public function intranet_update()
 {
     self::Restrict("intranet");
     $event = Event::find_by_permalink($_GET['permalink']);
     if (!$event) {
         Site::Flash("error", "Unable to find event");
         Error404();
     }
     $event_id = mysql_real_escape_string($event->id);
     $id = null;
     // Achievements
     $result = array();
     if (isset($_REQUEST['achievements'])) {
         $achievements = unserialize($_REQUEST['achievements']);
         foreach ($achievements as $achieve) {
             if ($achieve['id']) {
                 $id = mysql_real_escape_string($achieve['id']);
                 $achievement = Achievement::find("achievements.event_id = '{$event_id}' AND achievements.intranet_id = '{$id}'");
             }
             if (!$achievement) {
                 $achievement = new Achievement();
                 $achievement->event_id = $event->id;
                 $achievement->intranet_id = $id;
             }
             $achievement->name = $achieve['name'];
             $achievement->description = $achieve['description'];
             $achievement->image = $achieve['image'];
             $success = false;
             if ($achievement->save()) {
                 $success = true;
             }
             $result[] = array('id' => $id, 'result' => $success, 'achievement' => $achievement);
         }
     }
     $this->assign("result", $result);
     // User achievements
     UserAchievement::MarkNotUpdated($event_id);
     $result = array();
     if (isset($_REQUEST['user_achievements'])) {
         $user_achievements = unserialize($_REQUEST['user_achievements']);
         foreach ($user_achievements as $achieve) {
             $id = mysql_real_escape_string($achieve['achievement_id']);
             $user_id = mysql_real_escape_string($achieve['user_id']);
             $achievement = Achievement::find("achievements.intranet_id = '{$id}' AND achievements.event_id = '{$event_id}'");
             if (!$achievement) {
                 $success = false;
             } else {
                 $achievement_id = mysql_real_escape_string($achievement->id);
                 $user_achievement = UserAchievement::find("achievements.id = '{$achievement_id}' and users.id = '{$user_id}'");
                 $success = false;
                 if (!$user_achievement) {
                     $user_achievement = new UserAchievement();
                     $user_achievement->user_id = $user_id;
                     $user_achievement->achievement_id = $achievement_id;
                 }
                 $user_achievement->updated = true;
                 if ($user_achievement->save()) {
                     $success = true;
                 }
             }
             $result[] = array('id' => $achieve['id'], 'result' => $success, 'user_achievement' => $user_achievement);
         }
     }
     UserAchievement::DestroyNotUpdated();
     $this->assign("user_result", $result);
     header('Content-Type: text/xml');
     $this->render("achievement/intranet_update.tpl", true);
 }
 public function award($user, $category_id)
 {
     $user_achievement = new UserAchievement();
     $user_achievement->user_id = $user->id;
     $user_achievement->achievement_id = $this->id;
     $user_achievement->category_id = $category_id;
     $valid = $user_achievement->save();
     return $valid;
 }