public function configure() { //Narrow down options. //We must just show those ads owned by the office's company. $query = AdTable::getInstance()->getAdsByCompanyIdQuery($this->getOption('companyId')); $this->useFields(array('ad_id')); $this->widgetSchema['ad_id'] = new sfWidgetFormDoctrineChoice(array('model' => $this->getRelatedModelName('Ad'), 'add_empty' => false, 'multiple' => true, 'expanded' => false, 'renderer_class' => 'sfWidgetFormSelectDoubleList', 'query' => $query)); $this->validatorSchema['ad_id'] = new sfValidatorDoctrineChoice(array('model' => $this->getRelatedModelName('Ad'), 'multiple' => true, 'query' => $query)); $this->widgetSchema->setLabel('ad_id', false); $this->widgetSchema->getFormFormatter()->setTranslationCatalogue('office_ads_form'); }
public function executeDelete(sfWebRequest $request) { $request->checkCSRFProtection(); $this->forward404Unless($ad = Doctrine_Core::getTable('Ad')->find(array($request->getParameter('id'))), sprintf('Object ad does not exist (%s).', $request->getParameter('id'))); //Get user Id $userId = $this->getUser()->getGuardUser()->getId(); //Get company owned by that user $companyUserId = CompanyTable::getInstance()->findOneByUserId($userId)->getId(); //Get id number sent by the user (never trust the users) $adId = $request->getParameter('id'); $companyId = AdTable::getInstance()->findOneById($adId)->getCompanyId(); $this->forward404Unless($companyId == $companyUserId, sprintf('Ad does not exist (%s).', $request->getParameter('id'))); //Remove picture from file system. $fs = new sfFilesystem(); $fs->remove(sfConfig::get('app_default_picture_directory') . $ad->getAdMobileImage()); //Remove ad from database. $ad->delete(); $this->redirect('ad/index'); }