public function actionPostupdatestudentaccess() { $session = Yii::$app->session; if ($session->has('accountTypeID')) { $accountTypeID = (int) $session->get('accountTypeID'); if ($accountTypeID == DefaultForm::ACCOUNT_TYPE_SUPERUSER || $accountTypeID == DefaultForm::ACCOUNT_TYPE_ADMINISTRATOR) { $request = Yii::$app->request; if ($request->isAjax) { $post = $request->post(); $status = $post['Status']; $usernamePost = $post['Username']; $password = $post['Password']; $confirmPassword = $post['ConfirmPassword']; $passwordAsAdmin = $post['PasswordAsAdmin']; $studentID = $post['StudentID']; $sessionAccountID = (int) $session->get('accountID'); $_AccountStudentsForm = new AccountStudentsForm(); $_AccountAdminForm = new AccountAdminForm(); $_AccountRegisteredUsersForm = new AccountRegisteredUsersForm(); if (strlen($usernamePost) == 0) { $returnData = array('status' => DefaultForm::ERROR_CODE_SYSTEM_DEFAULT, 'message' => "Username is required!"); } else { if (strlen($usernamePost) >= 8 && strlen($usernamePost) <= 20) { $username = strtolower($usernamePost); $isUsernameExistsStudents = $_AccountStudentsForm->checkIfUsernameExistsWithStudentID($username, $studentID); if ((int) $isUsernameExistsStudents == 0) { $isUsernameExistsAdmin = $_AccountAdminForm->checkIfUsernameExists($username); if ((int) $isUsernameExistsAdmin == 0) { $isUsernameExistsRegisteredUsers = $_AccountRegisteredUsersForm->checkIfUsernameExists($username); if ((int) $isUsernameExistsRegisteredUsers == 0) { if ($password != "") { if ($confirmPassword != "") { if ($password == $confirmPassword) { if ($passwordAsAdmin != "") { $passwordAsAdmin = md5($passwordAsAdmin); $checkIfAdminIsReal = $_AccountAdminForm->checkIfAdminIsReal($sessionAccountID, $passwordAsAdmin); if ($checkIfAdminIsReal == true) { $password = md5($password); $updateStudentAccess = $_AccountStudentsForm->updateStudentStatusAndUsernameAndPassword($status, $username, $password, $studentID); $returnData = array('status' => $updateStudentAccess['status'], 'message' => $updateStudentAccess['message']); } else { $returnData = array('status' => DefaultForm::ERROR_CODE_SYSTEM_DEFAULT, 'message' => "You are not authorized to perform this action!"); } } else { $returnData = array('status' => DefaultForm::ERROR_CODE_SYSTEM_DEFAULT, 'message' => "Please prove that you are an admin!"); } } else { $returnData = array('status' => DefaultForm::ERROR_CODE_SYSTEM_DEFAULT, 'message' => "Passwords did not match!"); } } else { $returnData = array('status' => DefaultForm::ERROR_CODE_SYSTEM_DEFAULT, 'message' => "Please confirm your password!"); } } else { if ($passwordAsAdmin != "") { $passwordAsAdmin = md5($passwordAsAdmin); $checkIfAdminIsReal = $_AccountAdminForm->checkIfAdminIsReal($sessionAccountID, $passwordAsAdmin); if ($checkIfAdminIsReal == true) { $password = md5($password); $updateStudentAccess = $_AccountStudentsForm->updateStudentStatusAndUsername($status, $username, $studentID); $returnData = array('status' => $updateStudentAccess['status'], 'message' => $updateStudentAccess['message']); } else { $returnData = array('status' => DefaultForm::ERROR_CODE_SYSTEM_DEFAULT, 'message' => "You are not authorized to perform this action!"); } } else { $returnData = array('status' => DefaultForm::ERROR_CODE_SYSTEM_DEFAULT, 'message' => "Please prove that you are an admin!"); } } } else { $returnData = array('status' => DefaultForm::ERROR_CODE_SYSTEM_DEFAULT, 'message' => "Username already exists!"); } } else { $returnData = array('status' => DefaultForm::ERROR_CODE_SYSTEM_DEFAULT, 'message' => "Username already exists!"); } } else { $returnData = array('status' => DefaultForm::ERROR_CODE_SYSTEM_DEFAULT, 'message' => "Username already exists!"); } } else { $returnData = array('status' => DefaultForm::ERROR_CODE_SYSTEM_DEFAULT, 'message' => "Username must be greater than or equal to 8 characters AND lower than or equal to 20 characters!"); } } } else { $returnData = array('status' => DefaultForm::ERROR_CODE_REQUEST_DEFAULT, 'message' => DefaultForm::ERROR_MESSAGE_AJAX_REQUEST_DEFAULT); } } else { $returnData = array('status' => DefaultForm::ERROR_CODE_SYSTEM_DEFAULT, 'message' => "You are not allowed to perform this action!"); } echo json_encode($returnData); } else { return DefaultController::redirectToLogOut(); } }