From 2ec08b64d9ef7ae0f792875aeeb92a707165de80 Mon Sep 17 00:00:00 2001 From: jacob Date: Thu, 24 Feb 2011 17:44:12 +0000 Subject: [PATCH] Adding additional student fields to the users table Added name confirmation to the api in api/user/displayname/get and pi/user/displayname/confirm --- api.php | 52 +++++++++++++++++++++++++++++++++--------- db/db.code.version.txt | 2 +- db/db.update.230.sql | 7 ++++++ super/conferences.php | 4 ++-- user.inc.php | 43 ++++++++++++++++++++++++++++++---- 5 files changed, 89 insertions(+), 19 deletions(-) create mode 100644 db/db.update.230.sql diff --git a/api.php b/api.php index b9b7630..4c80979 100644 --- a/api.php +++ b/api.php @@ -375,7 +375,7 @@ switch($request[0]) { if(is_array($u)){ $p = getProject($u['id']); if(is_array($p)) { - $_SESSION['registrations_id'] = $p['registrations_id']; + $_SESSION['registration_id'] = $p['registrations_id']; $_SESSION['registration_number'] = $p['num']; }else $_SESSION['error'] = "project not found"; @@ -403,7 +403,7 @@ switch($request[0]) { unset($_SESSION['roles']); unset($_SESSION['users_id']); unset($_SESSION['name']); - unset($_SESSION['registrations_id']); + unset($_SESSION['registration_id']); unset($_SESSION['registration_number']); $ret['status']="ok"; } @@ -699,6 +699,36 @@ switch($request[0]) { } } break; + + case 'displayname': + $chk=api_user_auth_required('participant'); + if($chk['status']!="ok") { + $ret['status']="error"; + $ret['error']=$chk['error']; + break; + } + switch($request[2]){ + /* APIDOC: user/displayname/get + description(Get the current display name for this user, and whether or not it's been confirmed) + return(displayname array) + */ + case 'get': + $ret['status'] = 'ok'; + $ret['displayname'] = array( + 'name' => user_get_displayname($_SESSION['users_id']), + 'confirmed' => user_displayname_confirmed($_SESSION['users_id']) + ); + break; + + /* APIDOC: user/displayname/confirm + description(mark the display name as being correct) + */ + case 'confirm': + user_confirm_displayname($_SESSION['users_id']); + $ret['status'] = 'ok'; + break; + } + break; } break; @@ -918,7 +948,7 @@ switch($request[0]) { } // if we got this far, then all's good and we can return the project data - $_SESSION['registrations_id'] = $regdat['registrations_id']; + $_SESSION['registration_id'] = $regdat['registrations_id']; $_SESSION['registration_number'] = $regdat['registration_number']; $ret['status'] = 'ok'; $ret['project'] = getProject($_SESSION['users_id']); @@ -981,7 +1011,7 @@ switch($request[0]) { } $result = joinProject($_POST['registration_number'], $_POST['email']); if($result == "ok"){ - $_SESSION['registrations_id'] = getRegistrationsId($_SESSION['users_id']); + $_SESSION['registration_id'] = getRegistrationsId($_SESSION['users_id']); $_SESSION['registration_number'] = $_POST['registration_number']; $ret['status'] = "ok"; }else{ @@ -994,19 +1024,19 @@ switch($request[0]) { description(remove the current user from an existing project. If no other users are in the project, then it is deleted.) */ case 'remove': - if(!array_key_exists('registrations_id', $_SESSION)){ + if(!array_key_exists('registration_id', $_SESSION)){ $ret['status'] = 'error'; $ret['error'] = 'current user not associated with a project'; break; } - $result = removeProject($_SESSION['registrations_id']); + $result = removeProject($_SESSION['registration_id']); if($result != 'ok'){ $ret['status'] = "error"; $ret['error'] = $result; break; } - unset($_SESSION['registrations_id']); + unset($_SESSION['registration_id']); unset($_SESSION['registration_number']); $ret['status'] = 'ok'; break; @@ -1018,13 +1048,13 @@ switch($request[0]) { return(mentor array) */ case 'add': - if(!array_key_exists('registrations_id', $_SESSION)){ + if(!array_key_exists('registration_id', $_SESSION)){ $ret['status'] = "error"; $ret['error'] = 'current user not associated with a project'; break; } - $result = addMentor($_SESSION['registrations_id']); + $result = addMentor($_SESSION['registration_id']); if(is_array($result)){ $ret['status'] = 'ok'; $ret['mentor'] = $result; @@ -1077,12 +1107,12 @@ switch($request[0]) { return(mentors array) */ case 'view': - if(!array_key_exists('registrations_id', $_SESSION)){ + if(!array_key_exists('registration_id', $_SESSION)){ $ret['status'] = "error"; $ret['error'] = 'current user not associated with a project'; break; } - $result = getMentors($_SESSION['registrations_id']); + $result = getMentors($_SESSION['registration_id']); if(is_array($result)){ $ret['status'] = 'ok'; $ret['mentors'] = $result; diff --git a/db/db.code.version.txt b/db/db.code.version.txt index bf18240..dcb6b5b 100644 --- a/db/db.code.version.txt +++ b/db/db.code.version.txt @@ -1 +1 @@ -229 +230 diff --git a/db/db.update.230.sql b/db/db.update.230.sql new file mode 100644 index 0000000..96ffa73 --- /dev/null +++ b/db/db.update.230.sql @@ -0,0 +1,7 @@ +ALTER TABLE `users` ADD `pronunciation` VARCHAR( 64 ) NULL DEFAULT NULL COMMENT 'student' AFTER `dateofbirth` , +ADD `teachername` VARCHAR( 64 ) NULL DEFAULT NULL COMMENT 'student' AFTER `pronunciation` , +ADD `teacheremail` VARCHAR( 128 ) NULL DEFAULT NULL COMMENT 'student' AFTER `teachername` , +ADD `namecheck_complete` ENUM( 'no', 'yes' ) NOT NULL COMMENT 'student' AFTER `teacheremail`, +ADD `webfirst` ENUM( 'no', 'yes' ) NULL DEFAULT NULL COMMENT 'student' AFTER `namecheck_complete` , +ADD `weblast` ENUM( 'no', 'yes' ) NULL DEFAULT NULL COMMENT 'student' AFTER `webfirst` , +ADD `webphoto` ENUM( 'no', 'yes' ) NULL DEFAULT NULL COMMENT 'student' AFTER `weblast`; diff --git a/super/conferences.php b/super/conferences.php index fc148b0..6342e33 100644 --- a/super/conferences.php +++ b/super/conferences.php @@ -277,8 +277,8 @@ function openWizard(){ $('#conferences').append(wizard); wizard.dialog({ modal:true, - width:500, - height:200, + width:600, + height:400, resizable:false, draggable:false, closeOnEscape:false, diff --git a/user.inc.php b/user.inc.php index cfa5713..dfb4ca0 100644 --- a/user.inc.php +++ b/user.inc.php @@ -715,6 +715,7 @@ function user_save(&$u) $fields = array_unique($fields); $set = ""; + $resetNamecheck = false; foreach($fields as $f) { // re-indexing fields that might be mis-entered. Add additional field names to the array as needed. if(in_array($f, array('languages'))){ @@ -723,6 +724,7 @@ function user_save(&$u) if($u[$f] == $u['orig'][$f]) continue; + if($f == 'firstname' || $f == 'lastname') $resetNamecheck = true; if($set != "") $set .=','; if($u[$f] == NULL) { @@ -731,12 +733,17 @@ function user_save(&$u) } if(is_array($u[$f])) - $data = mysql_escape_string(serialize($u[$f])); + $data = mysql_real_escape_string(serialize($u[$f])); else - $data = mysql_escape_string(stripslashes($u[$f])); + $data = mysql_real_escape_string($u[$f]); $set .= "$f='$data'"; } + // if they've changed their first or last name, update the "namecheck_complete" flag no "no" + if($resetNamecheck){ + $set .= ",namecheck_complete = 'no'"; + } + // now update all of those fields if($set != "") { $query = "UPDATE users SET $set WHERE id='{$u['id']}'"; mysql_query($query); @@ -888,6 +895,32 @@ function user_complete_role($users_id, $role){ } +// get the display name that would show up on trophies and the like if this is a student +function user_get_displayname($users_id){ + $returnval = null; + $u = user_load($users_id); + if(is_array($u)){ + $returnval = $u['firstname'] . ' ' . $u['lastname']; + } + return $returnval; +} + +// mark the user's display name as being correct +// TODO - in the future, this should probably be reset to unconfirmed if the user +function user_confirm_displayname($users_id){ + mysql_query("UPDATE users SET namecheck_complete = 'yes' WHERE id = $users_id"); +} + +// return a yes/no answer as to whether or not the user's display name has been confirmed +function user_displayname_confirmed($users_id){ + $returnval = null; + $q = mysql_query("SELECT namecheck_complete FROM users WHERE id = $users_id"); + if($row = mysql_fetch_assoc($q)){ + $returnval = $row['namecheck_complete']; + } + return $returnval; +} + // mark the role as being incomplete - not a verb sadly function user_uncomplete_role($users_id, $role){ // avoid SQL injections @@ -1224,7 +1257,7 @@ function api_user_auth_required($all_required = array(), $one_required = array() if(!isset($_SESSION['roles']) || !isset($_SESSION['accounts_id'])) { $ret['status']="error"; - $returnval="Not logged in"; + $ret['error']="Not logged in"; return $ret; } @@ -1251,14 +1284,14 @@ function api_user_auth_required($all_required = array(), $one_required = array() if(!$ok) { $ret['status']="error"; - $returnval="You do not have permission to access that information"; + $ret['error']="You do not have permission to access that information"; return $ret; } /* Forward to password expired, remember the target URI */ if($_SESSION['password_expired'] == true) { $ret['status']="error"; - $returnval="Your password has expired"; + $ret['error']="Your password has expired"; return $ret; } $ret['status']="ok";