From b0ef0078cb64c8ced58d57d9969f2704ce1b1ede Mon Sep 17 00:00:00 2001
From: Kurniandha Sukma Yunastrian <13516106@std.stei.itb.ac.id>
Date: Fri, 7 May 2021 22:14:52 +0700
Subject: [PATCH] Add guard if phase not opened
---
app/Http/Controllers/PhaseController.php | 18 ++++++++++--------
1 file changed, 10 insertions(+), 8 deletions(-)
diff --git a/app/Http/Controllers/PhaseController.php b/app/Http/Controllers/PhaseController.php
index 761c80d..3b0208f 100644
--- a/app/Http/Controllers/PhaseController.php
+++ b/app/Http/Controllers/PhaseController.php
@@ -27,10 +27,16 @@ class PhaseController extends Controller
{
$view;
+ $project = DB::table('projects')->where('id', $idProject)->first();
+
+ if ($project->phase < $phaseNumber) {
+ abort(404);
+ }
+
if ($phaseNumber == 1) {
- $view = PhaseController::phase01View($idProject, $phaseNumber);
+ $view = PhaseController::phase01View($project, $phaseNumber);
} else if ($phaseNumber == 2) {
- $view = PhaseController::phase02View($idProject, $phaseNumber);
+ $view = PhaseController::phase02View($project, $phaseNumber);
} else {
abort(404);
}
@@ -41,20 +47,16 @@ class PhaseController extends Controller
/**
* Open view first phase.
*/
- public function phase01View($idProject, $phaseNumber)
+ public function phase01View($project, $phaseNumber)
{
- $project = DB::table('projects')->where('id', $idProject)->first();
-
return view('phase.phase01', ['project' => $project, 'phaseNumber' => $phaseNumber, 'phaseName' => 'Submit value criteria candidate']);
}
/**
* Open view second phase.
*/
- public function phase02View($idProject, $phaseNumber)
+ public function phase02View($project, $phaseNumber)
{
- $project = DB::table('projects')->where('id', $idProject)->first();
-
return view('phase.phase02', ['project' => $project, 'phaseNumber' => $phaseNumber, 'phaseName' => 'Voting value criteria']);
}
}
--
GitLab