/**
* Log a user into the application.
*
*/
public function login()
{
$this->_pageData = new stdClass();
$this->_pageData->uri = $this->_request->getUri();
$this->_pageData->pageTitle = "Login";
$this->_pageData->loggedIn = $this->_auth->checkLoggedIn();
if ($this->_request->getMethod() === 'post') {
$credentials['email'] = $this->_request->getInput('email');
$credentials['password'] = $this->_request->getInput('password');
$this->_password = $this->_request->getRawInput('password');
Csrf::checkToken($this->_request->getInput('_CSRF'));
if (!($loggedIn = $this->_auth->login($credentials))) {
$this->_pageData->loginError = INVALID_USER_ERROR;
}
}
return $this->_view->make('admin/login', $this->_pageData);
}
/**
* Delete a property.
*
* @param $id
* @return string
*/
public function destroy($id)
{
if (!Csrf::checkToken($this->_request->getInput('_CSRF'))) {
$response = ['status' => 'error', 'message' => 'csrf'];
return $this->_response->returnJson($response);
}
try {
$this->_propertyImage = $this->_propertyImage->findOrFail($id);
$filePath = $_SERVER['DOCUMENT_ROOT'] . $this->_propertyImage->image_full_path;
unlink($filePath);
$this->_propertyImage->delete();
} catch (Exception $e) {
$response = ['status' => 'error', 'message' => GENERIC_UPLOAD_ERROR_MESSAGE];
return $this->_response->returnJson($response);
}
$response = ['status' => 'success'];
return $this->_response->returnJson($response);
}
/**
* Delete a user.
*
* @param $id
*/
public function delete($id)
{
Csrf::checkToken($this->_request->getInput('_CSRF'));
try {
$this->_user = $this->_user->findOrFail($id);
} catch (Exception $e) {
return header('Location: ' . POST_DELETE_USER_URL);
}
$isAdmin = $this->_auth->isAdmin();
//Prevent admin account delete.
if ($id === 1) {
return header('Location: ' . POST_DELETE_USER_URL);
}
//An admin can delete any user but themself.
if ($isAdmin) {
$this->_user->delete();
}
//A user can only delete themself.
if (intval($this->_authenticatedUser) === $id) {
$this->_user->delete();
}
return header('Location: ' . POST_DELETE_USER_URL);
}
/**
* Delete a property.
*
* @param $id
*/
public function destroy($id)
{
Csrf::checkToken($this->_request->getInput('_CSRF'));
try {
$this->_propertyImage = new PropertyImage();
$this->_property = $this->_property->findOrFail($id);
$this->_propertyImage = $this->_propertyImage->where('pid', '=', $id)->get();
foreach ($this->_propertyImage as $image) {
//Delete related image models and image files.
unlink($_SERVER['DOCUMENT_ROOT'] . $image->image_full_path);
$image->delete();
}
$this->_property->delete();
} catch (Exception $e) {
return header('Location: ' . POST_DELETE_PROPERTY_URL);
}
return header('Location: ' . POST_DELETE_PROPERTY_URL);
}
/**
* Update a reservation.
*
* @param $id
* @return string
*/
public function update($id)
{
$this->_auth->redirectIfNotAuthenticated();
if (!Csrf::checkToken($this->_request->getInput('_CSRF'))) {
$response = ['status' => 'error'];
return $this->_response->returnJson($response);
}
try {
$this->_reservation = $this->_reservation->findOrFail($id);
$this->_reservation->status = $this->_request->getInput('reservation-status');
$this->_reservation->save();
} catch (Exception $e) {
$response = ['status' => 'error', 'message' => $e];
return $this->_response->returnJson($response);
}
$response = ['status' => 'success'];
return $this->_response->returnJson($response);
}