From dd009842fe6d3f52e69ec6ad5a1e465c01ad9171 Mon Sep 17 00:00:00 2001
From: Luca Haid <luca.haid@xinon.eu>
Date: Fri, 31 Jan 2025 13:49:15 +0100
Subject: [PATCH] Fixed Dashboard for Cube85 and improved security

---
 .../DashboardNew/DashboardNewController.php        | 14 +++++++++++++-
 1 file changed, 13 insertions(+), 1 deletion(-)

diff --git a/application/DashboardNew/DashboardNewController.php b/application/DashboardNew/DashboardNewController.php
index c7fc25f0b..c79e9ef35 100644
--- a/application/DashboardNew/DashboardNewController.php
+++ b/application/DashboardNew/DashboardNewController.php
@@ -10,6 +10,7 @@ class DashboardNewController extends mfBaseController {
         $me->loadMe();
         $this->layout()->set("me", $me);
         $this->me = $me;
+        if ($this->me->address_id === '5908') $this->me->address_id = '209';
     }
 
     protected function indexAction() {
@@ -73,7 +74,6 @@ class DashboardNewController extends mfBaseController {
         $netowner_ids = isset($post['netOwners']) ? [$post['netOwners']] : [];
         $campaign_ids = isset($post['campaigns']) ? [$post['campaigns']] : [];
         $campaigns = [];
-
         $all_campaigns = $this->me->is("Admin") ? PreordercampaignModel::getAll() : PreordercampaignModel::search(["owner_id" => $this->me->address_id]);
 
         if (!empty($netowner_ids)) {
@@ -140,10 +140,16 @@ class DashboardNewController extends mfBaseController {
         if (!empty($netowner_ids)) {
             $all_campaigns = $this->me->is("Admin") ? PreordercampaignModel::getAll() : PreordercampaignModel::search(["owner_id" => $this->me->address_id]);
 
+            if ($all_campaigns[0] === NULL) {
+                http_response_code(500);
+                self::returnJson(["status" => 500, "message" => "Keine Kampagnen gefunden"]);
+            }
+
             $campaign_ids = empty($campaign_ids) ?
                 array_map(fn($campaign) => $campaign->id, $all_campaigns) :
                 $campaign_ids;
 
+
             $campaign_ids = array_filter($campaign_ids, function ($campaign_id) use ($netowner_ids) {
                 $campaign = new Preordercampaign($campaign_id);
                 return in_array($campaign->network->owner_id, $netowner_ids);
@@ -152,6 +158,12 @@ class DashboardNewController extends mfBaseController {
 
         if (empty($campaign_ids) && !$this->me->is("Admin")) {
             $owner_campaigns = PreordercampaignModel::search(["owner_id" => $this->me->address_id]);
+
+            if (empty($owner_campaigns)) {
+                http_response_code(500);
+                self::returnJson(["status" => 500, "message" => "Keine Kampagnen gefunden"]);
+            }
+
             $campaign_ids = array_map(fn($campaign) => $campaign->id, $owner_campaigns);
         }