// Admin only
if ($user->role !== 1) {
$response->status = 403;
$response->message = 'Forbidden';
$response->json($response);
}
// Prepare and sanitize post input
$api->setInputs($_POST);
//$response->data = $model->usersAll(NULL);
$user = $model->userFind(array('mail' => $api->getInputVal('mail')));
if ($user) {
$response->status = 409;
$response->message = 'User with email ' . $api->getInputVal('mail') . ' already exists';
$response->json($response);
}
if (!$model->userCreate(array('sid' => Ut::token(), 'mail' => $api->getInputVal('mail'), 'pw' => md5($api->getInputVal('pw'))))) {
$response->status = 500;
$response->message = 'Unable to create an user';
$response->json($response);
}
$response->data = array('id' => $db->inserId());
$response->json($response);
} elseif ($route->match('adminuserread', 1)) {
// Admin only
if ($user->role !== 1) {
$response->status = 403;
$response->message = 'Forbidden';
$response->json($response);
}
$api->setInputs(array('id' => $route->getParam(0)));
$response->data = $model->userFind(array('id' => $api->getInputVal('id')));
/**
* Update password
*
* @return void
*/
public function passwordUpdate()
{
$token = $this->getInputVal('token');
if (!$token) {
$this->setErrors('Token not found');
return false;
}
$password = $this->model->passwordFind(array('token' => $token, 'confirmed' => 0));
if (!$password) {
$this->setErrors('Password request not found');
return false;
}
$input = array('sid' => Ut::token(), 'pw' => md5($this->getInputVal('pw')));
if (!$this->model->userUpdate($input, array('id' => $password->user_id))) {
$this->setErrors('Cannot update password');
return false;
}
$this->model->passwordUpdate(array('confirmed' => 1), array('id' => $password->id));
return true;
}
