public function update() { $f3 = \Base::instance(); $this->_requireLogin(); $db = $f3->get('db.instance'); $user = $f3->get('user'); $user_obj = $f3->get('user_obj'); $user_org = $f3->get('user_org'); $user_org_links = $f3->get('user_org_links'); $orgId = $f3->get('PARAMS.id'); if ($orgId == 'active') { if ($f3->exists('SESSION.selected_organisation')) { $orgId = $f3->get('SESSION.selected_organisation'); foreach ($user_org_links as $orgKey => $orgValue) { if ($orgValue['orgId'] == $orgId) { $validated = true; } } } if (!isset($validated)) { // Select first $orgId = $user_org_links[0]['orgId']; } } foreach ($user_org_links as $orgKey => $orgValue) { if ($orgValue['orgId'] == $orgId) { $validated = true; } } $orgMap = new \Models\Organisation(); $orgMap->load($orgId); $f3->set('user_org_selected', $orgMap->cast()); if ($orgMap->ownerId != $user['id']) { $validated = false; } // Organisation either does not exists or he isn't a member or he has no permission if (!isset($validated) or $validated == false) { $f3->set('target', 'dashboard/organisations/details/unauthorized.html'); $this->_render('base.html'); } else { // Members $orgUsers = $f3->get('db.instance')->exec('SELECT * FROM organisation_members WHERE orgId = ' . $orgId); $members = array(); foreach ($orgUsers as $orgUser) { $member = new \Models\User(); $member->load($orgUser['memberId']); $members[] = $member->cast(); } $f3->set('user_org_selected_members', $members); // Display a notification to masquerading administrators if ($f3->exists('SESSION.mask')) { new Notification('You are currently masquerading as a client, <a href="/dashboard/admin/masquerade/reveal">back to your admin account</a>', 'danger', true); } $f3->set('target', 'dashboard/organisations/details/edit.html'); $this->_render('base.html'); } }
public function invites() { $f3 = \Base::instance(); $this->_requireLogin(); $db = $f3->get('db.instance'); $user = $f3->get('user'); $user_obj = $f3->get('user_obj'); $user_org = $f3->get('user_org'); $user_org_links = $f3->get('user_org_links'); // Organisation invitations $result = $db->exec('SELECT * FROM organisations_invites WHERE targetId = ?', $user['id']); if (count($result) == 0) { $f3->set('target', 'dashboard/organisations/invites/no-invites.html'); } else { $invites = []; foreach ($result as $res) { $invite = []; // From $from = new \Models\User(); $from->load($res['fromId']); $invite['from'] = $from->cast(); // Target organisation $org = new \Models\Organisation(); $org->load($res['orgId']); if (!$org) { // Organisation has been deleted, so yeah, delete the invite $db->exec('DELETE FROM organisations_invites WHERE id = ?', $res['id']); $f3->reroute($f3->get('PATH')); } $invite['org'] = $org->cast(); $invite['key'] = $res['accept_key']; $invites[] = $invite; } $f3->set('invites', $invites); $f3->set('target', 'dashboard/organisations/invites/invites.html'); } // Display a notification to masquerading administrators if ($f3->exists('SESSION.mask')) { new Notification('You are currently masquerading as a client, <a href="/dashboard/admin/masquerade/reveal">back to your admin account</a>', 'danger', true); } $this->_render('base.html'); }
/** * Validate a user (that it exists) * * @param $identifier mixed Can be username, email or id * @return bool */ public static function validateUser($identifier) { // Get the right ID $identifier = self::getUserId($identifier); // Load the user $user = new \Models\User(); $user->load(array("id=?", $identifier)); if (!$user->id) { return false; } return true; }