aboutsummaryrefslogtreecommitdiff
path: root/app/class/controlleruser.php
blob: 2b3299342622493f71b7cf59165ca8fe6bac2888 (plain) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84

<?php

class Controlleruser extends Controller
{

    public function __construct($render) {
        parent::__construct($render);
    }

    public function desktop()
    {
        if($this->user->isadmin()) {
            $userlist = $this->usermanager->getlister();
            $this->showtemplate('user', ['userlist' => $userlist]);
        } else {
            $this->routedirect('home');
        }
    }

    public function add()
    {
        if(isset($_POST['id'])) {
            $user = new User($_POST);
            if(empty($user->id()) || $this->usermanager->get($user)) {
                $this->routedirectget('user', ['error' => 'wrong_id']);
            } elseif(empty($user->password()) || $this->usermanager->passwordexist($user->password())) {
                $this->routedirectget('user', ['error' => 'change_password']);
            } else {
                $this->usermanager->add($user);
                $this->routedirect('user');
            }
        }
    }

    public function update()
    {
        if($this->user->isadmin() && isset($_POST['action'])) {
            switch ($_POST['action']) {
                case 'delete':
                    $user = new User($_POST);
                    $user = $this->usermanager->get($user);
                    if($user !== false) {
                        if($user->id() === $this->user->id()) {
                            $this->showtemplate('userconfirmdelete', ['userdelete' => $user, 'candelete' => false]);
                        } else {
                            $this->showtemplate('userconfirmdelete', ['userdelete' => $user, 'candelete' => true]);
                        }
                    } else {
                        $this->routedirect('user');
                    }
                    break;
                
                case 'confirmdelete':
                    $user = new User($_POST);
                    $this->usermanager->delete($user);
                    $this->routedirect('user');
                    break;

                case 'update':
                    $user = $this->usermanager->get($_POST['id']);
                    $userupdate = clone $user;
                    $userupdate->hydrate($_POST);
                    if(empty($userupdate->id())) {
                        $this->routedirectget('user', ['error' => 'wrong_id']);
                    } elseif (!empty($_POST['password']) && (empty($userupdate->password())  || $this->usermanager->passwordexist($userupdate->password()))) {
                        $this->routedirectget('user', ['error' => 'change_password']);
                    } elseif (empty($userupdate->level())) {
                        $this->routedirectget('user', ['error' => 'wrong_level']);
                    } elseif ($user->level() === 10 && $userupdate->level() !== 10 && $this->user->id() === $user->id()) {
                        $this->routedirectget('user', ['error' => 'cant_edit_yourself']);
                    } else {
                        $this->usermanager->add($userupdate);
                        $this->routedirect('user');
                    }
            }
        } else {
            $this->routedirect('home');
        }
    }
}



?>
generated by cgit v1.2.3 (git 2.25.1) at 2025-02-22 23:05:31 +0000