public function viewpireps() { if (!Auth::LoggedIn()) { $this->set('message', 'You are not logged in!'); $this->render('core_error.tpl'); return; } if (isset($this->post->submit_pirep) && $this->post->submit_pirep) { if (!$this->SubmitPIREP()) { $this->FilePIREPForm(); return false; } } if (isset($this->post->submit)) { /* See if the PIREP is valid, and whether it's being edited by the owner, not someone else */ $pirep = PIREPData::getReportDetails($this->post->pirepid); if (!$pirep) { $this->set('message', 'Invalid PIREP'); $this->render('core_error.tpl'); return; } # Make sure pilot ID's match if ($pirep->pilotid != Auth::$userinfo->pilotid) { $this->set('message', 'This PIREP is not yours!'); $this->render('core_error.tpl'); return; } /* Now do the edit actions */ if ($this->post->action == 'addcomment') { $ret = PIREPData::addComment($this->post->pirepid, Auth::$userinfo->pilotid, $this->post->comment); $this->set('message', 'Comment added!'); $this->render('core_success.tpl'); } elseif ($this->post->action == 'editpirep') { $ret = PIREPData::saveFields($this->post->pirepid, $_POST); $this->set('message', 'PIREP edited!'); $this->render('core_success.tpl'); } } // Show PIREPs filed $this->set('userinfo', Auth::$userinfo); $this->set('pireps', PIREPData::GetAllReportsForPilot(Auth::$userinfo->pilotid)); $this->render('pireps_viewall.tpl'); }