forked from science-ation/science-ation
updating _SESSION when user roles are modified
This commit is contained in:
jacob
parent
7d5f5cccd0
commit
607834bc0e
17
api.php
17
api.php
@ -582,7 +582,13 @@ switch($request[0]) {
|
||||
$addstatus=account_add_role($_SESSION['accounts_id'],$role_id,$conference['id']);
|
||||
|
||||
switch($addstatus) {
|
||||
case "ok": $ret['status']="ok"; break;
|
||||
case "ok":
|
||||
$ret['status']="ok";
|
||||
$roleName = mysql_result(mysql_query("SELECT type FROM roles WHERE id = $role_id"), 0);
|
||||
if(!in_array($roleName, $_SESSION['roles'])){ // because account_add_role will return "ok" if they already have this role
|
||||
$_SESSION['roles'][] = $roleName;
|
||||
}
|
||||
break;
|
||||
case "invalidrole": $ret['status']="error"; $ret['error']="Invalid role"; break;
|
||||
case "invalidaccount": $ret['status']="error"; $ret['error']="Invalid account"; break;
|
||||
case "invalidconference": $ret['status']="error"; $ret['error']="Invalid conference"; break;
|
||||
@ -608,7 +614,14 @@ switch($request[0]) {
|
||||
$removestatus=account_remove_role($_SESSION['accounts_id'],$role_id,$conference['id']);
|
||||
|
||||
switch($removestatus) {
|
||||
case "ok": $ret['status']="ok"; break;
|
||||
case "ok":
|
||||
$ret['status']="ok";
|
||||
$roleName = mysql_result(mysql_query("SELECT type FROM roles WHERE id = $role_id"), 0);
|
||||
$key = array_search($roleName, $_SESSION['roles']);
|
||||
if($key !== false){
|
||||
unset($_SESSION['roles'][$key]);
|
||||
}
|
||||
break;
|
||||
case "invalidrole": $ret['status']="error"; $ret['error']="Invalid role"; break;
|
||||
case "invalidaccount": $ret['status']="error"; $ret['error']="Invalid account"; break;
|
||||
case "invalidconference": $ret['status']="error"; $ret['error']="Invalid conference"; break;
|
||||
|
||||
67
user.inc.php
67
user.inc.php
@ -581,70 +581,13 @@ function user_add_role(&$u, $role, $password = null){
|
||||
$conference_id = $q['conferences_id'];
|
||||
$result = account_add_role($u['accounts_id'], $roles[$role]['id'], $password);
|
||||
if($result == 'ok'){
|
||||
$u['roles'][$role] = array('active' =>'yes', 'complete' => 'no');
|
||||
// we need this "if" because account_add_role will return "ok" if they already have this role
|
||||
if(!in_array($role, $_SESSION['roles'])){
|
||||
$_SESSION['roles'][] = $role;
|
||||
}
|
||||
|
||||
}
|
||||
return $result;
|
||||
|
||||
/*
|
||||
global $config, $roles;
|
||||
if(!user_add_role_allowed($u, $role)) {
|
||||
// If we get in here, someone is hand crafting URLs
|
||||
return "invalid role for specified user";
|
||||
}
|
||||
|
||||
// ensure that this role can indeed be added
|
||||
$error = null;
|
||||
if(array_key_exists($role . '_registration_type', $config)){
|
||||
switch($config[$role . '_registration_type']){
|
||||
case 'open':
|
||||
case 'openorinvite':
|
||||
// nothing to do for these
|
||||
break;
|
||||
case 'singlepassword':
|
||||
if($password != $config[$role . '_registration_singlepassword']){
|
||||
$error = "invalid password";
|
||||
}
|
||||
break;
|
||||
case 'schoolpassword':
|
||||
if($password != null){
|
||||
$schoolId = $u['schools_id'];
|
||||
$schoolDat = mysql_fetch_assoc(mysql_query("SELECT registration_password FROM schools WHERE id=$schoolId"));
|
||||
if(is_array($schoolDat)){
|
||||
if($password == $schoolDat['registration_password']) $valid = true;
|
||||
$error = "invalid password";
|
||||
}
|
||||
}
|
||||
break;
|
||||
case 'invite':
|
||||
$error = 'invite only';
|
||||
break;
|
||||
}
|
||||
}else{
|
||||
$error = 'invalid role';
|
||||
}
|
||||
|
||||
if($error != null){
|
||||
return $error;
|
||||
}
|
||||
|
||||
// ok, the conditions are met, make sure they don't already have this role
|
||||
$check = mysql_fetch_assoc(mysql_query("SELECT COUNT(*) AS tally FROM user_roles WHERE users_id = {$u['id']} AND roles_id={$roles[$role]['id']}"));
|
||||
if($check['tally'] == 0){
|
||||
|
||||
$q = "INSERT INTO user_roles (accounts_id, users_id, roles_id, active, complete) VALUES(";
|
||||
$q .= $u['accounts_id'];
|
||||
$q .= ", " . $u['id'];
|
||||
$q .= ", " . $roles[$role]['id'];
|
||||
$q .= ", 'yes', 'no');";
|
||||
if(mysql_query($q)){
|
||||
$u['roles'][$role] = array('active' =>'yes', 'complete' => 'no');
|
||||
}else{
|
||||
return "error creating record";
|
||||
}
|
||||
}
|
||||
|
||||
return 'ok';
|
||||
*/
|
||||
}
|
||||
|
||||
function user_create($accounts_id, $conferences_id=0)
|
||||
|
||||
@ -42,8 +42,10 @@ if(array_key_exists('action', $_GET)){
|
||||
case 'register':
|
||||
$role = $_POST['role'];
|
||||
$result = account_add_role($u['accounts_id'], $roles[$role]['id'], $_SESSION['conferences_id'], $_POST['password']);
|
||||
if($result != 'ok'){
|
||||
error_($result);
|
||||
if($result == 'ok'){
|
||||
// $u['roles'][$role] = array('active' =>'yes', 'complete' => 'no');
|
||||
$_SESSION['roles'][] = $role;
|
||||
// error_($result);
|
||||
}
|
||||
break;
|
||||
case 'draw_roles':
|
||||
@ -100,14 +102,12 @@ send_header("Main Page", array());
|
||||
?>
|
||||
<script type="text/javascript">
|
||||
function register(role){
|
||||
//alert($('#' + role + '_password').val());
|
||||
$.post('user_main.php?action=register',
|
||||
{
|
||||
'role' : role,
|
||||
'password' : $('#' + role + '_password').val()
|
||||
},
|
||||
function(result){
|
||||
alert(result);
|
||||
$('#roles').load('user_main.php?action=draw_roles');
|
||||
}
|
||||
);
|
||||
|
||||
Loading…
Reference in New Issue
Block a user