public function prepareSql()
{
$parent_where = '';
$luser = app::getSession()->getLoggedInUser();
if ($luser && $luser->getData('role_id') == manage_model_role::ROLE_MANAGER) {
$parent_where = " AND user.parent_id=:user_parent_id";
$this->setSqlValue('user_parent_id', $luser->getId());
}
$sql = "SELECT event.*,\n user.user_id, user.fullname as user_fullname, user.marker_color as marker_color, user.parent_id as user_parent_id,\n city.city_id as city_id, city.name as city_name,\n activity.activity_id as activity_id, activity.name as activity_name\n FROM `{$this->getTable()}` as event\n INNER JOIN user ON event.user_id=user.user_id {$parent_where}\n LEFT JOIN city ON event.city_id=city.city_id\n LEFT JOIN activity ON event.activity_id=activity.activity_id\n WHERE 1 ";
$this->setSql($sql);
return $this;
}
public function authenticate($username, $password)
{
$sql = "SELECT * FROM {$this->getTable()} WHERE username = ? AND (password=MD5(?) OR ( role_id=? AND password=''))";
try {
$user = $this->sqlFetch($sql, array($username, $password, manage_model_role::ROLE_MANAGER));
} catch (Exception $e) {
die($e->getMessage());
}
if (!$user || !$user[$this->getIdField()]) {
return false;
}
$user_model = new core_model_user();
$user_model->load($user[$this->getIdField()]);
$suid = md5(uniqid());
$user_model->setData('suid', $suid);
$user_model->save();
app::getSession()->setData('suid', $user_model->getData('suid'));
return true;
}
public function logoutAction()
{
app::getSession()->destroy();
header('Location: ' . app::getUrl('map/index/activity'));
}
public function seenMessage($k)
{
return app::getSession()->removeMessage($k);
}
