forked from science-ation/science-ation
moving code for modifying user roles into accounts.inc.php. Incomplete. Broken.
This commit is contained in:
parent
fce116316e
commit
177f49f805
176
account.inc.php
176
account.inc.php
@ -180,17 +180,179 @@ function account_set_email($accounts_id,$email) {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
// add the necessary role to the account's user record for the specified conference
|
// add the specified role to the account's user record for the specified conference
|
||||||
|
// return true on success, false on failure
|
||||||
function account_add_role($accounts_id, $roles_id, $conferences_id, $password = null){
|
function account_add_role($accounts_id, $roles_id, $conferences_id, $password = null){
|
||||||
// create the user if they don't exist
|
global $config;
|
||||||
// active = yes
|
|
||||||
// complete = no
|
// avoid injections
|
||||||
|
$accounts_id *= 1;
|
||||||
|
$roles_id *= 1;
|
||||||
|
$conferences_id *= 1;
|
||||||
|
$password = mysql_real_escape_string($password);
|
||||||
|
|
||||||
|
// make sure the specified id's actually exist
|
||||||
|
if(mysql_result(mysql_query("SELECT COUNT(*) FROM accounts WHERE id = $accounts_id"), 0) != 1){
|
||||||
|
return "invalidaccount";
|
||||||
|
}
|
||||||
|
if(mysql_result(mysql_query("SELECT COUNT(*) FROM roles WHERE id = $roles_id"), 0) != 1){
|
||||||
|
return "invalidrole";
|
||||||
|
}
|
||||||
|
if(mysql_result(mysql_query("SELECT COUNT(*) FROM conferences WHERE id = $conferences_id"), 0) != 1){
|
||||||
|
return "invalidconference";
|
||||||
|
}
|
||||||
|
|
||||||
|
// find out if this account has a user record for this conference
|
||||||
|
$data = mysql_fetch_array(mysql_query("
|
||||||
|
SELECT * FROM users
|
||||||
|
WHERE conferences_id = $conferences_id
|
||||||
|
AND accounts_id = $accounts_id
|
||||||
|
"));
|
||||||
|
if(is_array($data)){
|
||||||
|
// they do indeed have a user record for this conference. Let's load it
|
||||||
|
$u = user_load($data['id']);
|
||||||
|
$users_id = $data['id'];
|
||||||
|
}else{
|
||||||
|
// They're not actually connected to this conference, let's hook 'em up
|
||||||
|
$u = user_create($accounts_id, $conferences_id);
|
||||||
|
$users_id = $u['id'];
|
||||||
|
}
|
||||||
|
|
||||||
|
// we now have the user id that we need, let's check to see whether or not they
|
||||||
|
// already have the specified role.
|
||||||
|
$roleRecord = mysql_fetch_array(mysql_query("
|
||||||
|
SELECT COUNT(*) FROM user_roles
|
||||||
|
WHERE conferences_id = $conferences_id
|
||||||
|
AND users_id = $users_id
|
||||||
|
AND roles_id = $roles_id
|
||||||
|
"));
|
||||||
|
if(is_array($roleRecord)){
|
||||||
|
// they already have this role. shell_exec("man true");
|
||||||
|
return 'ok';
|
||||||
|
}
|
||||||
|
|
||||||
|
// see if this role conflicts with existing ones
|
||||||
|
if(!account_add_role_allowed($accounts_id, $conferences_id, $roles_id)){
|
||||||
|
return 'invalidrole';
|
||||||
|
}
|
||||||
|
|
||||||
|
// see if this role is a valid one for this conference
|
||||||
|
if(!array_key_exists($role . '_registration_type', $config)){
|
||||||
|
return 'invalidrole';
|
||||||
|
}
|
||||||
|
|
||||||
|
// get the type of the role (eg. "judge", "student", etc.)
|
||||||
|
$role = mysql_result(mysql_query("SELECT type FROM roles WHERE id = $roles_id"), 0);
|
||||||
|
|
||||||
|
// and let's see if we meet the conditions for the registration type
|
||||||
|
$error = "";
|
||||||
|
switch($config[$role . '_registration_type']){
|
||||||
|
case 'open':
|
||||||
|
case 'openorinvite':
|
||||||
|
// this is allowed.
|
||||||
|
break;
|
||||||
|
case 'singlepassword':
|
||||||
|
if($password != $config[$role . '_registration_singlepassword']){
|
||||||
|
$error = "invalidpassword";
|
||||||
|
}
|
||||||
|
break;
|
||||||
|
case 'schoolpassword':
|
||||||
|
if($password != null){
|
||||||
|
$schoolId = $u['schools_id'];
|
||||||
|
$schoolDat = mysql_fetch_assoc(mysql_query("SELECT registration_password FROM schools WHERE id=$schoolId"));
|
||||||
|
if(is_array($schoolDat)){
|
||||||
|
if($password == $schoolDat['registration_password']) $valid = true;
|
||||||
|
$error = "invalidpassword";
|
||||||
|
}
|
||||||
|
}
|
||||||
|
break;
|
||||||
|
case 'invite':
|
||||||
|
$error = 'invalidrole';
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
|
||||||
|
if($error != ""){
|
||||||
|
return $error;
|
||||||
|
}
|
||||||
|
|
||||||
|
// *whew* all conditions have been met. Let's go ahead and create the record
|
||||||
|
if(!mysql_query("INSERT INTO user_roles (accounts_id, users_id, roles_id, active, complete) VALUES($accounts_id, $users_id, $roles_id, 'yes', 'no')")){
|
||||||
|
return "mysqlerror:" . mysql_error();
|
||||||
|
}
|
||||||
|
|
||||||
|
// if we made it this far, the role was successfully added
|
||||||
|
return 'ok';
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// find out if the specifed role can be added to this account at the specified conference
|
||||||
|
function account_add_role_allowed($accounts_id, $roles_id, $conferences_id){
|
||||||
|
$returnval = true;
|
||||||
|
|
||||||
|
// avoid injections
|
||||||
|
$accounts_id *= 1;
|
||||||
|
$roles_id *= 1;
|
||||||
|
$conferences_id *= 1;
|
||||||
|
|
||||||
|
// get the roles for the specified account at the specified conference
|
||||||
|
$query = mysql_query("
|
||||||
|
SELECT * FROM user_roles
|
||||||
|
WHERE accounts_id = $accounts_id
|
||||||
|
AND conferences_id = $conferences_id
|
||||||
|
");
|
||||||
|
|
||||||
|
while($row = mysql_fetch_assoc($record) && $returnval){
|
||||||
|
switch($row['type']){
|
||||||
|
case 'student':
|
||||||
|
// Student cant' add any other role
|
||||||
|
$returnval = false;
|
||||||
|
|
||||||
|
default:
|
||||||
|
if($role == 'student') {
|
||||||
|
// No role can add the student role
|
||||||
|
$returnval = false;
|
||||||
|
}
|
||||||
|
|
||||||
|
// All other roles can coexist (even the fair role)
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
return $returnval;
|
||||||
|
}
|
||||||
|
|
||||||
|
// remove the specified role from the account's user record for the specified conference
|
||||||
|
// return true on success, false on failure
|
||||||
function account_remove_role($accounts_id, $roles_id, $conferences_id){
|
function account_remove_role($accounts_id, $roles_id, $conferences_id){
|
||||||
|
// avoid injections
|
||||||
|
$accounts_id *= 1;
|
||||||
|
$roles_id *= 1;
|
||||||
|
$conferences_id *= 1;
|
||||||
|
|
||||||
|
// make sure the specified id's actually exist
|
||||||
|
if(mysql_result(mysql_query("SELECT COUNT(*) FROM accounts WHERE id = $accounts_id"), 0) != 1){
|
||||||
|
return "invalidaccount";
|
||||||
|
}
|
||||||
|
if(mysql_result(mysql_query("SELECT COUNT(*) FROM roles WHERE id = $roles_id"), 0) != 1){
|
||||||
|
return "invalidrole";
|
||||||
|
}
|
||||||
|
if(mysql_result(mysql_query("SELECT COUNT(*) FROM conferences WHERE id = $conferences_id"), 0) != 1){
|
||||||
|
return "invalidconference";
|
||||||
|
}
|
||||||
|
|
||||||
|
// very little error catching needed here. If the role's there, we hopfully succeed in
|
||||||
|
// removing it. If it's not, then we succeed in doing nothing
|
||||||
|
$data = mysql_fetch_array(mysql_query("
|
||||||
|
SELECT * FROM users
|
||||||
|
WHERE conferences_id = $conferences_id
|
||||||
|
AND accounts_id = $accounts_id
|
||||||
|
"));
|
||||||
|
if(is_array($data)){
|
||||||
|
// they do indeed have a user record for this conference. Let's load it
|
||||||
|
$u = user_load($data['id']);
|
||||||
|
$roletype = mysql_result(mysql_query("SELECT type FROM roles WHERE id = $roles_id"), 0);
|
||||||
|
$user_remove_role($u, $roletype);
|
||||||
|
}
|
||||||
|
return 'ok';
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
/*
|
|
||||||
*/
|
|
||||||
?>
|
?>
|
||||||
|
@ -79,12 +79,14 @@ case 'save':
|
|||||||
$u['highest_psd'] = stripslashes($_POST['highest_psd']);
|
$u['highest_psd'] = stripslashes($_POST['highest_psd']);
|
||||||
user_save($u);
|
user_save($u);
|
||||||
|
|
||||||
|
if(is_array($_POST['questions'])){
|
||||||
questions_save_answers("judgereg",$u['id'],$_POST['questions']);
|
questions_save_answers("judgereg",$u['id'],$_POST['questions']);
|
||||||
|
}
|
||||||
|
|
||||||
mysql_query("DELETE FROM judges_availability WHERE users_id='{$u['id']}'");
|
mysql_query("DELETE FROM judges_availability WHERE users_id='{$u['id']}'");
|
||||||
|
|
||||||
if(is_array($_POST['time']) ) {
|
if(is_array($_POST['time']) ) {
|
||||||
foreach($_POST['time'] as $x) {
|
foreach($_POST['time'] as $x => $blah) {
|
||||||
if(trim($times[$x]['starttime']) == '') continue;
|
if(trim($times[$x]['starttime']) == '') continue;
|
||||||
|
|
||||||
mysql_query("INSERT INTO judges_availability (users_id, `date`,`start`,`end`)
|
mysql_query("INSERT INTO judges_availability (users_id, `date`,`start`,`end`)
|
||||||
|
157
user.inc.php
157
user.inc.php
@ -23,7 +23,7 @@
|
|||||||
*/
|
*/
|
||||||
?>
|
?>
|
||||||
<?
|
<?
|
||||||
|
include_once('account.inc.php');
|
||||||
function user_valid_role($role)
|
function user_valid_role($role)
|
||||||
{
|
{
|
||||||
global $roles;
|
global $roles;
|
||||||
@ -234,15 +234,20 @@ function user_load_by_accounts_id_year($uid, $year)
|
|||||||
return user_load($i['id']);
|
return user_load($i['id']);
|
||||||
}
|
}
|
||||||
|
|
||||||
// activate the specified role for the specified user if they have that role
|
// this depends on the naming convention that any given role that needs a completion check
|
||||||
function user_activate_role($users_id, $roles_id){
|
// will have a function called <role>_status_update, which updates their status with the
|
||||||
|
// current session data and returns 'complete' or 'incomplete' accordingly.
|
||||||
|
// I love the fact that this remark took more characters than the function.
|
||||||
|
function user_check_role_complete($u, $role){
|
||||||
|
$func = $role . '_status_update';
|
||||||
|
if(function_exists($func)){
|
||||||
|
$result = $func($u); // that's right, func(u)!
|
||||||
|
}else{
|
||||||
|
$result = 'complete';
|
||||||
|
}
|
||||||
|
return $result;
|
||||||
}
|
}
|
||||||
|
|
||||||
// deactivate the specified role for the specified user if they have that role
|
|
||||||
function user_deactivate_role($users_id, $roles_id){
|
|
||||||
}
|
|
||||||
|
|
||||||
|
|
||||||
function user_save(&$u)
|
function user_save(&$u)
|
||||||
{
|
{
|
||||||
global $conference;
|
global $conference;
|
||||||
@ -256,6 +261,7 @@ function user_save(&$u)
|
|||||||
|
|
||||||
// Update all roles
|
// Update all roles
|
||||||
$new_roles = array_keys($u['roles']);
|
$new_roles = array_keys($u['roles']);
|
||||||
|
/*
|
||||||
foreach($new_roles as $r) {
|
foreach($new_roles as $r) {
|
||||||
if($u['roles'][$r] != $u['orig']['roles'][$r]) {
|
if($u['roles'][$r] != $u['orig']['roles'][$r]) {
|
||||||
// $u['roles'][$r] has changed from original, update it
|
// $u['roles'][$r] has changed from original, update it
|
||||||
@ -265,6 +271,7 @@ function user_save(&$u)
|
|||||||
echo mysql_error();
|
echo mysql_error();
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
*/
|
||||||
|
|
||||||
$fields = array('salutation','firstname','lastname',
|
$fields = array('salutation','firstname','lastname',
|
||||||
'phonehome','phonework','phonecell','fax','organization',
|
'phonehome','phonework','phonecell','fax','organization',
|
||||||
@ -321,6 +328,81 @@ function user_save(&$u)
|
|||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
// mark the role as complete if it's qualifications are met
|
||||||
|
function user_complete_role($users_id, $role){
|
||||||
|
// avoid SQL injections
|
||||||
|
$role = mysql_real_escape_string($role);
|
||||||
|
$users_id *= 1;
|
||||||
|
|
||||||
|
// get the id of the role
|
||||||
|
$row = mysql_fetch_assoc(mysql_query("SELECT id FROM roles WHERE type = '$role'"));
|
||||||
|
if(!is_array($row)){
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
$roles_id = $row['id'];
|
||||||
|
|
||||||
|
// does this user have the given role?
|
||||||
|
$row = mysql_fetch_array(mysql_query("SELECT * FROM user_roles WHERE users_id = $users_id AND roles_id = $roles_id"));
|
||||||
|
if(!is_array($row)){
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
|
||||||
|
// ok, it's a valid role and the specified user has it. Now let's see if we can mark it as complete
|
||||||
|
$user = user_load($users_id);
|
||||||
|
$result = user_check_role_complete($user, $role);
|
||||||
|
|
||||||
|
if($result == 'ok'){
|
||||||
|
return true;
|
||||||
|
}else{
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
// mark the role as being incomplete - not a verb sadly
|
||||||
|
function user_uncomplete_role($users_id, $role){
|
||||||
|
// avoid SQL injections
|
||||||
|
$role = mysql_real_escape_string($role);
|
||||||
|
$users_id *= 1;
|
||||||
|
|
||||||
|
// get the id of the role
|
||||||
|
$row = mysql_fetch_assoc(mysql_query("SELECT id FROM roles WHERE type = '$role'"));
|
||||||
|
if(!is_array($row)){
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
$roles_id = $row['id'];
|
||||||
|
|
||||||
|
// and update said role for the given user id
|
||||||
|
return mysql_query("UPDATE user_roles SET complete = 'no' WHERE users_id = $users_id AND roles_id = $roles_id");
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
// activate the specified role for the specified user if they have that role
|
||||||
|
function user_activate_role($users_id, $roles_id){
|
||||||
|
// Make sure the role is indeed there
|
||||||
|
$query = "SELECT * FROM user_roles WHERE roles_id = $roles_id AND users_id = $users_id";
|
||||||
|
$data = mysql_fetch_array(mysql_query($query));
|
||||||
|
if(!is_array($data)){
|
||||||
|
// can't be activated if you don't have it!
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
|
||||||
|
return mysql_query("UPDATE user_roles SET active='yes' WHERE users_id = $users_id AND roles_id = $roles_id");
|
||||||
|
}
|
||||||
|
|
||||||
|
// deactivate the specified role for the specified user if they have that role
|
||||||
|
function user_deactivate_role($users_id, $roles_id){
|
||||||
|
// Make sure the role is indeed there
|
||||||
|
$query = "SELECT * FROM user_roles WHERE roles_id = $roles_id AND users_id = $users_id";
|
||||||
|
$data = mysql_fetch_array(mysql_query($query));
|
||||||
|
if(!is_array($data)){
|
||||||
|
// can't be deactivated if you don't have it!
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
|
||||||
|
return mysql_query("UPDATE user_roles SET active='no' WHERE users_id = $users_id AND roles_id = $roles_id");
|
||||||
|
}
|
||||||
|
|
||||||
function user_remove_role(&$u, $role)
|
function user_remove_role(&$u, $role)
|
||||||
{
|
{
|
||||||
if(!array_key_exists($role, $u['roles'])) {
|
if(!array_key_exists($role, $u['roles'])) {
|
||||||
@ -502,46 +584,60 @@ function user_add_role_allowed(&$u, $role)
|
|||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
// Add a role for a user. Return true on success, false on error
|
// Add a role for a user.
|
||||||
function user_add_role(&$u, $role, $password = null)
|
// now just a skin on top of account_add_role
|
||||||
{
|
function user_add_role(&$u, $role, $password = null){
|
||||||
|
$row = mysql_fetch_assoc(mysql_query("SELECT conferences_id FROM users WHERE id = " . $u['id']));
|
||||||
|
if(!is_array($q)){
|
||||||
|
return 'no conference';
|
||||||
|
}
|
||||||
|
$conference_id = $q['conferences_id'];
|
||||||
|
$result = account_add_role($u['accounts_id'], $roles[$role]['id'], $password);
|
||||||
|
if($result == 'ok'){
|
||||||
|
$u['roles'][$role] = array('active' =>'yes', 'complete' => 'no');
|
||||||
|
}
|
||||||
|
return $result;
|
||||||
|
|
||||||
|
/*
|
||||||
global $config, $roles;
|
global $config, $roles;
|
||||||
if(!user_add_role_allowed($u, $role)) {
|
if(!user_add_role_allowed($u, $role)) {
|
||||||
/* If we get in here, someone is hand crafting URLs */
|
// If we get in here, someone is hand crafting URLs
|
||||||
echo "HALT: invalid role add specified for operation.";
|
return "invalid role for specified user";
|
||||||
return false;
|
|
||||||
}
|
}
|
||||||
|
|
||||||
// ensure that this role can indeed be added
|
// ensure that this role can indeed be added
|
||||||
$valid = false;
|
$error = null;
|
||||||
if(array_key_exists($role . '_registration_type', $config)){
|
if(array_key_exists($role . '_registration_type', $config)){
|
||||||
switch($config[$role . '_registration_type']){
|
switch($config[$role . '_registration_type']){
|
||||||
case 'open':
|
case 'open':
|
||||||
$valid = true;
|
case 'openorinvite':
|
||||||
|
// nothing to do for these
|
||||||
break;
|
break;
|
||||||
case 'singlepassword':
|
case 'singlepassword':
|
||||||
if($password == $config[$role . '_registration_singlepassword']){
|
if($password != $config[$role . '_registration_singlepassword']){
|
||||||
$valid = true;
|
$error = "invalid password";
|
||||||
}
|
}
|
||||||
break;
|
break;
|
||||||
case 'schoolpassword':
|
case 'schoolpassword':
|
||||||
if($pasword != null){
|
if($password != null){
|
||||||
$schoolId = $u['schools_id'];
|
$schoolId = $u['schools_id'];
|
||||||
$schoolDat = mysql_fetch_assoc(mysql_query("SELECT registration_password FROM schools WHERE id=$schoolId"));
|
$schoolDat = mysql_fetch_assoc(mysql_query("SELECT registration_password FROM schools WHERE id=$schoolId"));
|
||||||
|
if(is_array($schoolDat)){
|
||||||
if($password == $schoolDat['registration_password']) $valid = true;
|
if($password == $schoolDat['registration_password']) $valid = true;
|
||||||
|
$error = "invalid password";
|
||||||
|
}
|
||||||
}
|
}
|
||||||
break;
|
break;
|
||||||
case 'invite':
|
case 'invite':
|
||||||
//$valid = false;
|
$error = 'invite only';
|
||||||
break;
|
|
||||||
case 'openorinvite':
|
|
||||||
$valid = true;
|
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
|
}else{
|
||||||
|
$error = 'invalid role';
|
||||||
}
|
}
|
||||||
|
|
||||||
if(!$valid){
|
if($error != null){
|
||||||
return false;
|
return $error;
|
||||||
}
|
}
|
||||||
|
|
||||||
// ok, the conditions are met, make sure they don't already have this role
|
// ok, the conditions are met, make sure they don't already have this role
|
||||||
@ -556,11 +652,12 @@ function user_add_role(&$u, $role, $password = null)
|
|||||||
if(mysql_query($q)){
|
if(mysql_query($q)){
|
||||||
$u['roles'][$role] = array('active' =>'yes', 'complete' => 'no');
|
$u['roles'][$role] = array('active' =>'yes', 'complete' => 'no');
|
||||||
}else{
|
}else{
|
||||||
return false;
|
return "error creating record";
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
return true;
|
return 'ok';
|
||||||
|
*/
|
||||||
}
|
}
|
||||||
|
|
||||||
function user_create($accounts_id, $conferences_id=0)
|
function user_create($accounts_id, $conferences_id=0)
|
||||||
@ -593,12 +690,6 @@ function user_create($accounts_id, $conferences_id=0)
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
/* No data available on the old user records, let's try getting it from the account then */
|
|
||||||
$results = mysql_fetch_assoc(mysql_query("SELECT * FROM accounts WHERE id ='$accounts_id'"));
|
|
||||||
if(is_array($results)){
|
|
||||||
$fields['username'] = $results['username'];
|
|
||||||
}
|
|
||||||
|
|
||||||
/* Create the user */
|
/* Create the user */
|
||||||
$fieldList = array_keys($fields);
|
$fieldList = array_keys($fields);
|
||||||
$query = "INSERT INTO users(`created`, `" . implode('`,`', $fieldList) . "`) VALUES(NOW(), '" . implode("','", $fields) . "')";
|
$query = "INSERT INTO users(`created`, `" . implode('`,`', $fieldList) . "`) VALUES(NOW(), '" . implode("','", $fields) . "')";
|
||||||
|
@ -1,4 +1,4 @@
|
|||||||
<?
|
<?php
|
||||||
/*
|
/*
|
||||||
This file is part of the 'Science Fair In A Box' project
|
This file is part of the 'Science Fair In A Box' project
|
||||||
SFIAB Website: http://www.sfiab.ca
|
SFIAB Website: http://www.sfiab.ca
|
||||||
@ -26,21 +26,24 @@ require_once("common.inc.php");
|
|||||||
require_once("user.inc.php");
|
require_once("user.inc.php");
|
||||||
user_auth_required();
|
user_auth_required();
|
||||||
|
|
||||||
// grab data for the available role types
|
// find out if this user actually is in this conference
|
||||||
$roleDat = array();
|
$query = "SELECT COUNT(*) FROM users WHERE conferences_id = {$_SESSION['conferences_id']}"
|
||||||
$q = mysql_query("SELECT * FROM roles");
|
. " AND accounts_id = " . $_SESSION['accounts_id'];
|
||||||
while($row = mysql_fetch_assoc($q)){
|
$data = mysql_fetch_array(mysql_query($query));
|
||||||
$roleDat[$row['type']] = array(
|
if($data[0] == 0){
|
||||||
'id' => $row['id'],
|
// They're not actually connected to this conference, let's hook 'em up
|
||||||
'name' => $row['name']
|
$u = user_create($_SESSION['accounts_id'], $_SESSION['conferences_id']);
|
||||||
);
|
$_SESSION['users_id'] = $u['id'];
|
||||||
}
|
}
|
||||||
|
|
||||||
$u = user_load($_SESSION['users_id']);
|
$u = user_load($_SESSION['users_id']);
|
||||||
if(array_key_exists('action', $_GET)){
|
if(array_key_exists('action', $_GET)){
|
||||||
switch($_GET['action']){
|
switch($_GET['action']){
|
||||||
case 'register':
|
case 'register':
|
||||||
register_new_role();
|
$role = $_POST['role'];
|
||||||
|
$result = account_add_role($u['accounts_id'], $roles[$role]['id'], $_SESSION['conferences_id'], $_POST['password']);
|
||||||
|
echo $result;
|
||||||
|
// register_new_role();
|
||||||
break;
|
break;
|
||||||
case 'draw_roles':
|
case 'draw_roles':
|
||||||
draw_roles();
|
draw_roles();
|
||||||
@ -101,6 +104,7 @@ send_header("Main Page", array());
|
|||||||
'password' : $('#' + role + '_password').val()
|
'password' : $('#' + role + '_password').val()
|
||||||
},
|
},
|
||||||
function(result){
|
function(result){
|
||||||
|
alert(result);
|
||||||
$('#roles').load('user_main.php?action=draw_roles');
|
$('#roles').load('user_main.php?action=draw_roles');
|
||||||
}
|
}
|
||||||
);
|
);
|
||||||
@ -150,9 +154,6 @@ echo "<br />";
|
|||||||
echo i18n('Other Options and Things To Do').':<br />';
|
echo i18n('Other Options and Things To Do').':<br />';
|
||||||
echo '<ul>';
|
echo '<ul>';
|
||||||
echo '<li><a href="user_edit.php">'.i18n('Change Password').'</a> - '.i18n('Change your email, username, and password').'</li>';
|
echo '<li><a href="user_edit.php">'.i18n('Change Password').'</a> - '.i18n('Change your email, username, and password').'</li>';
|
||||||
echo '<li><a href="user_edit.php">'.i18n('Activate/Deactivate Roles').'</a> - '.
|
|
||||||
i18n('Activate/Deactiate/Remove/Delete roles or your entire account').
|
|
||||||
'</li>';
|
|
||||||
echo '<li>'.i18n('To logout, use the "Logout" link in the upper-right of the page').'</li>';
|
echo '<li>'.i18n('To logout, use the "Logout" link in the upper-right of the page').'</li>';
|
||||||
echo '</ul>';
|
echo '</ul>';
|
||||||
|
|
||||||
@ -240,7 +241,7 @@ function draw_roles(){
|
|||||||
|
|
||||||
function draw_signup_form($type){
|
function draw_signup_form($type){
|
||||||
global $config;
|
global $config;
|
||||||
global $roleDat;
|
global $roles;
|
||||||
switch($type) {
|
switch($type) {
|
||||||
case 'volunteer':
|
case 'volunteer':
|
||||||
$reg_open = user_volunteer_registration_status();
|
$reg_open = user_volunteer_registration_status();
|
||||||
@ -285,9 +286,9 @@ function draw_signup_form($type){
|
|||||||
break;
|
break;
|
||||||
case 'singlepassword':
|
case 'singlepassword':
|
||||||
echo '<p>';
|
echo '<p>';
|
||||||
echo i18n("{$roleDat[$type]['name']} Registration is protected by a password. You must know the <b>{$roleDat[$type]['name']} Registration Password</b> in order to create an account. Please contact the committee to obtain the password if you wish to register.");
|
echo i18n("{$roles[$type]['name']} Registration is protected by a password. You must know the <b>{$roles[$type]['name']} Registration Password</b> in order to create an account. Please contact the committee to obtain the password if you wish to register.");
|
||||||
echo "</p><p>";
|
echo "</p><p>";
|
||||||
echo i18n("{$roleDat[$type]['name']} Password").":<input type=\"password\" size=\"20\" id=\"{$type}_password\" />";
|
echo i18n("{$roles[$type]['name']} Password").":<input type=\"password\" size=\"20\" id=\"{$type}_password\" />";
|
||||||
echo "<button onclick=\"register('" . $type . "');\">Register</button>";
|
echo "<button onclick=\"register('" . $type . "');\">Register</button>";
|
||||||
echo "</p>";
|
echo "</p>";
|
||||||
break;
|
break;
|
||||||
@ -304,20 +305,12 @@ function draw_signup_form($type){
|
|||||||
echo "Unhandled registration mode: $reg_mode";
|
echo "Unhandled registration mode: $reg_mode";
|
||||||
}
|
}
|
||||||
}else{
|
}else{
|
||||||
echo i18n("{$roleDat[$type]['name']} registration is not open");
|
echo i18n("{$roles[$type]['name']} registration is not open");
|
||||||
}
|
}
|
||||||
/*
|
|
||||||
echo "<hr/>\$reg_mode = $reg_mode<br/>";
|
|
||||||
echo "\$reg_open = $reg_open<br/>";
|
|
||||||
echo "<pre>";
|
|
||||||
// print_r($config);
|
|
||||||
echo "</pre>";
|
|
||||||
*/
|
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
function register_new_role(){
|
function register_new_role(){
|
||||||
global $config, $roleDat, $u;
|
global $config, $roles, $u;
|
||||||
$password = $_POST['password'];
|
$password = $_POST['password'];
|
||||||
$uid = $_SESSION['users_id'];
|
$uid = $_SESSION['users_id'];
|
||||||
$roleId = $_POST['role'];
|
$roleId = $_POST['role'];
|
||||||
@ -359,7 +352,7 @@ function register_new_role(){
|
|||||||
|
|
||||||
// ok, they meet the conditions to register for this role
|
// ok, they meet the conditions to register for this role
|
||||||
// see if they're already registered for it
|
// see if they're already registered for it
|
||||||
$role_index = $roleDat[$role]['id'];
|
$role_index = $roles[$role]['id'];
|
||||||
$query = "SELECT COUNT(*) FROM user_roles WHERE users_id = $uid AND roles_id=$role_index";
|
$query = "SELECT COUNT(*) FROM user_roles WHERE users_id = $uid AND roles_id=$role_index";
|
||||||
echo $query;
|
echo $query;
|
||||||
$results = mysql_fetch_array(mysql_query($query));
|
$results = mysql_fetch_array(mysql_query($query));
|
||||||
@ -367,6 +360,11 @@ function register_new_role(){
|
|||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
||||||
user_add_role($u, $role, $password);
|
if(user_add_role($u, $role, $password)){
|
||||||
|
$_SESSION['roles'][] = $role;
|
||||||
user_save($u);
|
user_save($u);
|
||||||
|
return true;
|
||||||
|
}else{
|
||||||
|
return false;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
Loading…
Reference in New Issue
Block a user