/**
* Show the profile of a student
*/
public function view($params)
{
$this->setView('view.php');
$is_logged = isset(User_Model::$auth_data);
$is_student = $is_logged && isset(User_Model::$auth_data['student_number']);
$is_admin = $is_logged && User_Model::$auth_data['admin'] == '1';
// If the user isn't logged in
if (!$is_logged) {
throw new ActionException('User', 'signin', array('redirect' => $_SERVER['REQUEST_URI']));
}
try {
$student = $this->model->getInfo($params['username']);
$post_model = new Post_Model();
$this->setTitle(htmlspecialchars($student['firstname'] . ' ' . $student['lastname']));
$this->set(array('student' => $student, 'groups' => isset($student['id']) ? Group_Model::getAuth((int) $student['id']) : array(), 'is_owner' => User_Model::$auth_data['username'] == $student['username'], 'is_logged' => true, 'is_student' => $is_student, 'is_admin' => $is_admin, 'username' => User_Model::$auth_data['username']));
if ($is_student) {
$this->set(array('firstname' => User_Model::$auth_data['firstname'], 'lastname' => User_Model::$auth_data['lastname'], 'avatar_url' => User_Model::$auth_data['avatar_url']));
}
// If the student is a user, we show their posts
if (isset($student['id'])) {
$category = isset($params['category']) ? $params['category'] : null;
$category_model = new Category_Model();
$this->set(array('posts' => $post_model->getPosts(array('restricted' => true, 'user_id' => (int) $student['id'], 'category_name' => $category, 'official' => false, 'show_private' => $is_student), Config::POST_DISPLAYED), 'categories' => $category_model->getAll(), 'current_category' => $category));
}
} catch (Exception $e) {
throw new ActionException('Page', 'error404');
}
}
/**
* Delete a post
*/
public function delete($params)
{
$this->setView('delete.php');
try {
$comment = $this->model->get((int) $params['id']);
$is_logged = isset(User_Model::$auth_data);
$is_admin = $is_logged && User_Model::$auth_data['admin'] == '1';
$groups_auth = isset($is_logged) ? Group_Model::getAuth() : array();
if ($is_logged && User_Model::$auth_data['id'] == $comment['user_id'] || $is_admin || isset($post['group_id']) && isset($groups_auth[(int) $post['group_id']]) && $groups_auth[(int) $post['group_id']]['admin']) {
$this->model->delete((int) $params['id']);
$this->set('success', true);
} else {
$this->set('success', false);
}
} catch (Exception $e) {
// Post not found
$this->set('success', true);
}
}
/**
* Delete a group
*/
public function delete($params)
{
$this->setView('delete.php');
$is_logged = isset(User_Model::$auth_data);
$is_admin = $is_logged && User_Model::$auth_data['admin'] == '1';
try {
if (!$is_logged) {
throw new Exception();
}
$group = $this->model->getInfoByName($params['group']);
} catch (Exception $e) {
throw new ActionException('Page', 'error404');
}
$this->setTitle(__('GROUP_DELETE_TITLE'));
// Authorization
$groups_auth = Group_Model::getAuth();
if (!$is_admin && !(isset($groups_auth[(int) $group['id']]) && $groups_auth[(int) $group['id']]['admin'])) {
throw new ActionException('Page', 'error404');
}
$this->set('group_name', $group['name']);
$this->model->delete((int) $group['id']);
}
