cuongpv/faveo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

User role update risk fixed

Browse Source
This commit is contained in:
Manish Verma
2021-12-17 11:38:58 +05:30
parent 4752081caf
commit 8f4e67d3a8
6 changed files with 12 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
app/Http/Controllers/Admin/helpdesk/ProfileController.php
View File

@@ -104,11 +104,11 @@ class ProfileController extends Controller
Input::file('profile_pic')->move($destinationPath, $fileName); Input::file('profile_pic')->move($destinationPath, $fileName);
$user->profile_pic = $fileName; $user->profile_pic = $fileName;
} else { } else {
$user->fill($request->except('profile_pic', 'gender'))->save(); $user->fill($request->except('profile_pic', 'gender','active','role','is_delete','ban'))->save();
return redirect('guest')->with('success', 'Profile Updated sucessfully'); return redirect('guest')->with('success', 'Profile Updated sucessfully');
} }
if ($user->fill($request->except('profile_pic'))->save()) { if ($user->fill($request->except('profile_pic','active','role','is_delete','ban'))->save()) {
return redirect('guest')->with('success', 'Profile Updated sucessfully'); return redirect('guest')->with('success', 'Profile Updated sucessfully');
} }
} }

4
app/Http/Controllers/Agent/helpdesk/UserController.php
View File

@@ -690,7 +690,7 @@ class UserController extends Controller
} }
} }
$users->mobile = ($request->input('mobile') == '') ? null : $request->input('mobile'); $users->mobile = ($request->input('mobile') == '') ? null : $request->input('mobile');
$users->fill($request->except('mobile')); $users->fill($request->except('mobile','active','role','is_delete','ban'));
$users->save(); $users->save();
if ($request->input('org_id') != '') { if ($request->input('org_id') != '') {
$orgid = $request->input('org_id'); $orgid = $request->input('org_id');
@@ -765,7 +765,7 @@ class UserController extends Controller
} }
$user->country_code = $request->country_code; $user->country_code = $request->country_code;
} }
$user->fill($request->except('profile_pic', 'mobile')); $user->fill($request->except('profile_pic', 'mobile','active','role','is_delete','ban'));
$user->gender = $request->input('gender'); $user->gender = $request->input('gender');
$user->save(); $user->save();
if (Input::file('profile_pic')) { if (Input::file('profile_pic')) {

4
app/Http/Controllers/Agent/kb/SettingsController.php
View File

@@ -250,11 +250,11 @@ class SettingsController extends Controller
Input::file('profile_pic')->move($destinationPath, $fileName); Input::file('profile_pic')->move($destinationPath, $fileName);
$user->profile_pic = $fileName; $user->profile_pic = $fileName;
} else { } else {
$user->fill($request->except('profile_pic', 'gender'))->save(); $user->fill($request->except('profile_pic', 'gender','active','role','is_delete','ban'))->save();
return redirect()->back()->with('success1', 'Profile Updated sucessfully'); return redirect()->back()->with('success1', 'Profile Updated sucessfully');
} }
if ($user->fill($request->except('profile_pic'))->save()) { if ($user->fill($request->except('profile_pic','active','role','is_delete','ban'))->save()) {
return redirect('profile')->with('success1', 'Profile Updated sucessfully'); return redirect('profile')->with('success1', 'Profile Updated sucessfully');
} else { } else {
return redirect('profile')->with('fails1', 'Profile Not Updated sucessfully'); return redirect('profile')->with('fails1', 'Profile Not Updated sucessfully');

6
app/Http/Controllers/Auth/UserController.php
View File

@@ -246,7 +246,7 @@ class UserController extends Controller
$users = $user->whereId($id)->first(); $users = $user->whereId($id)->first();
/* Update the value by selected field */ /* Update the value by selected field */
/* Check whether function success or not */ /* Check whether function success or not */
if ($users->fill($request->input())->save() == true) { if ($users->fill($request->except('active','role','is_delete','ban'))->save() == true) {
/* redirect to Index page with Success Message */ /* redirect to Index page with Success Message */
return redirect('user')->with('success', 'User Updated Successfully'); return redirect('user')->with('success', 'User Updated Successfully');
} else { } else {
@@ -344,11 +344,11 @@ class UserController extends Controller
Input::file('profile_pic')->move($destinationPath, $fileName); Input::file('profile_pic')->move($destinationPath, $fileName);
$user->profile_pic = $fileName; $user->profile_pic = $fileName;
} else { } else {
$user->fill($request->except('profile_pic', 'gender'))->save(); $user->fill($request->except('profile_pic', 'gender','active','role','is_delete','ban'))->save();
return Redirect::route('profile')->with('success', 'Profile Updated sucessfully'); return Redirect::route('profile')->with('success', 'Profile Updated sucessfully');
} }
if ($user->fill($request->except('profile_pic'))->save()) { if ($user->fill($request->except('profile_pic','active','role','is_delete','ban'))->save()) {
return Redirect::route('profile')->with('success', 'Profile Updated sucessfully'); return Redirect::route('profile')->with('success', 'Profile Updated sucessfully');
} }
} }

2
app/Http/Controllers/Client/helpdesk/GuestController.php
View File

@@ -92,7 +92,7 @@ class GuestController extends Controller
} }
$user->country_code = $request->country_code; $user->country_code = $request->country_code;
} }
$user->fill($request->except('profile_pic', 'mobile')); $user->fill($request->except('profile_pic', 'mobile','active','role','is_delete','ban'));
$user->gender = $request->input('gender'); $user->gender = $request->input('gender');
$user->save(); $user->save();
if (Input::file('profile_pic')) { if (Input::file('profile_pic')) {

4
app/Http/Controllers/Client/kb/UserController.php
View File

@@ -341,11 +341,11 @@ class UserController extends Controller
Input::file('profile_pic')->move($destinationPath, $fileName); Input::file('profile_pic')->move($destinationPath, $fileName);
$user->profile_pic = $fileName; $user->profile_pic = $fileName;
} else { } else {
$user->fill($request->except('profile_pic', 'gender'))->save(); $user->fill($request->except('profile_pic', 'gender','active','role','is_delete','ban'))->save();
return redirect('guest')->with('success', Lang::get('lang.profile_updated_sucessfully')); return redirect('guest')->with('success', Lang::get('lang.profile_updated_sucessfully'));
} }
if ($user->fill($request->except('profile_pic'))->save()) { if ($user->fill($request->except('profile_pic', 'active','role','is_delete','ban'))->save()) {
return redirect('guest')->with('success', Lang::get('lang.sorry_not_proprofile_updated_sucessfullycessed')); return redirect('guest')->with('success', Lang::get('lang.sorry_not_proprofile_updated_sucessfullycessed'));
} }
} }