forked from science-ation/science-ation
More fixes to (hopefully) allow a superuser to add admin/config roles
This commit is contained in:
james
parent
0acf5a5661
commit
39ff0dd2ce
@ -196,7 +196,7 @@ function account_add_role($accounts_id, $roles_id, $conferences_id, $password =
|
|||||||
return "invalidaccount";
|
return "invalidaccount";
|
||||||
}
|
}
|
||||||
if(mysql_result(mysql_query("SELECT COUNT(*) FROM roles WHERE id = $roles_id"), 0) != 1){
|
if(mysql_result(mysql_query("SELECT COUNT(*) FROM roles WHERE id = $roles_id"), 0) != 1){
|
||||||
return "invalidrole";
|
return "invalidrole($roles_id)";
|
||||||
}
|
}
|
||||||
if(mysql_result(mysql_query("SELECT COUNT(*) FROM conferences WHERE id = $conferences_id"), 0) != 1){
|
if(mysql_result(mysql_query("SELECT COUNT(*) FROM conferences WHERE id = $conferences_id"), 0) != 1){
|
||||||
return "invalidconference";
|
return "invalidconference";
|
||||||
@ -227,17 +227,20 @@ function account_add_role($accounts_id, $roles_id, $conferences_id, $password =
|
|||||||
|
|
||||||
// see if this role conflicts with existing ones
|
// see if this role conflicts with existing ones
|
||||||
if(!account_add_role_allowed($accounts_id, $conferences_id, $roles_id)){
|
if(!account_add_role_allowed($accounts_id, $conferences_id, $roles_id)){
|
||||||
return 'invalidrole';
|
return 'invalidrole(account_add_role_allowed)';
|
||||||
}
|
}
|
||||||
|
|
||||||
// get the type of the role (eg. "judge", "participant", etc.)
|
// get the type of the role (eg. "judge", "participant", etc.)
|
||||||
$role = mysql_result(mysql_query("SELECT type FROM roles WHERE id = $roles_id"), 0);
|
$role = mysql_result(mysql_query("SELECT type FROM roles WHERE id = $roles_id"), 0);
|
||||||
|
|
||||||
// and see if it's a valid one for this conference
|
if($_SESSION['superuser']!='yes') {
|
||||||
if(!array_key_exists($role . '_registration_type', $config)){
|
// and see if it's a valid one for this conference
|
||||||
return 'invalidrole';
|
if(!array_key_exists($role . '_registration_type', $config)){
|
||||||
|
return 'invalidrole(_registration_type)';
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
// and let's see if we meet the conditions for the registration type
|
// and let's see if we meet the conditions for the registration type
|
||||||
$error = "";
|
$error = "";
|
||||||
switch($config[$role . '_registration_type']){
|
switch($config[$role . '_registration_type']){
|
||||||
|
|||||||
@ -35,6 +35,7 @@
|
|||||||
'Administration' => 'admin/index.php' ),
|
'Administration' => 'admin/index.php' ),
|
||||||
"committee_management");
|
"committee_management");
|
||||||
|
|
||||||
|
echo "<a href=\"committees.php\">Manage Committee Members</a><br />";
|
||||||
|
|
||||||
$_SESSION['last_page'] = 'committee_management';
|
$_SESSION['last_page'] = 'committee_management';
|
||||||
|
|
||||||
|
|||||||
@ -48,7 +48,7 @@ if($_POST['accounts_id'])
|
|||||||
|
|
||||||
function openeditor(id)
|
function openeditor(id)
|
||||||
{
|
{
|
||||||
window.open("user_editor_window.php?id="+id,"UserEditor","location=no,menubar=no,directories=no,toolbar=no,width=770,height=500,scrollbars=yes");
|
window.open("user_editor_window.php?users_id="+id,"UserEditor","location=no,menubar=no,directories=no,toolbar=no,width=770,height=500,scrollbars=yes");
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -190,6 +190,8 @@ if($_GET['unlinkmember'] && $_GET['unlinkcommittee']) {
|
|||||||
echo happy(i18n("Committee member unlinked from committee"));
|
echo happy(i18n("Committee member unlinked from committee"));
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
echo "<a href=\"committee_committees.php\">Manage Committees</a><br />";
|
||||||
echo "<form name=\"memberaction\" method=\"post\" action=\"committees.php\" onsubmit=\"return actionSubmit()\">\n";
|
echo "<form name=\"memberaction\" method=\"post\" action=\"committees.php\" onsubmit=\"return actionSubmit()\">\n";
|
||||||
echo "<table>";
|
echo "<table>";
|
||||||
echo "<tr><td>";
|
echo "<tr><td>";
|
||||||
|
|||||||
@ -44,8 +44,8 @@ $tabs = array( 'fairinfo' => array(
|
|||||||
'enabled' => true),
|
'enabled' => true),
|
||||||
'roles' => array(
|
'roles' => array(
|
||||||
'label' => 'Roles/Account',
|
'label' => 'Roles/Account',
|
||||||
'types' => array('student','judge','committee','volunteer','sponsor','fair'),
|
'types' => array('student','judge','committee','admin','config','volunteer','sponsor','fair','admin','config'),
|
||||||
'file' => '../user_activate.php',
|
'file' => '../user_roles.php',
|
||||||
'enabled' => true),
|
'enabled' => true),
|
||||||
'judgeother' => array(
|
'judgeother' => array(
|
||||||
'label' => 'Judge Other',
|
'label' => 'Judge Other',
|
||||||
@ -110,7 +110,7 @@ echo mysql_error();
|
|||||||
user_save($u);
|
user_save($u);
|
||||||
$id = $u['id'];
|
$id = $u['id'];
|
||||||
} else {
|
} else {
|
||||||
$id = $_GET['id'];
|
$id = $_GET['users_id'];
|
||||||
}
|
}
|
||||||
|
|
||||||
$u = user_load($id);
|
$u = user_load($id);
|
||||||
@ -126,7 +126,7 @@ if(!array_key_exists($selected, $tabs)) {
|
|||||||
|
|
||||||
if($_GET['sub'] == 1) {
|
if($_GET['sub'] == 1) {
|
||||||
$_SESSION['embed'] = true;
|
$_SESSION['embed'] = true;
|
||||||
$_SESSION['embed_submit_url'] = "{$_SERVER['PHP_SELF']}?id=$id&tab=$selected";
|
$_SESSION['embed_submit_url'] = "{$_SERVER['PHP_SELF']}?users_id=$id&tab=$selected";
|
||||||
$_SESSION['embed_edit_id'] = $id;
|
$_SESSION['embed_edit_id'] = $id;
|
||||||
$t = $tabs[$selected];
|
$t = $tabs[$selected];
|
||||||
include("{$t['file']}");
|
include("{$t['file']}");
|
||||||
@ -156,7 +156,7 @@ foreach($tabs as $k=>$t) {
|
|||||||
$index++;
|
$index++;
|
||||||
|
|
||||||
/* Show the tab */
|
/* Show the tab */
|
||||||
$href = "{$_SERVER['PHP_SELF']}?id=$id&tab=$k&sub=1";
|
$href = "{$_SERVER['PHP_SELF']}?users_id=$id&tab=$k&sub=1";
|
||||||
echo "<li><a href=\"$href\"><span>".i18n($t['label'])."</span></a></li>";
|
echo "<li><a href=\"$href\"><span>".i18n($t['label'])."</span></a></li>";
|
||||||
}
|
}
|
||||||
echo '</ul>';
|
echo '</ul>';
|
||||||
|
|||||||
@ -1011,8 +1011,12 @@ function user_add_role(&$u, $role, $password = null){
|
|||||||
$result = account_add_role($u['accounts_id'], $roleId, $conferences_id, $password);
|
$result = account_add_role($u['accounts_id'], $roleId, $conferences_id, $password);
|
||||||
if($result == 'ok'){
|
if($result == 'ok'){
|
||||||
// we need this "if" because account_add_role will return "ok" if they already have this role
|
// we need this "if" because account_add_role will return "ok" if they already have this role
|
||||||
if(!in_array($role, $_SESSION['roles'])){
|
|
||||||
$_SESSION['roles'][] = $role;
|
//only update the session if the logged in user is the same as the one we're editing
|
||||||
|
if($u['id']==$_SESSION['users_id']) {
|
||||||
|
if(!in_array($role, $_SESSION['roles'])){
|
||||||
|
$_SESSION['roles'][] = $role;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
// also, update the user:
|
// also, update the user:
|
||||||
|
|||||||
@ -97,7 +97,7 @@ $tabs = array( 'fairinfo' => array(
|
|||||||
'personal' => array(
|
'personal' => array(
|
||||||
'label' => 'Personal',
|
'label' => 'Personal',
|
||||||
'name' => 'Personal Information',
|
'name' => 'Personal Information',
|
||||||
'types' => array('teacher','participant','judge','committee','volunteer','sponsor','fair'),
|
'types' => array('teacher','participant','judge','committee','volunteer','sponsor','fair','admin','config'),
|
||||||
'file' => 'user_personal.php',
|
'file' => 'user_personal.php',
|
||||||
'status_func' => 'user_personal_info_status',
|
'status_func' => 'user_personal_info_status',
|
||||||
),
|
),
|
||||||
@ -160,7 +160,7 @@ $tabs = array( 'fairinfo' => array(
|
|||||||
'roles' => array(
|
'roles' => array(
|
||||||
'label' => 'Roles',
|
'label' => 'Roles',
|
||||||
'name' => 'Add/Remove Roles',
|
'name' => 'Add/Remove Roles',
|
||||||
'types' => array('teacher','participant','judge','committee','volunteer','sponsor','fair'),
|
'types' => array('teacher','participant','judge','committee','volunteer','sponsor','fair','admin','config'),
|
||||||
'file' => 'user_roles.php',
|
'file' => 'user_roles.php',
|
||||||
'status_func' => false,
|
'status_func' => false,
|
||||||
),
|
),
|
||||||
|
|||||||
@ -75,10 +75,22 @@ case 'remove':
|
|||||||
exit;
|
exit;
|
||||||
|
|
||||||
case 'activate':
|
case 'activate':
|
||||||
if(!array_key_exists($role, $u['roles'])) {
|
//if we're a superuser, we will be ADDING a role if we cant activate it, otherwise, they cant do it, sorry
|
||||||
/* Hand crafting URLs? */
|
if($_SESSION['superuser']=='yes') {
|
||||||
echo "HALT: can't activate a role the user doesn't have";
|
//they might have the role alreayd, its just not active... so activate if if thats the case, otherwise, add it
|
||||||
exit;
|
if(!array_key_exists($role, $u['roles'])) {
|
||||||
|
$ok=user_add_role($u,$role);
|
||||||
|
}
|
||||||
|
else {
|
||||||
|
//active gets set below, we just dont 'exit' like we do for non superuser
|
||||||
|
}
|
||||||
|
}
|
||||||
|
else {
|
||||||
|
if(!array_key_exists($role, $u['roles'])) {
|
||||||
|
/* Hand crafting URLs? */
|
||||||
|
echo "Can't activate a role that you don't already have";
|
||||||
|
exit;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
$u['roles'][$role]['active'] = 'yes';
|
$u['roles'][$role]['active'] = 'yes';
|
||||||
user_save($u);
|
user_save($u);
|
||||||
@ -165,7 +177,13 @@ function addRole(role){
|
|||||||
<form class="editor" id="rolesform">
|
<form class="editor" id="rolesform">
|
||||||
<table width="90%">
|
<table width="90%">
|
||||||
<?
|
<?
|
||||||
foreach(array_keys($u['roles']) as $r) {
|
if($_SESSION['superuser']=='yes') {
|
||||||
|
$showroles=$roles;
|
||||||
|
}
|
||||||
|
else
|
||||||
|
$showroles=$u['roles'];
|
||||||
|
|
||||||
|
foreach(array_keys($showroles) as $r) {
|
||||||
|
|
||||||
if($u['roles'][$r]['active'] == 'yes') {
|
if($u['roles'][$r]['active'] == 'yes') {
|
||||||
$cs = i18n('Active');
|
$cs = i18n('Active');
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user