public function invitepost() { $f3 = \Base::instance(); $this->_requireLogin(); $db = $f3->get('db.instance'); $user = $f3->get('user'); $user_obj = $f3->get('user_obj'); $user_org = $f3->get('user_org'); $user_org_links = $f3->get('user_org_links'); $orgId = (int) $f3->get('PARAMS.id'); // Check if user is part of the organisation $result = $db->exec('SELECT * FROM organisation_members WHERE orgId = :orgId AND memberId = :memberId', array('orgId' => $orgId, 'memberId' => $user['id'])); if (empty($result)) { // Not member new Notification('You are not member of this organisation', 'danger', true); $f3->reroute('/organisations'); return; } else { $orgMap = new Organisation(); $orgMap->load($orgId); $f3->set('user_org_selected', $orgMap->cast()); if ($f3->exists('POST.name') and !empty($f3->get('POST.name'))) { $invitedUser = new User(); $invitedUser->load(array('(email = :email OR username = :email) AND deleted_date IS NULL', 'email' => $f3->get('POST.name'))); if (!$invitedUser->loaded()) { // No user with this email or username $f3->set('error', 'No user with this email or password'); } else { // Generate new invitation entry $security = new Security(); $accept_key = sha1($security->rand_bytes(32)); $db->exec('INSERT INTO organisations_invites(targetId, fromId, orgId, create_time, accept_key) VALUES(:targetId, :fromId, :orgId, :createTime, :acceptKey)', array('targetId' => $invitedUser->id, 'fromId' => $user['id'], 'orgId' => $orgId, 'createTime' => date("Y-m-d H:i:s"), 'acceptKey' => $accept_key)); new Notification("Invited <b>{$invitedUser->name}</b> to join this organisation", 'success', true); $f3->reroute($f3->get('PATH')); } } $f3->set('target', 'dashboard/organisations/invite.html'); } $this->_render('base.html'); }
public function resumepost() { $f3 = \Base::instance(); $this->_requireLogin(); $user = $f3->get('user'); $user_obj = $f3->get('user_obj'); $user_org = $f3->get('user_org'); $user_org_links = $f3->get('user_org_links'); $errors = []; if ($f3->exists('POST.username')) { $username = $f3->get('POST.username'); $username = $f3->scrub($username); if (preg_match('/^[a-z0-9]{5,}$/', $username)) { // Filter any already existing username if ($username != $user['username']) { $user = new User(); $user->load(array('username = ?', $username)); if ($user->loaded()) { $errors[] = 'This username is taken.'; } else { $user_obj->username = $username; } } } else { $errors[] = 'Username must be at least 5 characters long, with only numbers and lowercase letters in it.'; } } if ($f3->exists('POST.fullName')) { $fullName = $f3->get('POST.fullName'); $fullName = $f3->scrub($fullName); if (strlen($fullName) > 4) { $user_obj->name = htmlspecialchars($fullName); } else { $errors[] = 'Full name must be at least 5 characters long'; } } if ($f3->exists('POST.email')) { $email = $f3->get('POST.email'); if (filter_var($email, FILTER_VALIDATE_EMAIL)) { // Filter any already existing email if ($email != $user['email']) { $user = new User(); $user->load(array('email = ?', $email)); if ($user->loaded()) { $errors[] = 'This email is taken.'; } else { $user_obj->email = $email; } } } else { $errors[] = 'Incorrect email'; } } if ($f3->exists('POST.age')) { $age = (int) $f3->get('POST.age'); if ($age > 12) { $user_obj->age = $age; } else { $errors[] = 'You need to be at least 13 years old to use this service.'; } } // Saving if no errors if (empty($errors)) { $user_obj->save(); new Notification('Profile saved', 'success', true); $f3->reroute($f3->get('PATH')); return; } else { $f3->set('errors', $errors); } // Display a notification to masquerading administrators if ($f3->exists('SESSION.mask')) { new Notification('You are currently masquerading as a client, <a href="/dashboard/admin/masquerade/reveal">back to your admin account</a>', 'danger', true); } $f3->set('target', 'account/resume.html'); $this->_render('base.html'); }