diff options
Diffstat (limited to 'h-source/Application/Controllers/GenericController.php')
-rw-r--r-- | h-source/Application/Controllers/GenericController.php | 12 |
1 files changed, 12 insertions, 0 deletions
diff --git a/h-source/Application/Controllers/GenericController.php b/h-source/Application/Controllers/GenericController.php index f29f01d..57b22ec 100644 --- a/h-source/Application/Controllers/GenericController.php +++ b/h-source/Application/Controllers/GenericController.php @@ -30,6 +30,8 @@ class GenericController extends BaseController public function __construct($model, $controller, $queryString) { parent::__construct($model, $controller, $queryString); + $this->model('UsersModel'); + $popup = new Popup(); $popup->name = gtext('sort by'); switch ($this->controller) @@ -67,6 +69,8 @@ class GenericController extends BaseController { if (!$this->s['registered']->checkCsrf($clean['token'])) $this->redirect($this->controller.'/catalogue/'.$this->lang,2,'wrong token..'); + if ($this->m['UsersModel']->isBlocked($this->s['registered']->status['id_user'])) $this->redirect('my/home/'.$this->lang,2,'your account has been blocked..'); + if (isset($_POST['insertAction'])) { if ($this->checkDist()) @@ -127,6 +131,8 @@ class GenericController extends BaseController { if (!$this->s['registered']->checkCsrf($clean['token'])) die("wrong token"); + if ($this->m['UsersModel']->isBlocked($this->s['registered']->status['id_user'])) die("your account has been blocked"); + $clean['id_user'] = (int)$this->s['registered']->status['id_user']; $clean['id_hard'] = $this->request->post('id_hard',0,'forceInt'); @@ -190,6 +196,8 @@ class GenericController extends BaseController { if (!$this->s['registered']->checkCsrf($clean['token'])) $this->redirect($this->controller.'/catalogue/'.$this->lang,2,'wrong token..'); + if ($this->m['UsersModel']->isBlocked($this->s['registered']->status['id_user'])) $this->redirect('my/home/'.$this->lang,2,'your account has been blocked..'); + $deleted = $this->m['HardwareModel']->select("hardware.deleted")->where(array("id_hard"=>$clean['id_hard']))->limit(1)->toList('deleted')->send(); if (strcmp($deleted[0],'no') === 0) @@ -575,6 +583,8 @@ class GenericController extends BaseController { if (!$this->s['registered']->checkCsrf($clean['token'])) $this->redirect($this->controller.'/catalogue/'.$this->lang,2,'wrong token..'); + if ($this->m['UsersModel']->isBlocked($this->s['registered']->status['id_user'])) $this->redirect('my/home/'.$this->lang,2,'your account has been blocked..'); + if (isset($_POST['confirmAction'])) { if (strcmp($deleted[0],'no') === 0) @@ -622,6 +632,8 @@ class GenericController extends BaseController { if (!$this->s['registered']->checkCsrf($clean['token'])) $this->redirect($this->controller.'/catalogue/'.$this->lang,2,'wrong token..'); + if ($this->m['UsersModel']->isBlocked($this->s['registered']->status['id_user'])) $this->redirect('my/home/'.$this->lang,2,'your account has been blocked..'); + $this->m['TalkModel']->values['created_by'] = $this->s['registered']->status['id_user']; $this->m['TalkModel']->values['id_hard'] = $clean['id_hard']; |