Role functions debugged in account.inc.php, using them in user_main.php and user.inc.php

This commit is contained in:
jacob 2010-10-08 16:07:07 +00:00
parent 177f49f805
commit 835047f3a8
3 changed files with 79 additions and 127 deletions

View File

@ -220,13 +220,9 @@ function account_add_role($accounts_id, $roles_id, $conferences_id, $password =
// we now have the user id that we need, let's check to see whether or not they
// already have the specified role.
$roleRecord = mysql_fetch_array(mysql_query("
SELECT COUNT(*) FROM user_roles
WHERE conferences_id = $conferences_id
AND users_id = $users_id
AND roles_id = $roles_id
"));
if(is_array($roleRecord)){
if(is_array(mysql_fetch_array(mysql_query(
"SELECT * FROM user_roles WHERE users_id = $users_id AND roles_id = $roles_id"
)))){
// they already have this role. shell_exec("man true");
return 'ok';
}
@ -236,14 +232,14 @@ function account_add_role($accounts_id, $roles_id, $conferences_id, $password =
return 'invalidrole';
}
// see if this role is a valid one for this conference
// get the type of the role (eg. "judge", "student", etc.)
$role = mysql_result(mysql_query("SELECT type FROM roles WHERE id = $roles_id"), 0);
// and see if it's a valid one for this conference
if(!array_key_exists($role . '_registration_type', $config)){
return 'invalidrole';
}
// get the type of the role (eg. "judge", "student", etc.)
$role = mysql_result(mysql_query("SELECT type FROM roles WHERE id = $roles_id"), 0);
// and let's see if we meet the conditions for the registration type
$error = "";
switch($config[$role . '_registration_type']){
@ -293,19 +289,26 @@ function account_add_role_allowed($accounts_id, $roles_id, $conferences_id){
$roles_id *= 1;
$conferences_id *= 1;
// get the user id for this account/conference
$userdat = mysql_fetch_assoc(mysql_query("SELECT id FROM users WHERE accounts_id = $accounts_id AND conferences_id = $conferences_id"));
// If this condition isn't met, then the account is not connected to the conference.
// In that case, the role can be allowed as there is no conflict.
if(is_array($userdat)){
$users_id = $userdat['id'];
// get the roles for the specified account at the specified conference
$query = mysql_query("
SELECT * FROM user_roles
WHERE accounts_id = $accounts_id
AND conferences_id = $conferences_id
WHERE users_id = $users_id
");
while($row = mysql_fetch_assoc($record) && $returnval){
while($returnval && $row = mysql_fetch_assoc($query)){
switch($row['type']){
case 'student':
// Student cant' add any other role
$returnval = false;
break;
default:
if($role == 'student') {
// No role can add the student role
@ -317,6 +320,8 @@ function account_add_role_allowed($accounts_id, $roles_id, $conferences_id){
}
}
}
return $returnval;
}
@ -347,10 +352,27 @@ function account_remove_role($accounts_id, $roles_id, $conferences_id){
AND accounts_id = $accounts_id
"));
if(is_array($data)){
// they do indeed have a user record for this conference. Let's load it
$u = user_load($data['id']);
$roletype = mysql_result(mysql_query("SELECT type FROM roles WHERE id = $roles_id"), 0);
$user_remove_role($u, $roletype);
// they do indeed have a user record for this conference.
$users_id = $data['id'];
// Do role-specific remove actions
$role = mysql_result(mysql_query("SELECT `type` FROM roles WHERE id = $roles_id"), 0);
switch($role) {
case 'committee':
mysql_query("DELETE FROM committees_link WHERE accounts_id='{$accounts_id}'");
break;
case 'judge':
mysql_query("DELETE FROM judges_teams_link WHERE users_id='$users_id'");
mysql_query("DELETE FROM judges_specialawards_sel WHERE users_id='$users_id'");
break;
default:
break;
}
// and now we can remove the role link itself
mysql_query("DELETE FROM user_roles WHERE roles_id={$roles_id} AND users_id='$users_id'");
}
return 'ok';
}

View File

@ -403,40 +403,27 @@ function user_deactivate_role($users_id, $roles_id){
return mysql_query("UPDATE user_roles SET active='no' WHERE users_id = $users_id AND roles_id = $roles_id");
}
// Remove a role for a user.
// now just a skin on top of account_remove_role
function user_remove_role(&$u, $role)
{
if(!array_key_exists($role, $u['roles'])) {
/* Hum, type specified, but the user is not this type,
* so, i guess we're done. */
return;
global $roles;
$row = mysql_fetch_assoc(mysql_query("SELECT conferences_id FROM users WHERE id = " . $u['id']));
if(!is_array($q)){
return 'no conference';
}
$conference_id = $q['conferences_id'];
$result = account_remove_role($u['accounts_id'], $roles[$role]['id'], $conference_id);
$id = $u['id'];
/* Do role-specific remove actions */
switch($role) {
case 'committee':
mysql_query("DELETE FROM committees_link WHERE accounts_id='{$u['accounts_id']}'");
break;
case 'judge':
mysql_query("DELETE FROM judges_teams_link WHERE users_id='$id'");
mysql_query("DELETE FROM judges_specialawards_sel WHERE users_id='$id'");
break;
default:
break;
}
/* Delete the role */
$roleId = $u['roles'][$role]['roles_id'];
// Delete the role
if(array_key_exists($role, $u['roles'])) {
unset($u['roles'][$role]);
mysql_query("DELETE FROM user_roles WHERE roles_id={$roleId} AND users_id='$id'");
/* Save this user */
user_save($u);
}
// Save this user
user_save($u);
return $result;
}
/* If role is specified, just delete the role from the user.
* If not, delete the whole user, all roles */

View File

@ -42,8 +42,9 @@ if(array_key_exists('action', $_GET)){
case 'register':
$role = $_POST['role'];
$result = account_add_role($u['accounts_id'], $roles[$role]['id'], $_SESSION['conferences_id'], $_POST['password']);
echo $result;
// register_new_role();
if($result != 'ok'){
error_($result);
}
break;
case 'draw_roles':
draw_roles();
@ -51,10 +52,12 @@ if(array_key_exists('action', $_GET)){
case 'remove':
$role = $_GET['role'];
/* Like delete, only we're only deleting a role, not the whole account */
happy_("{$roles[$role]['name']} role successfully removed.");
echo i18n("Removed");
user_remove_role($u, $role);
$result = account_remove_role($u['accounts_id'], $roles[$role]['id'], $_SESSION['conferences_id']);
if($result == 'ok'){
happy_(i18n("Role successfully removed."));
}else{
error_(i18n("Unable to remove role."));
}
exit;
case 'activate':
@ -308,63 +311,3 @@ function draw_signup_form($type){
echo i18n("{$roles[$type]['name']} registration is not open");
}
}
function register_new_role(){
global $config, $roles, $u;
$password = $_POST['password'];
$uid = $_SESSION['users_id'];
$roleId = $_POST['role'];
$typekey = $roleId . '_registration_type';
$accounts_id = $u['accounts_id'];
if(array_key_exists($typekey, $config)){
$regtype = $config[$typekey];
}else{
return false;
}
// see if the registration is allowed for this role with the information provided
$canRegister = true;
$role = $_POST['role'];
switch($regtype){
case 'open':
case 'openorinvite':
// ok, we can allow these
break;
case 'singlepassword':
if($password != $config[$role . '_registration_singlepassword']){
$canRegister = false;
}
break;
case 'schoolpassword':
// FIXME: not yet implemented.
// this is only used for students, who are not yet registered through the "user" system
$canRegister = false;
break;
case 'invite':
$canRegister = false;
break;
default:
// echo "[\$regtype = \"$regtype\"]";
$canRegister = false;
}
if(!$canRegister) return false;
// ok, they meet the conditions to register for this role
// see if they're already registered for it
$role_index = $roles[$role]['id'];
$query = "SELECT COUNT(*) FROM user_roles WHERE users_id = $uid AND roles_id=$role_index";
echo $query;
$results = mysql_fetch_array(mysql_query($query));
if($results[0] != 0){
return false;
}
if(user_add_role($u, $role, $password)){
$_SESSION['roles'][] = $role;
user_save($u);
return true;
}else{
return false;
}
}