diff --git a/account.inc.php b/account.inc.php index f8fc2da..d51643d 100644 --- a/account.inc.php +++ b/account.inc.php @@ -196,7 +196,7 @@ function account_add_role($accounts_id, $roles_id, $conferences_id, $password = return "invalidaccount"; } if(mysql_result(mysql_query("SELECT COUNT(*) FROM roles WHERE id = $roles_id"), 0) != 1){ - return "invalidrole"; + return "invalidrole($roles_id)"; } if(mysql_result(mysql_query("SELECT COUNT(*) FROM conferences WHERE id = $conferences_id"), 0) != 1){ return "invalidconference"; @@ -227,17 +227,20 @@ function account_add_role($accounts_id, $roles_id, $conferences_id, $password = // see if this role conflicts with existing ones if(!account_add_role_allowed($accounts_id, $conferences_id, $roles_id)){ - return 'invalidrole'; + return 'invalidrole(account_add_role_allowed)'; } // get the type of the role (eg. "judge", "participant", etc.) $role = mysql_result(mysql_query("SELECT type FROM roles WHERE id = $roles_id"), 0); - // and see if it's a valid one for this conference - if(!array_key_exists($role . '_registration_type', $config)){ - return 'invalidrole'; + if($_SESSION['superuser']!='yes') { + // and see if it's a valid one for this conference + if(!array_key_exists($role . '_registration_type', $config)){ + return 'invalidrole(_registration_type)'; + } } + // and let's see if we meet the conditions for the registration type $error = ""; switch($config[$role . '_registration_type']){ diff --git a/admin/committee_committees.php b/admin/committee_committees.php index 15cdbf8..af57628 100644 --- a/admin/committee_committees.php +++ b/admin/committee_committees.php @@ -35,6 +35,7 @@ 'Administration' => 'admin/index.php' ), "committee_management"); + echo "Manage Committee Members
"; $_SESSION['last_page'] = 'committee_management'; diff --git a/admin/committees.php b/admin/committees.php index 17bd7d4..e96e61a 100644 --- a/admin/committees.php +++ b/admin/committees.php @@ -48,7 +48,7 @@ if($_POST['accounts_id']) function openeditor(id) { - window.open("user_editor_window.php?id="+id,"UserEditor","location=no,menubar=no,directories=no,toolbar=no,width=770,height=500,scrollbars=yes"); + window.open("user_editor_window.php?users_id="+id,"UserEditor","location=no,menubar=no,directories=no,toolbar=no,width=770,height=500,scrollbars=yes"); return false; } @@ -190,6 +190,8 @@ if($_GET['unlinkmember'] && $_GET['unlinkcommittee']) { echo happy(i18n("Committee member unlinked from committee")); } + + echo "Manage Committees
"; echo "
\n"; echo ""; echo "
"; diff --git a/admin/user_editor_window.php b/admin/user_editor_window.php index 01f66d9..a5315cf 100644 --- a/admin/user_editor_window.php +++ b/admin/user_editor_window.php @@ -44,8 +44,8 @@ $tabs = array( 'fairinfo' => array( 'enabled' => true), 'roles' => array( 'label' => 'Roles/Account', - 'types' => array('student','judge','committee','volunteer','sponsor','fair'), - 'file' => '../user_activate.php', + 'types' => array('student','judge','committee','admin','config','volunteer','sponsor','fair','admin','config'), + 'file' => '../user_roles.php', 'enabled' => true), 'judgeother' => array( 'label' => 'Judge Other', @@ -110,7 +110,7 @@ echo mysql_error(); user_save($u); $id = $u['id']; } else { - $id = $_GET['id']; + $id = $_GET['users_id']; } $u = user_load($id); @@ -126,7 +126,7 @@ if(!array_key_exists($selected, $tabs)) { if($_GET['sub'] == 1) { $_SESSION['embed'] = true; - $_SESSION['embed_submit_url'] = "{$_SERVER['PHP_SELF']}?id=$id&tab=$selected"; + $_SESSION['embed_submit_url'] = "{$_SERVER['PHP_SELF']}?users_id=$id&tab=$selected"; $_SESSION['embed_edit_id'] = $id; $t = $tabs[$selected]; include("{$t['file']}"); @@ -156,7 +156,7 @@ foreach($tabs as $k=>$t) { $index++; /* Show the tab */ - $href = "{$_SERVER['PHP_SELF']}?id=$id&tab=$k&sub=1"; + $href = "{$_SERVER['PHP_SELF']}?users_id=$id&tab=$k&sub=1"; echo "
  • ".i18n($t['label'])."
    • "; } echo ''; diff --git a/user.inc.php b/user.inc.php index f54654c..66cad93 100644 --- a/user.inc.php +++ b/user.inc.php @@ -1011,8 +1011,12 @@ function user_add_role(&$u, $role, $password = null){ $result = account_add_role($u['accounts_id'], $roleId, $conferences_id, $password); if($result == 'ok'){ // we need this "if" because account_add_role will return "ok" if they already have this role - if(!in_array($role, $_SESSION['roles'])){ - $_SESSION['roles'][] = $role; + + //only update the session if the logged in user is the same as the one we're editing + if($u['id']==$_SESSION['users_id']) { + if(!in_array($role, $_SESSION['roles'])){ + $_SESSION['roles'][] = $role; + } } // also, update the user: diff --git a/user_edit.php b/user_edit.php index d0affba..5c8182f 100644 --- a/user_edit.php +++ b/user_edit.php @@ -97,7 +97,7 @@ $tabs = array( 'fairinfo' => array( 'personal' => array( 'label' => 'Personal', 'name' => 'Personal Information', - 'types' => array('teacher','participant','judge','committee','volunteer','sponsor','fair'), + 'types' => array('teacher','participant','judge','committee','volunteer','sponsor','fair','admin','config'), 'file' => 'user_personal.php', 'status_func' => 'user_personal_info_status', ), @@ -160,7 +160,7 @@ $tabs = array( 'fairinfo' => array( 'roles' => array( 'label' => 'Roles', 'name' => 'Add/Remove Roles', - 'types' => array('teacher','participant','judge','committee','volunteer','sponsor','fair'), + 'types' => array('teacher','participant','judge','committee','volunteer','sponsor','fair','admin','config'), 'file' => 'user_roles.php', 'status_func' => false, ), diff --git a/user_roles.php b/user_roles.php index c797f29..df2cb88 100644 --- a/user_roles.php +++ b/user_roles.php @@ -75,10 +75,22 @@ case 'remove': exit; case 'activate': - if(!array_key_exists($role, $u['roles'])) { - /* Hand crafting URLs? */ - echo "HALT: can't activate a role the user doesn't have"; - exit; + //if we're a superuser, we will be ADDING a role if we cant activate it, otherwise, they cant do it, sorry + if($_SESSION['superuser']=='yes') { + //they might have the role alreayd, its just not active... so activate if if thats the case, otherwise, add it + if(!array_key_exists($role, $u['roles'])) { + $ok=user_add_role($u,$role); + } + else { + //active gets set below, we just dont 'exit' like we do for non superuser + } + } + else { + if(!array_key_exists($role, $u['roles'])) { + /* Hand crafting URLs? */ + echo "Can't activate a role that you don't already have"; + exit; + } } $u['roles'][$role]['active'] = 'yes'; user_save($u); @@ -165,7 +177,13 @@ function addRole(role){