public function cash() { if (!isset($_SESSION['userId'])) { header('Location: /php_project/application/public/'); exit; } if ($this->user == null) { $this->getUser(); } if (isset($_POST['cash']) && isset($_POST['password'])) { $cash = $_POST['cash']; $password = $_POST['password']; $cleaner = new \Framework\Common(); $password = $cleaner->normalize($password, 'trim|xss|string'); $editUser['cash'] = $cleaner->normalize($cash, 'trim|xss|double'); $editUser['user_id'] = $_SESSION['userId']; if ($this->user[0]['password'] != $password) { header('Location: /php_project/application/public/user/profile'); } else { $cash = $cleaner->normalize($this->user[0]['cash'], 'float'); $editUser['cash'] += $cash; $userDb = new \Models\User(); $userDb->update('user', $editUser); } header('Location: /php_project/application/public/user/profile'); } $this->view->appendToLayout('body', 'cash'); $this->view->display('layouts.default', $this->user); }
public function ban() { if (!isset($_SESSION['userId']) || $_SESSION['admin'] != true) { header('Location: /php_project/application/public/'); exit; } $user_id = $this->input->get(0); $userDb = new \Models\User(); $user = $userDb->get('user_id = ' . $user_id); if (!is_numeric($user_id) || !$user) { header('Location: /php_project/application/public/'); exit; } $userUpdate = array(); $userUpdate['banned'] = 1; $userUpdate['user_id'] = $user_id; $userDb->update('user', $userUpdate); header('Location: /php_project/application/public/admin/index'); exit; }