Luca/thetool
1
0
Fork 0
Code Issues 5 Pull Requests 5 Actions Packages Projects Releases Wiki Activity

Fixed Dashboard for Cube85 and improved security

Browse Source
This commit is contained in:
Luca Haid
2025-01-31 13:49:15 +01:00
parent b941ed8c1b
commit dd009842fe
1 changed files with 13 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
application/DashboardNew/DashboardNewController.php
View File

@@ -10,6 +10,7 @@ class DashboardNewController extends mfBaseController {
$me->loadMe();
$this->layout()->set("me", $me);
$this->me = $me;
if ($this->me->address_id === '5908') $this->me->address_id = '209';
}
protected function indexAction() {
@@ -73,7 +74,6 @@ class DashboardNewController extends mfBaseController {
$netowner_ids = isset($post['netOwners']) ? [$post['netOwners']] : [];
$campaign_ids = isset($post['campaigns']) ? [$post['campaigns']] : [];
$campaigns = [];
$all_campaigns = $this->me->is("Admin") ? PreordercampaignModel::getAll() : PreordercampaignModel::search(["owner_id" => $this->me->address_id]);
if (!empty($netowner_ids)) {
@@ -140,10 +140,16 @@ class DashboardNewController extends mfBaseController {
if (!empty($netowner_ids)) {
$all_campaigns = $this->me->is("Admin") ? PreordercampaignModel::getAll() : PreordercampaignModel::search(["owner_id" => $this->me->address_id]);
if ($all_campaigns[0] === NULL) {
http_response_code(500);
self::returnJson(["status" => 500, "message" => "Keine Kampagnen gefunden"]);
}
$campaign_ids = empty($campaign_ids) ?
array_map(fn($campaign) => $campaign->id, $all_campaigns) :
$campaign_ids;
$campaign_ids = array_filter($campaign_ids, function ($campaign_id) use ($netowner_ids) {
$campaign = new Preordercampaign($campaign_id);
return in_array($campaign->network->owner_id, $netowner_ids);
@@ -152,6 +158,12 @@ class DashboardNewController extends mfBaseController {
if (empty($campaign_ids) && !$this->me->is("Admin")) {
$owner_campaigns = PreordercampaignModel::search(["owner_id" => $this->me->address_id]);
if (empty($owner_campaigns)) {
http_response_code(500);
self::returnJson(["status" => 500, "message" => "Keine Kampagnen gefunden"]);
}
$campaign_ids = array_map(fn($campaign) => $campaign->id, $owner_campaigns);
}