public function profile() { $user = User::getData(); if (!empty($user)) { // setting a new properity for the user permission $permission = PermissionModel::first('user_id = ?', [$user->id]); $user->permission = $permission->permission; // if the user is admin then will fetch the not replied complains $requests = null; if ($permission->permission == 'admin') { $requests = ComplainModel::with(['status' => 'bending']); if (count($requests)) { foreach ($requests as $request) { // fetching the data for the patient who made the complain $request->patient = UserModel::id($request->user_id); } } $requests_count = count($requests); return twig('profile-admin.html', ['user' => $user, 'requests' => $requests, 'requests_count' => $requests_count]); } $msgs = $complains = null; if ($permission->permission == 'normal') { // fetching the current user messages $msgs = MessageModel::with(['user_id' => $user->id]); // fetching the current user complains $complains = ComplainModel::with(['user_id' => $user->id]); $msgs_count = count(MessageModel::with(['user_id' => $user->id, 'viewed' => 0])); return twig('profile-user.html', ['user' => $user, 'complains' => $complains, 'msgs' => $msgs, 'msgs_count' => $msgs_count]); } } else { Session::flash("msg", '<li><span class="msg-warning">Warning: </span> Humm!... you want to cheat, access denied</li>'); goBack(); } }
public function signin() { $email = Request::getParam('email'); $pass = Request::getParam('pass'); $remember = !empty(Request::getParam('remember')); $admin = !empty(Request::getParam('admin')); $user = UserModel::first('email = ?', [$email]); if ($user && Hash::match($pass, $user->pass)) { $permission = PermissionModel::first('user_id = ?', [$user->id])->permission; // check permision type for the user if ($admin && $permission != 'admin') { Session::flash("msg", '<li><span class="msg-error">Error: </span> Ooops!... No admin found (wrong email or password ) , let\'s try one more time!</li>'); Session::flash("data", Request::getALlParams()); goBack(); exit; } else { if (!$admin && $permission == 'admin') { Session::flash("msg", '<li><span class="msg-error">Error: </span> Ooops!... No User found (wrong email or password ) , let\'s try one more time!</li>'); Session::flash("data", Request::getALlParams()); goBack(); exit; } } $u = new User($user->hash); $u->login($remember); redirect(route('user.profile')); } else { Session::flash("msg", '<li><span class="msg-warning">Warning: </span> Ooops!... wrong email or password, let\'s try one more time!</li>'); Session::flash("data", Request::getALlParams()); goBack(); } }