forked from science-ation/science-ation
Adding additional student fields to the users table
Added name confirmation to the api in api/user/displayname/get and pi/user/displayname/confirm
This commit is contained in:
jacob
parent
0968725a5f
commit
2ec08b64d9
52
api.php
52
api.php
@ -375,7 +375,7 @@ switch($request[0]) {
|
||||
if(is_array($u)){
|
||||
$p = getProject($u['id']);
|
||||
if(is_array($p)) {
|
||||
$_SESSION['registrations_id'] = $p['registrations_id'];
|
||||
$_SESSION['registration_id'] = $p['registrations_id'];
|
||||
$_SESSION['registration_number'] = $p['num'];
|
||||
}else
|
||||
$_SESSION['error'] = "project not found";
|
||||
@ -403,7 +403,7 @@ switch($request[0]) {
|
||||
unset($_SESSION['roles']);
|
||||
unset($_SESSION['users_id']);
|
||||
unset($_SESSION['name']);
|
||||
unset($_SESSION['registrations_id']);
|
||||
unset($_SESSION['registration_id']);
|
||||
unset($_SESSION['registration_number']);
|
||||
$ret['status']="ok";
|
||||
}
|
||||
@ -699,6 +699,36 @@ switch($request[0]) {
|
||||
}
|
||||
}
|
||||
break;
|
||||
|
||||
case 'displayname':
|
||||
$chk=api_user_auth_required('participant');
|
||||
if($chk['status']!="ok") {
|
||||
$ret['status']="error";
|
||||
$ret['error']=$chk['error'];
|
||||
break;
|
||||
}
|
||||
switch($request[2]){
|
||||
/* APIDOC: user/displayname/get
|
||||
description(Get the current display name for this user, and whether or not it's been confirmed)
|
||||
return(displayname array)
|
||||
*/
|
||||
case 'get':
|
||||
$ret['status'] = 'ok';
|
||||
$ret['displayname'] = array(
|
||||
'name' => user_get_displayname($_SESSION['users_id']),
|
||||
'confirmed' => user_displayname_confirmed($_SESSION['users_id'])
|
||||
);
|
||||
break;
|
||||
|
||||
/* APIDOC: user/displayname/confirm
|
||||
description(mark the display name as being correct)
|
||||
*/
|
||||
case 'confirm':
|
||||
user_confirm_displayname($_SESSION['users_id']);
|
||||
$ret['status'] = 'ok';
|
||||
break;
|
||||
}
|
||||
break;
|
||||
}
|
||||
|
||||
break;
|
||||
@ -918,7 +948,7 @@ switch($request[0]) {
|
||||
}
|
||||
|
||||
// if we got this far, then all's good and we can return the project data
|
||||
$_SESSION['registrations_id'] = $regdat['registrations_id'];
|
||||
$_SESSION['registration_id'] = $regdat['registrations_id'];
|
||||
$_SESSION['registration_number'] = $regdat['registration_number'];
|
||||
$ret['status'] = 'ok';
|
||||
$ret['project'] = getProject($_SESSION['users_id']);
|
||||
@ -981,7 +1011,7 @@ switch($request[0]) {
|
||||
}
|
||||
$result = joinProject($_POST['registration_number'], $_POST['email']);
|
||||
if($result == "ok"){
|
||||
$_SESSION['registrations_id'] = getRegistrationsId($_SESSION['users_id']);
|
||||
$_SESSION['registration_id'] = getRegistrationsId($_SESSION['users_id']);
|
||||
$_SESSION['registration_number'] = $_POST['registration_number'];
|
||||
$ret['status'] = "ok";
|
||||
}else{
|
||||
@ -994,19 +1024,19 @@ switch($request[0]) {
|
||||
description(remove the current user from an existing project. If no other users are in the project, then it is deleted.)
|
||||
*/
|
||||
case 'remove':
|
||||
if(!array_key_exists('registrations_id', $_SESSION)){
|
||||
if(!array_key_exists('registration_id', $_SESSION)){
|
||||
$ret['status'] = 'error';
|
||||
$ret['error'] = 'current user not associated with a project';
|
||||
break;
|
||||
}
|
||||
|
||||
$result = removeProject($_SESSION['registrations_id']);
|
||||
$result = removeProject($_SESSION['registration_id']);
|
||||
if($result != 'ok'){
|
||||
$ret['status'] = "error";
|
||||
$ret['error'] = $result;
|
||||
break;
|
||||
}
|
||||
unset($_SESSION['registrations_id']);
|
||||
unset($_SESSION['registration_id']);
|
||||
unset($_SESSION['registration_number']);
|
||||
$ret['status'] = 'ok';
|
||||
break;
|
||||
@ -1018,13 +1048,13 @@ switch($request[0]) {
|
||||
return(mentor array)
|
||||
*/
|
||||
case 'add':
|
||||
if(!array_key_exists('registrations_id', $_SESSION)){
|
||||
if(!array_key_exists('registration_id', $_SESSION)){
|
||||
$ret['status'] = "error";
|
||||
$ret['error'] = 'current user not associated with a project';
|
||||
break;
|
||||
}
|
||||
|
||||
$result = addMentor($_SESSION['registrations_id']);
|
||||
$result = addMentor($_SESSION['registration_id']);
|
||||
if(is_array($result)){
|
||||
$ret['status'] = 'ok';
|
||||
$ret['mentor'] = $result;
|
||||
@ -1077,12 +1107,12 @@ switch($request[0]) {
|
||||
return(mentors array)
|
||||
*/
|
||||
case 'view':
|
||||
if(!array_key_exists('registrations_id', $_SESSION)){
|
||||
if(!array_key_exists('registration_id', $_SESSION)){
|
||||
$ret['status'] = "error";
|
||||
$ret['error'] = 'current user not associated with a project';
|
||||
break;
|
||||
}
|
||||
$result = getMentors($_SESSION['registrations_id']);
|
||||
$result = getMentors($_SESSION['registration_id']);
|
||||
if(is_array($result)){
|
||||
$ret['status'] = 'ok';
|
||||
$ret['mentors'] = $result;
|
||||
|
||||
@ -1 +1 @@
|
||||
229
|
||||
230
|
||||
|
||||
7
db/db.update.230.sql
Normal file
7
db/db.update.230.sql
Normal file
@ -0,0 +1,7 @@
|
||||
ALTER TABLE `users` ADD `pronunciation` VARCHAR( 64 ) NULL DEFAULT NULL COMMENT 'student' AFTER `dateofbirth` ,
|
||||
ADD `teachername` VARCHAR( 64 ) NULL DEFAULT NULL COMMENT 'student' AFTER `pronunciation` ,
|
||||
ADD `teacheremail` VARCHAR( 128 ) NULL DEFAULT NULL COMMENT 'student' AFTER `teachername` ,
|
||||
ADD `namecheck_complete` ENUM( 'no', 'yes' ) NOT NULL COMMENT 'student' AFTER `teacheremail`,
|
||||
ADD `webfirst` ENUM( 'no', 'yes' ) NULL DEFAULT NULL COMMENT 'student' AFTER `namecheck_complete` ,
|
||||
ADD `weblast` ENUM( 'no', 'yes' ) NULL DEFAULT NULL COMMENT 'student' AFTER `webfirst` ,
|
||||
ADD `webphoto` ENUM( 'no', 'yes' ) NULL DEFAULT NULL COMMENT 'student' AFTER `weblast`;
|
||||
@ -277,8 +277,8 @@ function openWizard(){
|
||||
$('#conferences').append(wizard);
|
||||
wizard.dialog({
|
||||
modal:true,
|
||||
width:500,
|
||||
height:200,
|
||||
width:600,
|
||||
height:400,
|
||||
resizable:false,
|
||||
draggable:false,
|
||||
closeOnEscape:false,
|
||||
|
||||
43
user.inc.php
43
user.inc.php
@ -715,6 +715,7 @@ function user_save(&$u)
|
||||
$fields = array_unique($fields);
|
||||
|
||||
$set = "";
|
||||
$resetNamecheck = false;
|
||||
foreach($fields as $f) {
|
||||
// re-indexing fields that might be mis-entered. Add additional field names to the array as needed.
|
||||
if(in_array($f, array('languages'))){
|
||||
@ -723,6 +724,7 @@ function user_save(&$u)
|
||||
|
||||
if($u[$f] == $u['orig'][$f]) continue;
|
||||
|
||||
if($f == 'firstname' || $f == 'lastname') $resetNamecheck = true;
|
||||
if($set != "") $set .=',';
|
||||
|
||||
if($u[$f] == NULL) {
|
||||
@ -731,12 +733,17 @@ function user_save(&$u)
|
||||
}
|
||||
|
||||
if(is_array($u[$f]))
|
||||
$data = mysql_escape_string(serialize($u[$f]));
|
||||
$data = mysql_real_escape_string(serialize($u[$f]));
|
||||
else
|
||||
$data = mysql_escape_string(stripslashes($u[$f]));
|
||||
$data = mysql_real_escape_string($u[$f]);
|
||||
$set .= "$f='$data'";
|
||||
}
|
||||
// if they've changed their first or last name, update the "namecheck_complete" flag no "no"
|
||||
if($resetNamecheck){
|
||||
$set .= ",namecheck_complete = 'no'";
|
||||
}
|
||||
|
||||
// now update all of those fields
|
||||
if($set != "") {
|
||||
$query = "UPDATE users SET $set WHERE id='{$u['id']}'";
|
||||
mysql_query($query);
|
||||
@ -888,6 +895,32 @@ function user_complete_role($users_id, $role){
|
||||
|
||||
}
|
||||
|
||||
// get the display name that would show up on trophies and the like if this is a student
|
||||
function user_get_displayname($users_id){
|
||||
$returnval = null;
|
||||
$u = user_load($users_id);
|
||||
if(is_array($u)){
|
||||
$returnval = $u['firstname'] . ' ' . $u['lastname'];
|
||||
}
|
||||
return $returnval;
|
||||
}
|
||||
|
||||
// mark the user's display name as being correct
|
||||
// TODO - in the future, this should probably be reset to unconfirmed if the user
|
||||
function user_confirm_displayname($users_id){
|
||||
mysql_query("UPDATE users SET namecheck_complete = 'yes' WHERE id = $users_id");
|
||||
}
|
||||
|
||||
// return a yes/no answer as to whether or not the user's display name has been confirmed
|
||||
function user_displayname_confirmed($users_id){
|
||||
$returnval = null;
|
||||
$q = mysql_query("SELECT namecheck_complete FROM users WHERE id = $users_id");
|
||||
if($row = mysql_fetch_assoc($q)){
|
||||
$returnval = $row['namecheck_complete'];
|
||||
}
|
||||
return $returnval;
|
||||
}
|
||||
|
||||
// mark the role as being incomplete - not a verb sadly
|
||||
function user_uncomplete_role($users_id, $role){
|
||||
// avoid SQL injections
|
||||
@ -1224,7 +1257,7 @@ function api_user_auth_required($all_required = array(), $one_required = array()
|
||||
|
||||
if(!isset($_SESSION['roles']) || !isset($_SESSION['accounts_id'])) {
|
||||
$ret['status']="error";
|
||||
$returnval="Not logged in";
|
||||
$ret['error']="Not logged in";
|
||||
return $ret;
|
||||
}
|
||||
|
||||
@ -1251,14 +1284,14 @@ function api_user_auth_required($all_required = array(), $one_required = array()
|
||||
|
||||
if(!$ok) {
|
||||
$ret['status']="error";
|
||||
$returnval="You do not have permission to access that information";
|
||||
$ret['error']="You do not have permission to access that information";
|
||||
return $ret;
|
||||
}
|
||||
|
||||
/* Forward to password expired, remember the target URI */
|
||||
if($_SESSION['password_expired'] == true) {
|
||||
$ret['status']="error";
|
||||
$returnval="Your password has expired";
|
||||
$ret['error']="Your password has expired";
|
||||
return $ret;
|
||||
}
|
||||
$ret['status']="ok";
|
||||
|
||||
Loading…
Reference in New Issue
Block a user