public static function checkRights($page, $action, $token) { loadClass('status'); loadClass('token'); loadClass('action'); loadClass('right'); loadClass('customer'); if (is_null($action)) { Functions::setResponse(400); } $pagename = str_replace('.php', '', basename($page)); $actionName = $pagename . '-' . $action; $whereClause = 'name=:name'; $params = array(array('id' => ':name', 'value' => $actionName)); $result = Action::search($whereClause, $params); if (!count($result)) { echo 'Please update actions and rights!'; Functions::setResponse(500); } $action = $result[0]; define('LOGGED_OUT_STATUS', 'standard'); $loggedOut = false; if (is_null($token) || strtolower($token) == 'none') { $loggedOut = true; } else { $whereClause = 'value=:value'; $params = array(array('id' => ':value', 'value' => $token)); $result = Token::search($whereClause, $params); if (!count($result)) { Functions::setResponse(498); } else { $token = $result[0]; $customer = new Customer($token->get('customerId')); $status = new Status($customer->get('statusId')); } } if ($loggedOut) { $whereClause = 'name=:name'; $params = array(array('id' => ':name', 'value' => LOGGED_OUT_STATUS)); $result = Status::search($whereClause, $params); if (!count($result)) { Functions::setResponse(500); } $status = $result[0]; } $whereClause = 'action_id=:action_id AND status_id=:status_id'; $params = array(array('id' => ':action_id', 'value' => $action->get('id')), array('id' => ':status_id', 'value' => $status->get('id'))); $result = Right::search($whereClause, $params); if (!count($result)) { Functions::setResponse(401); } if ($result[0]->get('right') == 'deny') { Functions::setResponse(401); } }
function deleteDrink($id) { if (is_null($id)) { Functions::setResponse(400); } try { $c = new Drink($id); $c->delete(); return true; } catch (RuntimeException $e) { Functions::setResponse(404); } }
function deleteStatus($id) { if (is_null($id)) { Functions::setResponse(400); } try { $s = new Status($id); $s->delete(); return true; } catch (RuntimeException $e) { Functions::setResponse(404); } }
public static function getSQLTableName($tableName) { $tables = array('action' => 'actions', 'customer' => 'customers', 'status' => 'status', 'drink' => 'drinks', 'entry' => 'entries', 'right' => 'rights', 'sell' => 'sells', 'token' => 'tokens', 'totalentries' => 'total_entries', 'totalsells' => 'total_sells', 'balance' => 'balances', 'effectiveright' => 'effective_rights', 'favdrink' => 'favdrinks'); if (isset($tables[$tableName])) { return $tables[$tableName]; } else { if (DEBUG) { echo 'Fatal error : Unable to load the table name for class ' . $className . ' !'; } Functions::setResponse(500); } return; }
public static function reportSqlBugIfExists($errorArray) { if ($errorArray[0] == '0000') { return; } $message = 'SQL_STATE : ' . $errorArray[0] . "\n<br />"; $message .= 'Error code : ' . $errorArray[1] . "\n<br />\n<br />"; $message .= $errorArray[2]; if (DEBUG) { echo $message; } Functions::setResponse(500); }
function getCustomerHistory($id) { if (is_null($id)) { Functions::setResponse(400); } try { $c = new Customer($id); $whereClause = 'customer_id = :cid'; $params = array(array('id' => ':cid', 'value' => $id, 'type' => PDO::PARAM_INT)); return Entry::search($whereClause, $params); } catch (RuntimeException $e) { if (!isset($c)) { Functions::setResponse(404); } } }
function searchRight($actionId, $statusId) { if (is_null($actionId) || is_null($statusId)) { Functions::setResponse(400); } $whereClause = 'action_id=:action_id AND status_id=:status_id'; $params = array(array('id' => ':action_id', 'value' => $actionId), array('id' => ':status_id', 'value' => $statusId)); $result = Right::search($whereClause, $params); if (!count($result)) { Functions::setResponse(404); } return $result[0]; }
function getFavDrink($id) { if (is_null($id)) { Functions::setResponse(400); } $whereClause = 'customer_id = :cid'; $params = array(array('id' => ':cid', 'value' => $cid)); $result = FavDrink::search($whereClause, $params); return count($result) ? $result[0] : null; }
loadClass('right'); loadClass('action'); loadClass('status'); /* Load SQL Views */ /* <controller> */ /* <functions> */ if (isset($_GET['name'], $_GET['checked'])) { $name = explode('-', $_GET['name']); $right = $_GET['checked'] == 'true' ? 'allow' : 'deny'; $st = $name[1]; $ac = $name[3]; $whereClause = 'action_id = :ac AND status_id = :st'; $params = array(array('id' => ':ac', 'value' => $ac), array('id' => ':st', 'value' => $st)); $result = Right::search($whereClause, $params); if (!count($result)) { Functions::setResponse(404); } $ri = $result[0]; $ri->set('right', $right); $ri->save(); } $rights = Right::searchForAll(); $actions = Action::searchForAll(); $status = Status::searchForAll(); $aArr = array(); $sArr = array(); $rArr = array(); foreach ($actions as $a) { $aArr[$a->get('id')] = $a->get('name'); $rArr[$a->get('id')] = array(); }