion_id = $this->input->get(0); $promotionDb = new \Models\Promotion(); $promotion = $promotionDb->get('promotion_id = ' . $promotion_id)[0]; if (isset($_POST['promotion_name']) || isset($_POST['discount'])) { $cleaner = new \Framework\Common(); $name = $cleaner->normalize($_POST['promotion_name'], 'trim|xss|string'); $discount = $cleaner->normalize($_POST['discount'], 'trim|xss|float'); if ($name == $promotion['promotoin_name'] && $discount == $promotion['discount']) { header('Location: /php_project/application/public/editor/index'); exit; } $updatePromotion = array(); $updatePromotion['promotion_name'] = $name; $updatePromotion['discount'] = $discount; $updatePromotion['promotion_id'] = $promotion_id; $updatePromotion['user_id'] = $_SESSION['userId']; $promotionDb->update('promotion', $updatePromotion); header('Location: /php_project/application/public/editor/index'); exit; } if (!is_numeric($promotion_id) || !$promotion) { header('Location: /php_project/application/public/'); exit; } $this->view->appendToLayout('body', 'editPromotion'); $this->view->display('layouts.default', $promotion); }
public function remove() { if (!isset($_SESSION['userId']) && $_SESSION['admin'] != true) { header('Location: /php_project/application/public/'); exit; } $promotionDb = new \Models\Promotion(); $promotion_id = $this->input->get(0); $promotion = $promotionDb->get('promotion_id=' . $promotion_id)[0]; if (!is_numeric($promotion_id) || !$promotion) { header('Location: /php_project/application/public/'); exit; } $updatePromotion = array(); $updatePromotion['promotion_id'] = $promotion_id; $updatePromotion['deleted'] = true; $promotionDb->update('promotion', $updatePromotion); header('Location: /php_project/application/public/editor/index'); exit; }