arman/science-ation
1
1
Fork 0
forked from science-ation/science-ation
Code Pull Requests Activity

remove the student table from the register_participants_signature auth

Browse Source 
add 'participant' to the auth requirement for projects in the API
This commit is contained in:
james 2011-02-23 19:30:50 +00:00
parent 06fdbe1621
commit 0320f662dd
2 changed files with 7 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
api.php
View File

@ -849,12 +849,12 @@ switch($request[0]) {
default: default:
$ret['status']="error"; $ret['status']="error";
$ret['error']="invalidi school API command ({$request[1]})"; $ret['error']="invalid school API command ({$request[1]})";
} }
break; break;
case 'project': case 'project':
$chk=api_user_auth_required(); $chk=api_user_auth_required('participant');
if($chk['status']!="ok") { if($chk['status']!="ok") {
$ret['status']="error"; $ret['status']="error";
$ret['error']=$chk['error']; $ret['error']=$chk['error'];

12
register_participants_signature.php
View File

@ -41,14 +41,12 @@
exit; exit;
} }
$q=mysql_query("SELECT registrations.id AS regid, students.id AS studentid, students.firstname $q=mysql_query("SELECT registrations.id AS regid
FROM registrations,students FROM registrations
WHERE students.email='{$_SESSION['email']}' WHERE registrations.num='{$_SESSION['registration_number']}'
AND registrations.num='{$_SESSION['registration_number']}'
AND registrations.id='{$_SESSION['registration_id']}' AND registrations.id='{$_SESSION['registration_id']}'
AND students.registrations_id=registrations.id AND registrations.conferences_id={$conference['id']}");
AND registrations.conferences_id={$conference['id']}
AND students.conferences_id={$conference['id']}");
$registration_number=$_SESSION['registration_number']; $registration_number=$_SESSION['registration_number'];
$registration_id=$_SESSION['registration_id']; $registration_id=$_SESSION['registration_id'];