/**
* Validate that the user has permission to access this company
*
* @param company_name string. The name of the company
*
*/
function ValidatePermission($email = '')
{
CybPHP_Validate::ValidateInt($this->_company_id);
CybPHP_Validate::ValidateEmail($email);
$result = CybPHP_MySQL::Query('SELECT c.id_client ' . 'FROM webfinance_clients c ' . 'JOIN webfinance_clients2users c2u ON c2u.id_client = c.id_client ' . 'JOIN webfinance_users u ON u.id_user = c2u.id_user ' . "WHERE u.email = '{$email}' AND " . "c.id_client = {$this->_company_id}");
if (mysql_num_rows($result) != 1) {
throw new Exception('Permission denied');
}
}
/**
* Get user ID from email address
*
* @param email string. The email address
*
* @return user_id int. The user ID.
*
*/
static function GetIdFromEmail($email = '')
{
CybPHP_Validate::ValidateEmail($email);
$email = mysql_escape_string($email);
$result = CybPHP_MySQL::Query('SELECT id_user ' . 'FROM webfinance_users ' . "WHERE email = '{$email}'");
$user = mysql_fetch_assoc($result);
return $user['id_user'];
}
