/** * Updates a particular model. * If update is successful, the browser will be redirected to the 'view' page. * @param integer $id the ID of the model to be updated */ public function actionUpdate($id) { $this->_checkAccess('update'); $quanTriVien = $this->loadModel($id); $PhanQuyen = Phanquyenquantri::model()->getAllAuthorizationById($quanTriVien->ma_qtv); $quanTriVien->setScenario('update'); $quanTriVien->password = ''; if (isset($_POST['Quantrivien'])) { $quanTriVien->attributes = $_POST['Quantrivien']; $quanTriVien->confirmPassword = $_POST['Quantrivien']['confirmPassword']; if ($quanTriVien->validate()) { if ($quanTriVien->password != '') { $quanTriVien->password = Quantrivien::saltPassword($quanTriVien->password); } else { unset($quanTriVien->password); } if ($quanTriVien->save(false)) { //xóa quyền cũ Phanquyenquantri::model()->deleteAllByAttributes(array('ma_qtv' => $quanTriVien->ma_qtv)); $roles = isset($_POST['role']) ? $_POST['role'] : ''; if ($roles) { foreach ($roles as $role) { $phanQuyen = new Phanquyenquantri(); $phanQuyen->ma_quyen = $role; $phanQuyen->ma_qtv = $id; $phanQuyen->save(false); } } $this->redirect(array('admin')); } } } $this->render('update', array('model' => $quanTriVien, 'phanQuyen' => $PhanQuyen)); }
/** * Authenticates an administrator. * @return boolean whether authentication succeeds. */ public function authenticate() { $record = Quantrivien::model()->findByAttributes(array('email' => $this->username)); if (!$record) { $this->errorCode = self::ERROR_USERNAME_INVALID; } elseif ($record->password != Quantrivien::saltPassword($this->password)) { $this->errorCode = self::ERROR_PASSWORD_INVALID; } else { $this->username = $record->ma_qtv; $this->setState('adminId', $record->ma_qtv); $this->setState('adminName', $record->ten_qtv); $this->errorCode = self::ERROR_NONE; } return $this->errorCode; }