2007-11-16 06:30:42 +00:00
< ?
/*
This file is part of the 'Science Fair In A Box' project
SFIAB Website : http :// www . sfiab . ca
Copyright ( C ) 2005 Sci - Tech Ontario Inc < info @ scitechontario . org >
Copyright ( C ) 2005 James Grant < james @ lightbox . org >
Copyright ( C ) 2007 David Grant < dave @ lightbox . org >
This program is free software ; you can redistribute it and / or
modify it under the terms of the GNU General Public
License as published by the Free Software Foundation , version 2.
This program is distributed in the hope that it will be useful ,
but WITHOUT ANY WARRANTY ; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE . See the GNU
General Public License for more details .
You should have received a copy of the GNU General Public License
along with this program ; see the file COPYING . If not , write to
the Free Software Foundation , Inc . , 59 Temple Place - Suite 330 ,
Boston , MA 02111 - 1307 , USA .
*/
?>
< ?
2010-07-13 03:30:11 +00:00
function user_valid_role ( $role )
2009-09-09 00:26:12 +00:00
{
2010-07-13 03:30:11 +00:00
global $roles ;
if ( ! is_array ( $role )) $role = array ( $role );
2008-07-09 18:24:49 +00:00
2010-07-13 03:30:11 +00:00
foreach ( $role as $r ) {
if ( ! array_key_exists ( $r , $roles )) return false ;
2009-10-11 18:19:04 +00:00
}
2009-09-09 00:26:12 +00:00
return true ;
}
2007-11-16 06:30:42 +00:00
2009-10-11 03:32:14 +00:00
2010-07-13 03:30:11 +00:00
function user_load ( $users_id , $accounts_id = false )
2009-10-11 03:32:14 +00:00
{
2010-07-13 03:30:26 +00:00
/* Load user, join accounts so we also load the email, superuser flag */
$query = " SELECT * FROM users JOIN accounts ON accounts.id=users.accounts_id WHERE " ;
2010-07-13 03:30:11 +00:00
if ( $accounts_id != false ) {
$accounts_id = intval ( $accounts_id );
$query .= " `users`.`accounts_id`=' $accounts_id ' ORDER BY `users`.`year` DESC LIMIT 1 " ;
2007-11-16 06:30:42 +00:00
} else {
2010-07-13 03:30:11 +00:00
$id = intval ( $users_id );
$query .= " `users`.`id`=' $id ' " ;
2007-11-16 06:30:42 +00:00
}
2009-09-09 00:26:12 +00:00
$q = mysql_query ( $query );
2010-07-13 03:30:11 +00:00
if ( mysql_num_rows ( $q ) == 0 )
2009-09-09 00:26:12 +00:00
return false ;
2007-11-16 06:30:42 +00:00
2010-07-13 03:30:11 +00:00
if ( mysql_num_rows ( $q ) > 1 ) {
echo " ERROR: More than one user. \n " ;
exit ;
2009-09-09 00:26:12 +00:00
}
2010-07-06 15:32:26 +00:00
2010-07-13 03:30:11 +00:00
/* Load the user */
$ret = mysql_fetch_assoc ( $q );
/* Sanitize before using these in mysql queries */
2009-09-09 00:26:12 +00:00
$ret [ 'id' ] = intval ( $ret [ 'id' ]);
2010-07-13 03:30:11 +00:00
$ret [ 'accounts_id' ] = intval ( $ret [ 'accounts_id' ]);
2009-09-09 00:26:12 +00:00
$ret [ 'year' ] = intval ( $ret [ 'year' ]);
2010-07-13 03:30:11 +00:00
2009-09-09 00:26:12 +00:00
2010-07-13 03:30:11 +00:00
/* Get roles, and active/complete status for each role */
2010-07-13 03:30:25 +00:00
$query = " SELECT user_roles.*,roles.type,roles.name FROM user_roles LEFT JOIN roles ON roles.id=user_roles.roles_id WHERE user_roles.users_id= { $ret [ 'id' ] } " ;
2010-07-13 03:30:11 +00:00
$q = mysql_query ( $query );
$ret [ 'roles' ] = array ();
while (( $roledata = mysql_fetch_assoc ( $q ))) {
2010-07-13 03:30:25 +00:00
$ret [ 'roles' ][ $roledata [ 'type' ]] = $roledata ;
2010-07-13 03:30:11 +00:00
}
if ( count ( $ret [ 'roles' ]) == 0 ) {
/* No roles , that ' s ok actually , the previous logic here was that
* a user without roles is deleted .. but .. this could happen for
* new users , or if someone deletes all their roles before adding
* a new role */
}
2009-09-09 00:26:12 +00:00
/* Convenience */
2010-01-27 20:24:13 +00:00
$ret [ 'name' ] = ( $ret [ 'firstname' ] ? " { $ret [ 'firstname' ] } " : '' ) . $ret [ 'lastname' ];
2009-09-09 00:26:12 +00:00
2009-12-02 22:17:20 +00:00
/* Email recipient for "to" field on emails */
if ( ( $ret [ 'firstname' ] || $ret [ 'lastname' ]) && $ret [ 'email' ]) {
//use their full name if we have it
//if the name contains anything non-standard, we need to quote it.
if ( eregi ( " [^a-z0-9 ] " , $ret [ 'name' ]))
$ret [ 'emailrecipient' ] = " \" { $ret [ 'name' ] } \" < { $ret [ 'email' ] } > " ;
else
$ret [ 'emailrecipient' ] = " { $ret [ 'name' ] } < { $ret [ 'email' ] } > " ;
}
else if ( $ret [ 'email' ]) {
//otherwise, just their email address
$ret [ 'emailrecipient' ] = $ret [ 'email' ];
}
2010-07-13 03:30:11 +00:00
else {
2009-12-02 22:17:20 +00:00
$ret [ 'emailrecipient' ] = " " ;
2010-07-13 03:30:11 +00:00
}
2009-12-02 22:17:20 +00:00
2010-07-13 03:30:11 +00:00
foreach ( array_keys ( $ret [ 'roles' ]) as $r ) {
/* Do the load routines inline , the explosion of user roles
* means it ' s just silly to have a different function for each
* one . If we get one that has a crazy amount of stuff to do ,
* we could move it all to a function and call it in the
* switch below */
switch ( $r ) {
case 'committee' :
$u [ 'ord' ] = intval ( $u [ 'ord' ]);
$u [ 'displayemail' ] = ( $u [ 'displayemail' ] == 'yes' ) ? 'yes' : 'no' ;
break ;
2007-11-16 06:30:42 +00:00
2010-07-13 03:30:11 +00:00
case 'judge' :
$u [ 'years_school' ] = intval ( $u [ 'years_school' ]);
$u [ 'years_regional' ] = intval ( $u [ 'years_regional' ]);
$u [ 'years_national' ] = intval ( $u [ 'years_national' ]);
$u [ 'willing_chair' ] = ( $u [ 'willing_chair' ] == 'yes' ) ? 'yes' : 'no' ;
$u [ 'special_award_only' ] = ( $u [ 'special_award_only' ] == 'yes' ) ? 'yes' : 'no' ;
$u [ 'cat_prefs' ] = strlen ( $u [ 'cat_prefs' ] > 0 ) ? unserialize ( $u [ 'cat_prefs' ]) : array ();
$u [ 'div_prefs' ] = strlen ( $u [ 'div_prefs' ] > 0 ) ? unserialize ( $u [ 'div_prefs' ]) : array ();
$u [ 'divsub_prefs' ] = strlen ( $u [ 'divsub_prefs' ] > 0 ) ? unserialize ( $u [ 'divsub_prefs' ]) : array ();
// $u['expertise_other'] = $u['expertise_other'];
$u [ 'languages' ] = strlen ( $u [ 'languages' ] > 0 ) ? unserialize ( $u [ 'languages' ]) : array ();
// $u['highest_psd'] = $u['highest_psd'];
/* Sanity check the arrays, make sure they are arrays */
$should_be_arrays = array ( 'cat_prefs' , 'div_prefs' ,
'divsub_prefs' , 'languages' );
foreach ( $should_be_arrays as $k ) {
if ( ! is_array ( $u [ $k ])) $u [ $k ] = array ();
2007-11-16 06:30:42 +00:00
}
2010-07-13 03:30:11 +00:00
break ;
case 'sponsor' :
$u [ 'sponsors_id' ] = intval ( $u [ 'sponsors_id' ]);
if ( $u [ 'sponsors_id' ]) {
$q = mysql_query ( " SELECT * FROM sponsors WHERE id=' { $u [ 'sponsors_id' ] } ' " );
$u [ 'sponsor' ] = mysql_fetch_assoc ( $q );
}
break ;
default :
/* Nothing to do for all other roles */
break ;
2007-11-16 06:30:42 +00:00
}
}
2007-11-16 22:19:58 +00:00
2007-11-16 06:30:42 +00:00
/* Do this assignment without recursion :) */
2007-11-17 21:59:59 +00:00
unset ( $ret [ 'orig' ]);
2007-11-16 06:30:42 +00:00
$orig = $ret ;
$ret [ 'orig' ] = $orig ;
return $ret ;
}
2010-07-13 03:30:11 +00:00
function user_load_by_accounts_id ( $accounts_id )
2009-09-09 00:26:12 +00:00
{
2010-07-13 03:30:11 +00:00
return user_load ( 0 , $accounts_id );
2009-09-09 00:26:12 +00:00
}
2009-10-11 03:32:14 +00:00
function user_load_by_email ( $email )
{
2010-07-13 03:30:11 +00:00
/* Find the accounts_id for the email, regardless of deleted status */
2009-10-11 03:32:14 +00:00
$e = mysql_real_escape_string ( $email );
2010-07-13 03:30:11 +00:00
$q = mysql_query ( " SELECT accounts_id FROM users WHERE email=' $e ' OR username=' $e ' " );
2009-10-11 03:32:14 +00:00
if ( mysql_num_rows ( $q ) == 1 ) {
2010-07-13 03:30:11 +00:00
$i = mysql_fetch_assoc ( $q );
return user_load_by_accounts_id ( $i [ 'accounts_id' ]);
2009-10-11 03:32:14 +00:00
}
return false ;
}
2010-07-13 03:30:11 +00:00
/* FIXME: these are going to need conference IDs too */
function user_load_by_accounts_id_year ( $uid , $year )
2009-10-11 03:32:14 +00:00
{
2010-07-13 03:30:11 +00:00
echo " FIXME " ;
exit ;
2009-10-11 03:32:14 +00:00
$q = mysql_query ( " SELECT id FROM users WHERE uid=' $uid ' AND year <= ' $year ' " );
if ( ! mysql_num_rows ( $q )) return false ;
$i = mysql_fetch_assoc ( $q );
return user_load ( $i [ 'id' ]);
}
function user_save ( & $u )
2007-11-16 06:30:42 +00:00
{
2010-06-16 21:33:43 +00:00
global $conference ;
2010-07-13 03:30:11 +00:00
global $roles ;
/* Sanity check */
if ( $u [ 'conferences_id' ] != $u [ 'orig' ][ 'conferences_id' ]) {
echo " The user's conference changed. Can't save a user to a difference conference, use user_dupe to copy the user to a new conference. \n " ;
exit ;
}
2010-06-16 21:33:43 +00:00
2010-07-13 03:30:11 +00:00
/* Add any new roles */
$orig_roles = array_keys ( $u [ 'orig' ][ 'roles' ]);
$new_roles = array_keys ( $u [ 'roles' ]);
2009-10-11 03:32:14 +00:00
2010-07-13 03:30:11 +00:00
/* Delete any removed roles */
$removed = array_diff ( $orig_roles , $new_roles );
foreach ( $removed as $r ) {
mysql_query ( " DELETE FROM user_roles WHERE users_id=' { $u [ 'id' ] } ' AND roles_id=' { $roles [ $r ][ 'id' ] } ' " );
}
2009-10-11 03:32:14 +00:00
2010-07-13 03:30:25 +00:00
/* Update all roles */
foreach ( $new_roles as $r ) {
if ( ! in_array ( $r , $orig_roles )) {
/* Role is new */
if ( ! user_add_role_allowed ( $u , $r )) {
echo " HALT: user can't add this role " ;
exit ;
}
mysql_query ( " INSERT INTO user_roles(accounts_id,users_id,roles_id,active,complete)
VALUES ( '{$u[' accounts_id ']}' , '{$u[' id ']}' , '{$roles[$r][' id ']}' , 'no' , 'no' ) " );
echo mysql_error ();
} else if ( $u [ 'roles' ][ $r ] != $u [ 'orig' ][ 'roles' ][ $r ]) {
/* $u['roles'][$r] has changed from original, update it */
mysql_query ( " UPDATE user_roles SET active=' { $u [ 'roles' ][ $r ][ 'active' ] } ',
complete = '{$u[' roles '][$r][' complete ']}'
WHERE id = '{$u[' roles '][$r][' id ']}' " );
echo mysql_error ();
}
}
2009-09-09 00:26:12 +00:00
$fields = array ( 'salutation' , 'firstname' , 'lastname' , 'username' ,
2007-11-19 21:12:09 +00:00
'phonehome' , 'phonework' , 'phonecell' , 'fax' , 'organization' ,
2008-02-23 03:28:43 +00:00
'address' , 'address2' , 'city' , 'province' , 'postalcode' , 'sex' ,
2010-07-13 03:30:11 +00:00
'firstaid' , 'cpr' , 'lang' , 'notes' );
$fields_for_role [ 'committee' ] = array ( 'emailprivate' , 'ord' , 'displayemail' ,
'access_admin' , 'access_config' , 'access_super' );
$fields_for_role [ 'judge' ] = array ( 'years_school' , 'years_regional' , 'years_national' ,
'willing_chair' , 'special_award_only' ,
'cat_prefs' , 'div_prefs' , 'divsub_prefs' ,
'expertise_other' , 'languages' , 'highest_psd' );
$fields_for_role [ 'student' ] = array ( 'schools_id' );
$fields_for_role [ 'fair' ] = array ( 'fairs_id' );
$fields_for_role [ 'sponsor' ] = array ( 'sponsors_id' , 'primary' , 'position' );
/* Merge fields as necessary, build a big list of fields to save */
foreach ( $new_roles as $r ) {
2010-07-13 03:30:25 +00:00
if ( ! array_key_exists ( $r , $fields_for_role )) continue ;
2010-07-13 03:30:11 +00:00
$fields = array_merge ( $fields , $fields_for_role [ $r ]);
}
2007-11-16 06:30:42 +00:00
$set = " " ;
foreach ( $fields as $f ) {
if ( $u [ $f ] == $u [ 'orig' ][ $f ]) continue ;
if ( $set != " " ) $set .= ',' ;
2010-07-13 03:30:11 +00:00
if ( $u [ $f ] == NULL ) {
$set .= " $f =NULL " ;
continue ;
2009-10-11 03:32:14 +00:00
}
2010-07-13 03:30:11 +00:00
if ( is_array ( $u [ $f ]))
$data = mysql_escape_string ( serialize ( $u [ $f ]));
else
$data = mysql_escape_string ( stripslashes ( $u [ $f ]));
$set .= " $f =' $data ' " ;
2007-11-16 06:30:42 +00:00
}
2010-06-16 21:33:43 +00:00
2007-11-16 06:30:42 +00:00
if ( $set != " " ) {
$query = " UPDATE users SET $set WHERE id=' { $u [ 'id' ] } ' " ;
mysql_query ( $query );
echo mysql_error ();
}
2007-11-17 21:59:59 +00:00
2010-07-13 03:30:11 +00:00
/* Record all the data in orig that we saved so subsequent
* calls to user_save don ' t try to overwrite data already
* saved to the database */
2009-10-11 03:32:14 +00:00
unset ( $u [ 'orig' ]);
$orig = $u ;
$u [ 'orig' ] = $orig ;
// print_r($u);
2007-11-17 21:59:59 +00:00
}
2010-07-13 03:30:11 +00:00
function user_remove_role ( & $u , $role )
2007-11-17 21:59:59 +00:00
{
2010-07-13 03:30:11 +00:00
if ( ! array_key_exists ( $role , $u [ 'roles' ])) {
/* Hum , type specified , but the user is not this type ,
* so , i guess we ' re done . */
return ;
}
2007-11-17 21:59:59 +00:00
2009-09-09 00:26:12 +00:00
$id = $u [ 'id' ];
2007-11-17 21:59:59 +00:00
2010-07-13 03:30:11 +00:00
/* Do role-specific remove actions */
switch ( $role ) {
case 'committee' :
2010-07-14 21:04:50 +00:00
mysql_query ( " DELETE FROM committees_link WHERE accounts_id=' { $u [ 'accounts_id' ] } ' " );
2010-07-13 03:30:11 +00:00
break ;
2007-11-17 21:59:59 +00:00
2010-07-13 03:30:11 +00:00
case 'judge' :
mysql_query ( " DELETE FROM judges_teams_link WHERE users_id=' $id ' " );
mysql_query ( " DELETE FROM judges_specialawards_sel WHERE users_id=' $id ' " );
break ;
2009-09-09 00:26:12 +00:00
2010-07-13 03:30:11 +00:00
default :
break ;
}
2009-10-11 03:32:14 +00:00
2010-07-13 03:30:11 +00:00
/* Delete the role */
unset ( $u [ 'roles' ][ $role ]);
2009-10-11 03:32:14 +00:00
2010-07-13 03:30:11 +00:00
/* Save this user (takes care of removing entries from the user_roles db) */
user_save ( $u );
2009-10-11 03:32:14 +00:00
}
2010-07-13 03:30:11 +00:00
/* If role is specified , just delete the role from the user .
* If not , delete the whole user , all roles */
function user_delete ( $u , $role = false )
2007-11-17 21:59:59 +00:00
{
$finish_delete = false ;
if ( ! is_array ( $u )) {
$u = user_load ( $u );
}
2010-07-13 03:30:11 +00:00
if ( $role != false ) {
user_remove_role ( $u , $role );
if ( count ( $u [ 'roles' ]) == 0 ) {
/* No roles left, finish the delete */
2007-11-17 21:59:59 +00:00
$finish_delete = true ;
}
} else {
2010-07-13 03:30:11 +00:00
/* Delete the whole user, every role */
foreach ( array_keys ( $u [ 'roles' ]) as $r )
user_remove_role ( $u , $r );
2007-11-17 21:59:59 +00:00
$finish_delete = true ;
}
2010-07-13 03:30:11 +00:00
if ( $finish_delete ) {
2009-09-09 00:26:12 +00:00
mysql_query ( " UPDATE users SET deleted='yes', deleteddatetime=NOW() WHERE id=' { $u [ 'id' ] } ' " );
2010-07-13 03:30:11 +00:00
return true ;
2009-09-09 00:26:12 +00:00
}
2010-07-13 03:30:11 +00:00
/* User had some other role, so delete was not completed. */
return false ;
}
2009-09-09 00:26:12 +00:00
/* Purge functions . These completely eliminate all traces of a user from the
* database . This action cannot be undone . We prefer the committee to use the
* " delete " functions , which simply mark the account as " deleted " . */
2010-07-13 03:30:11 +00:00
function user_purge ( $u , $role = false )
2009-09-09 00:26:12 +00:00
{
2010-07-13 03:30:11 +00:00
/* Delete the user , then completely delete them from
* the DB if delete returns true , that is , if there ' s
* no other role blocking the delete / purge */
$finish_purge = user_delete ( $u , $role );
2009-09-09 00:26:12 +00:00
if ( $finish_purge == true ) {
2007-11-17 21:59:59 +00:00
mysql_query ( " DELETE FROM users WHERE id=' { $u [ 'id' ] } ' " );
2010-07-13 03:30:11 +00:00
return true ;
2007-11-17 21:59:59 +00:00
}
2010-07-13 03:30:11 +00:00
/* Not purged, some other role existed */
return false ;
2007-11-17 21:59:59 +00:00
}
2009-09-09 00:26:12 +00:00
/* Duplicate a row in the users table, or any one of the users_* tables. */
function user_dupe_row ( $db , $key , $val , $newval )
{
global $config ;
$nullfields = array ( 'deleteddatetime' ); /* Fields that can be null */
$q = mysql_query ( " SELECT * FROM $db WHERE $key =' $val ' " );
if ( mysql_num_rows ( $q ) != 1 ) {
echo " ERROR duplicating row in $db : $key = $val NOT FOUND. \n " ;
exit ;
}
$i = mysql_fetch_assoc ( $q );
$i [ $key ] = $newval ;
foreach ( $i as $k => $v ) {
if ( $v == NULL && in_array ( $k , $nullfields ))
$i [ $k ] = 'NULL' ;
else if ( $k == 'year' )
$i [ $k ] = $config [ 'FAIRYEAR' ];
else
$i [ $k ] = '\'' . mysql_escape_string ( $v ) . '\'' ;
}
$keys = '`' . join ( '`,`' , array_keys ( $i )) . '`' ;
$vals = join ( ',' , array_values ( $i ));
$q = " INSERT INTO $db ( $keys ) VALUES ( $vals ) " ;
// echo "Dupe Query: [$q]";
$r = mysql_query ( $q );
echo mysql_error ();
$id = mysql_insert_id ();
return $id ;
}
/* Used by the login scripts to copy one user from one year to another */
function user_dupe ( $u , $new_year )
{
/* Dupe a user if :
* - They don ' t exist in the current year
* ( users -> year != the target year ( passed in so we can use it in the rollover script ) )
* - They have a previous year entry
* ( users -> year DESC LIMIT 1 == 1 row )
* - That previous entry has deleted = no */
/* Find the last entry */
$q = mysql_query ( " SELECT id,uid,year,deleted FROM users WHERE uid=' { $u [ 'uid' ] } '
ORDER BY year DESC LIMIT 1 " );
$r = mysql_fetch_object ( $q );
if ( $r -> deleted == 'yes' ) {
echo " Cannot duplicate user ID { $u [ 'id' ] } , they are deleted. Undelete them first. \n " ;
exit ;
}
if ( $r -> year == $new_year ) {
echo " Cannot duplicate user ID { $u [ 'id' ] } , they already exist in year $new_year\n " ;
exit ;
}
$id = user_dupe_row ( 'users' , 'id' , $u [ 'id' ], NULL );
$q = mysql_query ( " UPDATE users SET year=' $new_year ' WHERE id=' $id ' " );
/* Load the new user */
$u2 = user_load ( $id );
foreach ( $u2 [ 'types' ] as $t ) {
user_dupe_row ( " users_ $t " , 'users_id' , $u [ 'id' ], $id );
}
/* Return the ID of the new user */
return $id ;
}
2010-07-13 03:30:11 +00:00
/* Returns true if loaded user ( $u ) is allowed to add role $role to their
2007-12-12 03:01:44 +00:00
* profile . THis is intended as a last - stop mechanism , preventing , for example
2010-07-13 03:30:11 +00:00
* a student from co - existing with any other role . */
function user_add_role_allowed ( & $u , $role )
2007-11-17 21:59:59 +00:00
{
2010-07-13 03:30:11 +00:00
foreach ( array_keys ( $u [ 'roles' ]) as $ur ) {
switch ( $ur ) {
case 'student' :
/* Student cant' add any other role */
return false ;
2007-12-12 03:01:44 +00:00
2010-07-13 03:30:11 +00:00
default :
if ( $role == 'student' ) {
/* No role can add the student role */
return false ;
}
/* All other roles can coexist (even the fair role) */
break ;
2007-12-12 03:01:44 +00:00
}
2007-11-17 21:59:59 +00:00
}
2010-07-13 03:30:11 +00:00
return true ;
2007-11-16 06:30:42 +00:00
}
2010-07-13 03:30:11 +00:00
function user_add_role ( & $u , $role )
2007-11-16 06:30:42 +00:00
{
2010-07-13 03:30:11 +00:00
if ( ! user_add_role_allowed ( $u , $role )) {
/* If we get in here, someone is hand crafting URLs */
echo " HALT: invalid role add specified for operation. " ;
exit ;
}
2007-11-16 06:30:42 +00:00
2010-07-13 03:30:11 +00:00
/* Add the role */
$u [ 'roles' ][ $role ] = array ( 'active' => 'yes' ,
'complete' => 'no' );
/* Save it now so the DB gets updated */
user_save ( $u );
2007-11-16 06:30:42 +00:00
}
2010-07-13 03:30:11 +00:00
function user_create ( $accounts_id , $conferences_id = 0 )
2007-11-16 06:30:42 +00:00
{
2010-07-13 03:30:11 +00:00
global $config , $conference ;
2007-11-16 06:30:42 +00:00
2010-07-13 03:30:11 +00:00
if ( $conferences_id == 0 ) $conferences_id = $conference [ 'id' ];
2007-11-16 06:30:42 +00:00
2010-07-13 03:30:11 +00:00
/* Make sure the user doesn't already exist */
$q = mysql_query ( " SELECT id FROM users WHERE accounts_id=' $accounts_id ' AND conferences_id=' $conferences_id ' " );
if ( mysql_num_rows ( $q )) {
echo " ERROR: user_create called for a user that already exists. \n " ;
exit ;
}
2007-11-16 06:30:42 +00:00
2010-07-13 03:30:11 +00:00
/* Create the user */
mysql_query ( " INSERT INTO users(`accounts_id`,`conferences_id`) VALUES(' $accounts_id ',' $conferences_id ') " );
$id = mysql_insert_id ();
2007-11-16 06:30:42 +00:00
2010-07-13 03:30:11 +00:00
/* Return a loaded user with no roles */
return user_load ( $id );
2007-12-12 03:01:44 +00:00
}
2010-07-13 03:30:11 +00:00
2007-11-16 06:30:42 +00:00
/* Perform some checks . Make sure the person is logged in , and that their
* password hasn ' t expired ( the password_expired var is set in the login page )
*/
2010-07-15 09:18:02 +00:00
function user_auth_required ( $all_required = array (), $one_required = array ())
2007-11-16 06:30:42 +00:00
{
2007-11-19 07:01:51 +00:00
global $config ;
2010-07-13 03:30:11 +00:00
$ok = true ;
2010-01-24 06:47:09 +00:00
unset ( $_SESSION [ 'request_uri' ]);
2010-07-15 09:18:02 +00:00
if ( ! isset ( $_SESSION [ 'roles' ] || ! isset ( $_SESSION [ 'users_id' ]))) {
2009-09-09 00:26:12 +00:00
message_push ( error ( i18n ( " You must login to view that page " )));
2010-01-24 06:47:06 +00:00
$_SESSION [ 'request_uri' ] = $_SERVER [ 'REQUEST_URI' ];
2009-09-09 00:26:12 +00:00
header ( " location: { $config [ 'SFIABDIRECTORY' ] } /user_login.php?type= $type " );
2007-11-16 06:30:42 +00:00
exit ;
}
2010-07-13 03:30:11 +00:00
/* Make sure the user has each role in $all_required , this returns
* an array in the same order as $all_required , with all members
* in $all_required that are also in the session roles */
if ( ! is_array ( $all_required )) $all_required = array ( $all_required );
2010-01-24 06:47:06 +00:00
2010-07-13 03:30:11 +00:00
$match = array_intersect ( $all_required , $_SESSION [ 'roles' ]);
if ( $all_required != $match ) {
/* Something is missing */
$ok = false ;
}
/* Make sure the user has one role in $one_required */
if ( ! is_array ( $one_required )) $one_required = array ( $one_required );
if ( count ( $one_required )) {
$match = array_intersect ( $one_required , $_SESSION [ 'roles' ]);
if ( count ( $match ) == 0 ) {
/* Missing any role in $one_required */
$ok = false ;
2010-01-24 06:47:06 +00:00
}
}
2010-07-13 03:30:11 +00:00
if ( ! $ok ) {
2010-01-24 06:47:09 +00:00
message_push ( error ( i18n ( " You do not have permission to view that page " )));
2010-07-13 03:30:11 +00:00
header ( " location: { $config [ 'SFIABDIRECTORY' ] } /user_login.php " );
2007-11-16 06:30:42 +00:00
exit ;
}
2010-01-24 06:47:09 +00:00
/* Forward to password expired, remember the target URI */
2007-11-17 21:59:59 +00:00
if ( $_SESSION [ 'password_expired' ] == true ) {
2010-01-24 06:47:09 +00:00
$_SESSION [ 'request_uri' ] = $_SERVER [ 'REQUEST_URI' ];
2010-07-15 09:17:59 +00:00
header ( " location: { $config [ 'SFIABDIRECTORY' ] } /user_account.php " );
2007-11-16 06:30:42 +00:00
exit ;
}
2007-11-17 21:59:59 +00:00
2010-07-13 03:30:11 +00:00
/* Return the first role that matched , this retains the previous
* behaviour */
return $match [ 0 ];
2007-11-16 06:30:42 +00:00
}
function user_volunteer_registration_status ()
{
global $config ;
// $now = date('Y-m-d H:i:s');
// if($now < $config['dates']['judgeregopen']) return "notopenyet";
// if($now > $config['dates']['judgeregclose']) return "closed";
return " open " ;
}
function user_judge_registration_status ()
{
global $config ;
$now = date ( 'Y-m-d H:i:s' );
if ( $now < $config [ 'dates' ][ 'judgeregopen' ]) return " notopenyet " ;
if ( $now > $config [ 'dates' ][ 'judgeregclose' ]) return " closed " ;
return " open " ;
}
2007-11-26 02:28:45 +00:00
$user_personal_fields_map = array (
2009-09-09 00:26:12 +00:00
'salutation' => array ( 'salutation' ),
2007-11-26 02:28:45 +00:00
'name' => array ( 'firstname' , 'lastname' ),
'email' => array ( 'email' ),
'sex' => array ( 'sex' ),
'phonehome' => array ( 'phonehome' ),
'phonework' => array ( 'phonework' ),
'phonecell' => array ( 'phonecell' ),
'fax' => array ( 'fax' ),
'org' => array ( 'organization' ),
'birthdate' => array ( 'birthdate' ),
'lang' => array ( 'lang' ),
'address' => array ( 'address' , 'address2' , 'postalcode' ),
'city' => array ( 'city' ),
2008-02-23 03:28:43 +00:00
'province' => array ( 'province' ),
'firstaid' => array ( 'firstaid' , 'cpr' ));
2007-11-26 02:28:45 +00:00
2010-07-13 03:30:11 +00:00
function user_personal_fields ( $role )
2007-11-16 06:30:42 +00:00
{
2007-11-26 02:28:45 +00:00
global $config , $user_personal_fields_map ;
$ret = array ( 'firstname' , 'lastname' , 'email' );
2010-07-13 03:30:11 +00:00
$fields = $config [ " { $role } _personal_fields " ];
2007-11-26 02:28:45 +00:00
if ( $fields != '' ) {
$fields = split ( ',' , $fields );
foreach ( $fields as $f ) {
$ret = array_merge ( $ret , $user_personal_fields_map [ $f ]);
}
2007-11-16 06:30:42 +00:00
}
2007-11-26 02:28:45 +00:00
return $ret ;
2007-11-16 06:30:42 +00:00
}
2010-07-13 03:30:11 +00:00
function user_personal_required_fields ( $role )
2007-11-16 06:30:42 +00:00
{
2007-11-26 02:28:45 +00:00
global $config , $user_personal_fields_map ;
$ret = array ( 'firstname' , 'lastname' , 'email' );
2010-07-13 03:30:11 +00:00
$required = $config [ " { $role } _personal_required " ];
2007-11-26 02:28:45 +00:00
if ( $required != '' ) {
$fields = split ( ',' , $required );
foreach ( $fields as $f ) {
$ret = array_merge ( $ret , $user_personal_fields_map [ $f ]);
}
2007-11-16 06:30:42 +00:00
}
2007-12-12 22:50:54 +00:00
/* Filter some elements that are never required .
* - address2
*/
$ret = array_diff ( $ret , array ( 'address2' ));
2007-11-26 02:28:45 +00:00
return $ret ;
2007-11-16 06:30:42 +00:00
}
2009-09-09 00:26:12 +00:00
function user_personal_info_status ( & $u )
2007-11-16 06:30:42 +00:00
{
$required = array ();
2010-07-13 03:30:11 +00:00
foreach ( array_keys ( $u [ 'roles' ]) as $r ) {
2007-11-26 02:28:45 +00:00
$required = array_merge ( $required ,
2010-07-13 03:30:11 +00:00
user_personal_required_fields ( $r ));
2007-11-16 06:30:42 +00:00
}
foreach ( $required as $r ) {
$val = trim ( $u [ $r ]);
if ( strlen ( $val ) > 0 ) {
/* Ok */
} else {
return 'incomplete' ;
}
}
2010-07-13 03:30:11 +00:00
/* FIXME : somehow call the $role _status_update () function to update
* the individual [ $role ][ 'complete' ] entry ? */
2007-11-16 06:30:42 +00:00
return 'complete' ;
}
2010-07-13 03:30:11 +00:00
/* user_{$role}_login() is called with a full $u loaded */
2007-11-16 22:19:58 +00:00
2007-12-12 04:15:17 +00:00
function user_fair_login ( $u )
{
2010-07-13 03:30:11 +00:00
/* Double check, make sure the user is of this role */
if ( ! array_key_exists ( 'fair' , $u [ 'roles' ])) {
2007-12-12 04:15:17 +00:00
echo " ERROR: attempted to login fair on a non-fair user \n " ;
exit ;
}
2007-11-16 22:19:58 +00:00
2007-12-12 04:15:17 +00:00
$_SESSION [ 'fairs_id' ] = $u [ 'fairs_id' ]; // == 'yes') ? true : false;
}
2007-12-20 22:47:21 +00:00
?>