public function activation() { if (!isset($_GET['deactivate']) and !isset($_GET['activate'])) { return false; } $session = Session::instance(); $mhi_user_id = $session->get('mhi_user_id'); if (isset($_GET['deactivate'])) { $site_domain = $_GET['deactivate']; $activation = 0; } else { $site_domain = $_GET['activate']; $activation = 1; } $mhi_site = new Mhi_Site_Model(); // Check if the logged in user is the owner of the site $domain_owners = $mhi_site->domain_owner(array($site_domain)); // using array_unique to see if there is only one owner $domain_owners = array_unique($domain_owners); if (count($domain_owners) != 1) { // If there are more than one owner, the we shouldn't be able to change all those passwords. throw new Kohana_User_Exception('Site Ownership Error', "Improper owner for site to change password."); } $domain_owner = current($domain_owners); // If the owner of the site isn't the person updating the password for the site, there's something fishy going on if ($domain_owner == $mhi_user_id) { $mhi_site->activation($site_domain, $activation); } }