public function home() { $this->session->csrf = uniqid(); if (!$this->isAdminLoggedIn()) { header('Location: /admin'); } $data = new DbAppManipulation(); $productsCategories = $data->loadData(); $viewData = ['productsCategories' => $productsCategories, 'csrf' => $this->session->csrf]; $this->view->setViewDirectory('../areas/admin/views'); $this->view->appendToLayout("admin", "home"); $this->view->display('home', $viewData); }
public function delete() { if (!$this->isAdminLoggedIn()) { header('Location: /admin'); $this->session->csrf = uniqid(); exit; } if ($this->input->get()[1] !== $this->session->csrf) { throw new \Exception('Token invalid'); } if (!is_numeric($this->input->get()[0])) { throw new \Exception('Product id must be a number'); } $data = new DbAppManipulation(); $id = $this->input->get()[0]; $success = $data->deleteProduct($id); if ($success) { header('Location: /admin/index/home'); $this->session->csrf = uniqid(); exit; } else { throw new \Exception('Cannot delete product'); } }