arman/science-ation
1
1
Fork 0
forked from science-ation/science-ation
Code Pull Requests Activity

updating _SESSION when user roles are modified

Browse Source
This commit is contained in:
jacob 2010-10-08 20:28:56 +00:00
parent 7d5f5cccd0
commit 607834bc0e
3 changed files with 24 additions and 68 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
api.php
View File

@ -582,7 +582,13 @@ switch($request[0]) {
$addstatus=account_add_role($_SESSION['accounts_id'],$role_id,$conference['id']); $addstatus=account_add_role($_SESSION['accounts_id'],$role_id,$conference['id']);
switch($addstatus) { switch($addstatus) {
case "ok": $ret['status']="ok"; break; case "ok":
$ret['status']="ok";
$roleName = mysql_result(mysql_query("SELECT type FROM roles WHERE id = $role_id"), 0);
if(!in_array($roleName, $_SESSION['roles'])){ // because account_add_role will return "ok" if they already have this role
$_SESSION['roles'][] = $roleName;
}
break;
case "invalidrole": $ret['status']="error"; $ret['error']="Invalid role"; break; case "invalidrole": $ret['status']="error"; $ret['error']="Invalid role"; break;
case "invalidaccount": $ret['status']="error"; $ret['error']="Invalid account"; break; case "invalidaccount": $ret['status']="error"; $ret['error']="Invalid account"; break;
case "invalidconference": $ret['status']="error"; $ret['error']="Invalid conference"; break; case "invalidconference": $ret['status']="error"; $ret['error']="Invalid conference"; break;
@ -608,7 +614,14 @@ switch($request[0]) {
$removestatus=account_remove_role($_SESSION['accounts_id'],$role_id,$conference['id']); $removestatus=account_remove_role($_SESSION['accounts_id'],$role_id,$conference['id']);
switch($removestatus) { switch($removestatus) {
case "ok": $ret['status']="ok"; break; case "ok":
$ret['status']="ok";
$roleName = mysql_result(mysql_query("SELECT type FROM roles WHERE id = $role_id"), 0);
$key = array_search($roleName, $_SESSION['roles']);
if($key !== false){
unset($_SESSION['roles'][$key]);
}
break;
case "invalidrole": $ret['status']="error"; $ret['error']="Invalid role"; break; case "invalidrole": $ret['status']="error"; $ret['error']="Invalid role"; break;
case "invalidaccount": $ret['status']="error"; $ret['error']="Invalid account"; break; case "invalidaccount": $ret['status']="error"; $ret['error']="Invalid account"; break;
case "invalidconference": $ret['status']="error"; $ret['error']="Invalid conference"; break; case "invalidconference": $ret['status']="error"; $ret['error']="Invalid conference"; break;

67
user.inc.php
View File

@ -581,70 +581,13 @@ function user_add_role(&$u, $role, $password = null){
$conference_id = $q['conferences_id']; $conference_id = $q['conferences_id'];
$result = account_add_role($u['accounts_id'], $roles[$role]['id'], $password); $result = account_add_role($u['accounts_id'], $roles[$role]['id'], $password);
if($result == 'ok'){ if($result == 'ok'){
$u['roles'][$role] = array('active' =>'yes', 'complete' => 'no'); // we need this "if" because account_add_role will return "ok" if they already have this role
if(!in_array($role, $_SESSION['roles'])){
$_SESSION['roles'][] = $role;
}
} }
return $result; return $result;
/*
global $config, $roles;
if(!user_add_role_allowed($u, $role)) {
// If we get in here, someone is hand crafting URLs
return "invalid role for specified user";
}
// ensure that this role can indeed be added
$error = null;
if(array_key_exists($role . '_registration_type', $config)){
switch($config[$role . '_registration_type']){
case 'open':
case 'openorinvite':
// nothing to do for these
break;
case 'singlepassword':
if($password != $config[$role . '_registration_singlepassword']){
$error = "invalid password";
}
break;
case 'schoolpassword':
if($password != null){
$schoolId = $u['schools_id'];
$schoolDat = mysql_fetch_assoc(mysql_query("SELECT registration_password FROM schools WHERE id=$schoolId"));
if(is_array($schoolDat)){
if($password == $schoolDat['registration_password']) $valid = true;
$error = "invalid password";
}
}
break;
case 'invite':
$error = 'invite only';
break;
}
}else{
$error = 'invalid role';
}
if($error != null){
return $error;
}
// ok, the conditions are met, make sure they don't already have this role
$check = mysql_fetch_assoc(mysql_query("SELECT COUNT(*) AS tally FROM user_roles WHERE users_id = {$u['id']} AND roles_id={$roles[$role]['id']}"));
if($check['tally'] == 0){
$q = "INSERT INTO user_roles (accounts_id, users_id, roles_id, active, complete) VALUES(";
$q .= $u['accounts_id'];
$q .= ", " . $u['id'];
$q .= ", " . $roles[$role]['id'];
$q .= ", 'yes', 'no');";
if(mysql_query($q)){
$u['roles'][$role] = array('active' =>'yes', 'complete' => 'no');
}else{
return "error creating record";
}
}
return 'ok';
*/
} }
function user_create($accounts_id, $conferences_id=0) function user_create($accounts_id, $conferences_id=0)

8
user_main.php
View File

@ -42,8 +42,10 @@ if(array_key_exists('action', $_GET)){
case 'register': case 'register':
$role = $_POST['role']; $role = $_POST['role'];
$result = account_add_role($u['accounts_id'], $roles[$role]['id'], $_SESSION['conferences_id'], $_POST['password']); $result = account_add_role($u['accounts_id'], $roles[$role]['id'], $_SESSION['conferences_id'], $_POST['password']);
if($result != 'ok'){ if($result == 'ok'){
error_($result); // $u['roles'][$role] = array('active' =>'yes', 'complete' => 'no');
$_SESSION['roles'][] = $role;
// error_($result);
} }
break; break;
case 'draw_roles': case 'draw_roles':
@ -100,14 +102,12 @@ send_header("Main Page", array());
?> ?>
<script type="text/javascript"> <script type="text/javascript">
function register(role){ function register(role){
//alert($('#' + role + '_password').val());
$.post('user_main.php?action=register', $.post('user_main.php?action=register',
{ {
'role' : role, 'role' : role,
'password' : $('#' + role + '_password').val() 'password' : $('#' + role + '_password').val()
}, },
function(result){ function(result){
alert(result);
$('#roles').load('user_main.php?action=draw_roles'); $('#roles').load('user_main.php?action=draw_roles');
} }
); );