forked from science-ation/science-ation
Added script for copying/converting user data into the new format, populating the accounts and user_roles table
Modified user.inc and user_login to handle authentication on the new accounts table
This commit is contained in:
parent
75c806bf7e
commit
887610f5e3
@ -1 +1 @@
|
|||||||
194
|
195
|
||||||
|
165
db/db.update.195.php
Normal file
165
db/db.update.195.php
Normal file
@ -0,0 +1,165 @@
|
|||||||
|
<?php
|
||||||
|
function db_update_195_pre(){
|
||||||
|
}
|
||||||
|
|
||||||
|
function db_update_195_post(){
|
||||||
|
// build a list of fields that we'll be migrating for the various user_<role> tables
|
||||||
|
$fields['committee'] = array('emailprivate','ord','displayemail','access_admin',
|
||||||
|
'access_config','access_super');
|
||||||
|
$fields['judge'] = array('years_school','years_regional','years_national',
|
||||||
|
'willing_chair','special_award_only',
|
||||||
|
'cat_prefs','div_prefs','divsub_prefs',
|
||||||
|
'expertise_other','languages', 'highest_psd');
|
||||||
|
$fields['student'] = array('schools_id');
|
||||||
|
$fields['fair'] = array('fairs_id');
|
||||||
|
$fields['sponsor'] = array('sponsors_id','primary','position','notes');
|
||||||
|
|
||||||
|
// let's do some data massaging
|
||||||
|
mysql_query("BEGIN");
|
||||||
|
try{
|
||||||
|
mysql_query("ALTER TABLE accounts ADD COLUMN `year` INT COMMENT 'Temporary field, delete when finished migration'");
|
||||||
|
$uidQuery = mysql_query("SELECT DISTINCT(uid) FROM users");
|
||||||
|
while($uidDat = mysql_fetch_assoc($uidQuery)){
|
||||||
|
$uid = $uidDat['uid'];
|
||||||
|
$userQuery = "SELECT users.*, users_committee.access_super AS super FROM users" .
|
||||||
|
" LEFT JOIN users_committee ON users_committee.users_id = users.id" .
|
||||||
|
" WHERE uid=$uid AND deleted = 'no' ORDER BY year DESC";
|
||||||
|
$userResults = mysql_query($userQuery);
|
||||||
|
$userRecord = mysql_fetch_assoc($userResults);
|
||||||
|
|
||||||
|
// get the data that we need from this record
|
||||||
|
// start with determining what username we'll be using
|
||||||
|
$username = $userRecord['username'];
|
||||||
|
if(trim($username) == '') $username = $userRecord['email'];
|
||||||
|
if(trim($username) == '') $username = $userRecord['firstname'] . ' ' . $userRecord['lastname'];
|
||||||
|
if(trim($username) == ''){
|
||||||
|
echo "Can't find a username for user id $uid\n";
|
||||||
|
continue;
|
||||||
|
}
|
||||||
|
$username = mysql_real_escape_string($username);
|
||||||
|
$password = mysql_real_escape_string($userRecord['password']);
|
||||||
|
$email = mysql_real_escape_string($userRecord['email']);
|
||||||
|
$pendingemail = "";
|
||||||
|
|
||||||
|
// find out if they're a superuser
|
||||||
|
if($userRecord['super'] == 'yes'){
|
||||||
|
$superuser = 'yes';
|
||||||
|
}else{
|
||||||
|
$superuser = 'no';
|
||||||
|
}
|
||||||
|
|
||||||
|
// get the year
|
||||||
|
$year = $userRecord['year'];
|
||||||
|
|
||||||
|
|
||||||
|
// check to see if we already have a record with this username in place
|
||||||
|
$checkCount = mysql_fetch_assoc(mysql_query("SELECT count(*) as tally FROM accounts WHERE username='$username'"));
|
||||||
|
if($checkCount['tally'] > 0){
|
||||||
|
// there is already an account with this username let's find out if it's a newer
|
||||||
|
// or older copy
|
||||||
|
$data = mysql_fetch_assoc(mysql_query("SELECT * FROM accounts WHERE username='$username'"));
|
||||||
|
$accounts_id = $data['id'];
|
||||||
|
if($data['year'] < $year){
|
||||||
|
echo "switching to newer data for username \"$username\".\n";
|
||||||
|
// this is a later record, so let's replace the old one
|
||||||
|
$updateQuery = "UPDATE accounts SET " .
|
||||||
|
"`password` = '$password', " .
|
||||||
|
"`email` = '$email', " .
|
||||||
|
"`superuser` = '$superuser', " .
|
||||||
|
"`year` = $year " .
|
||||||
|
"WHERE username = '$username'";
|
||||||
|
if(!mysql_query($updateQuery)){
|
||||||
|
throw new Exception("Error on query \"$updateQuery\":\n\n" . mysql_error());
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
}else{
|
||||||
|
echo "Creating a new record for uid $uid ($username)\n";
|
||||||
|
$accounts_id = $uid;
|
||||||
|
$newAccountQuery = "INSERT INTO accounts VALUES ";
|
||||||
|
$newAccountQuery .= "($uid, '$username', '$password', '$email', '$pendingemail', '$superuser', $year)";
|
||||||
|
if(mysql_query($newAccountQuery)){
|
||||||
|
// echo $newAccountQuery . "\n";
|
||||||
|
}else{
|
||||||
|
throw new Exception("Error on query \"$newAccountQuery\":\n\n" . mysql_error());
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
/**************************************************
|
||||||
|
Now that we have an account created,
|
||||||
|
let's deal with the other tables.
|
||||||
|
**************************************************/
|
||||||
|
do{
|
||||||
|
if($userRecord['year'] != 0){
|
||||||
|
$confQuery = mysql_query("SELECT * FROM conferences WHERE year = " . $userRecord['year']);
|
||||||
|
if($confQuery != false){
|
||||||
|
$confDat = mysql_fetch_assoc($confQuery);
|
||||||
|
$confId = $confDat['id'];
|
||||||
|
|
||||||
|
// update the user_roles table
|
||||||
|
$roles = explode(',', $userRecord['types']);
|
||||||
|
$q = "SELECT * FROM roles WHERE roletype IN ('" . implode("','", $roles) . "')";
|
||||||
|
$roleQuery = mysql_query($q);
|
||||||
|
while($roleData = mysql_fetch_assoc($roleQuery)){
|
||||||
|
$roleId = $roleData['id'];
|
||||||
|
$tally = 0;
|
||||||
|
$roletype = $roleData['roletype'];
|
||||||
|
|
||||||
|
$roleInfoQuery = mysql_query("SELECT * FROM users_" . $roletype . " WHERE users_id = " . $userRecord['id']);
|
||||||
|
$roleInfo = mysql_fetch_assoc($roleInfoQuery);
|
||||||
|
// we now have their role info
|
||||||
|
|
||||||
|
$active = $roleInfo[$roletype . '_active'];
|
||||||
|
$complete = $roleInfo[$roletype . '_complete'];
|
||||||
|
// build our insert on the user_roles table
|
||||||
|
$params = array(
|
||||||
|
'conferences_id' => $confId,
|
||||||
|
'active' => $active,
|
||||||
|
'complete' => $complete,
|
||||||
|
'roles_id' => $roleId,
|
||||||
|
'users_id' => $userRecord['id'],
|
||||||
|
'accounts_id' => $accounts_id
|
||||||
|
);
|
||||||
|
$query = "INSERT INTO user_roles";
|
||||||
|
$query .= ' (' . implode(', ', array_keys($params)) . ')';
|
||||||
|
$query .= ' VALUES ("' . implode('", "', array_values($params)) . '")';
|
||||||
|
mysql_query($query);
|
||||||
|
|
||||||
|
// now we need to take all of their role data and insert it into users:
|
||||||
|
if(array_key_exists($roletype, $fields)){
|
||||||
|
$query = "UPDATE users SET";
|
||||||
|
$doneOne = false;
|
||||||
|
foreach($fields[$roletype] as $fieldName){
|
||||||
|
if($doneOne) $query .= ", ";
|
||||||
|
else $doneOne = true;
|
||||||
|
$query .= " `$fieldName` = '";
|
||||||
|
$query .= mysql_real_escape_string($roleInfo[$fieldName]);
|
||||||
|
$query .= "'";
|
||||||
|
}
|
||||||
|
$query .= " WHERE id = " . $userRecord['id'];
|
||||||
|
if(!mysql_query($query)){
|
||||||
|
throw new exception("ERROR with query:\n$query\n");
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
}else{
|
||||||
|
echo "No conference found with the year \"" . $userRecord['year'] . "\"\n";
|
||||||
|
}
|
||||||
|
|
||||||
|
}else{
|
||||||
|
echo "No conference year specified for user '$userName'\n";
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
}while($userRecord = mysql_fetch_assoc($userResults));
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
mysql_query("COMMIT");
|
||||||
|
}catch(Exception $e){
|
||||||
|
mysql_query("ROLLBACK");
|
||||||
|
echo $e->getMessage();
|
||||||
|
}
|
||||||
|
}
|
24
db/db.update.195.sql
Normal file
24
db/db.update.195.sql
Normal file
@ -0,0 +1,24 @@
|
|||||||
|
ALTER TABLE users ADD COLUMN `emailprivate` varchar(128);
|
||||||
|
ALTER TABLE users ADD COLUMN `ord` INT NOT NULL;
|
||||||
|
ALTER TABLE users ADD COLUMN `displayemail` enum('no','yes');
|
||||||
|
ALTER TABLE users ADD COLUMN `access_admin` enum('no','yes');
|
||||||
|
ALTER TABLE users ADD COLUMN `access_config` enum('no','yes');
|
||||||
|
ALTER TABLE users ADD COLUMN `access_super` enum('no','yes');
|
||||||
|
ALTER TABLE users ADD COLUMN `fairs_id` INT NOT NULL;
|
||||||
|
ALTER TABLE users ADD COLUMN `years_school` tinyint(4) NOT NULL;
|
||||||
|
ALTER TABLE users ADD COLUMN `years_regional` tinyint(4) NOT NULL;
|
||||||
|
ALTER TABLE users ADD COLUMN `years_national` tinyint(4) NOT NULL;
|
||||||
|
ALTER TABLE users ADD COLUMN `willing_chair` enum('yes','no');
|
||||||
|
ALTER TABLE users ADD COLUMN `special_award_only` enum('yes','no');
|
||||||
|
ALTER TABLE users ADD COLUMN `cat_prefs` tinytext;
|
||||||
|
ALTER TABLE users ADD COLUMN `div_prefs` tinytext;
|
||||||
|
ALTER TABLE users ADD COLUMN `divsub_prefs` tinytext;
|
||||||
|
ALTER TABLE users ADD COLUMN `languages` tinytext;
|
||||||
|
ALTER TABLE users ADD COLUMN `highest_psd` tinytext;
|
||||||
|
ALTER TABLE users ADD COLUMN `expertise_other` tinytext;
|
||||||
|
ALTER TABLE users ADD COLUMN `sponsors_id` INT NOT NULL DEFAULT '0';
|
||||||
|
ALTER TABLE users ADD COLUMN `primary` enum('no','yes');
|
||||||
|
ALTER TABLE users ADD COLUMN `position` varchar(64);
|
||||||
|
ALTER TABLE users ADD COLUMN `notes` text;
|
||||||
|
ALTER TABLE users ADD COLUMN `schools_id` INT NOT NULL;
|
||||||
|
ALTER TABLE users ADD COLUMN `grade` INT;
|
61
user.inc.php
61
user.inc.php
@ -78,11 +78,9 @@ function user_load_student(&$u)
|
|||||||
{
|
{
|
||||||
$u['student_active'] = ($u['student_active'] == 'yes') ? 'yes' : 'no';
|
$u['student_active'] = ($u['student_active'] == 'yes') ? 'yes' : 'no';
|
||||||
$u['student_complete'] = ($u['student_complete'] == 'yes') ? 'yes' : 'no';
|
$u['student_complete'] = ($u['student_complete'] == 'yes') ? 'yes' : 'no';
|
||||||
/* echo "<pre>";
|
return true;
|
||||||
print_r($u);
|
|
||||||
echo "</pre>";
|
|
||||||
*/ return true;
|
|
||||||
}
|
}
|
||||||
|
|
||||||
function user_load_judge(&$u)
|
function user_load_judge(&$u)
|
||||||
{
|
{
|
||||||
$u['judge_active'] = ($u['judge_active'] == 'yes') ? 'yes' : 'no';
|
$u['judge_active'] = ($u['judge_active'] == 'yes') ? 'yes' : 'no';
|
||||||
@ -167,46 +165,46 @@ function user_load_alumni(&$u)
|
|||||||
|
|
||||||
function user_load($user, $uid = false)
|
function user_load($user, $uid = false)
|
||||||
{
|
{
|
||||||
/* So, it turns out that doing one big load is faster than loading just
|
|
||||||
* from the users table then loading only the specific types the user
|
$query = "SELECT * FROM users WHERE ";
|
||||||
* has.. go figure. */
|
|
||||||
$query = "SELECT * FROM `users`
|
|
||||||
LEFT JOIN `users_committee` ON `users_committee`.`users_id`=`users`.`id`
|
|
||||||
LEFT JOIN `users_judge` ON `users_judge`.`users_id`=`users`.`id`
|
|
||||||
LEFT JOIN `users_volunteer` ON `users_volunteer`.`users_id`=`users`.`id`
|
|
||||||
LEFT JOIN `users_fair` ON `users_fair`.`users_id`=`users`.`id`
|
|
||||||
LEFT JOIN `users_sponsor` ON `users_sponsor`.`users_id`=`users`.`id`
|
|
||||||
LEFT JOIN `users_principal` ON `users_principal`.`users_id`=`users`.`id`
|
|
||||||
LEFT JOIN `users_teacher` ON `users_teacher`.`users_id`=`users`.`id`
|
|
||||||
LEFT JOIN `users_parent` ON `users_parent`.`users_id`=`users`.`id`
|
|
||||||
LEFT JOIN `users_mentor` ON `users_mentor`.`users_id`=`users`.`id`
|
|
||||||
LEFT JOIN `users_alumni` ON `users_alumni`.`users_id`=`users`.`id`
|
|
||||||
LEFT JOIN `users_student` ON `users_student`.`users_id`=`users`.`id`
|
|
||||||
WHERE ";
|
|
||||||
if($uid != false) {
|
if($uid != false) {
|
||||||
$uid = intval($uid);
|
$uid = intval($uid);
|
||||||
$query .= "`users`.`uid`='$uid' ORDER BY `users`.`year` DESC LIMIT 1";
|
$query .= "`users`.`uid`='$uid' ORDER BY `users`.`year` DESC LIMIT 1";
|
||||||
|
$killScript = true;
|
||||||
} else {
|
} else {
|
||||||
|
$killScript = false;
|
||||||
$id = intval($user);
|
$id = intval($user);
|
||||||
$query .= " `users`.`id`='$id'";
|
$query .= " `users`.`id`='$id'";
|
||||||
}
|
}
|
||||||
$q=mysql_query($query);
|
$q=mysql_query($query);
|
||||||
|
if(mysql_num_rows($q) == 0) {
|
||||||
if(mysql_num_rows($q)!=1) {
|
|
||||||
// echo "Query [$query] returned ".mysql_num_rows($q)." rows\n";
|
|
||||||
// echo "<pre>";
|
|
||||||
// print_r(debug_backtrace());
|
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
if($killScript){
|
||||||
|
echo $query;
|
||||||
|
exit();
|
||||||
|
}
|
||||||
$ret = mysql_fetch_assoc($q);
|
$ret = mysql_fetch_assoc($q);
|
||||||
|
$query = "SELECT * FROM user_roles JOIN roles ON user_roles.roles_id = roles.id WHERE user_roles.accounts_id = " . $ret['uid'] . " AND user_roles.active = 'yes'";
|
||||||
|
$q = mysql_query($query);
|
||||||
|
$deleted = true;
|
||||||
|
$ret['types'] = array();
|
||||||
|
while($roleData = mysql_fetch_assoc($q)){
|
||||||
|
$deleted = false;
|
||||||
|
$ret['types'][] = $roleData['roletype'];
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
if($deleted) return false;
|
||||||
|
// $ret = mysql_fetch_assoc($q);
|
||||||
/* Make sure they're not deleted, we don't want to do this in the query, because loading by $uid would
|
/* Make sure they're not deleted, we don't want to do this in the query, because loading by $uid would
|
||||||
* simply return the previous year (where deleted=no) */
|
* simply return the previous year (where deleted=no) */
|
||||||
|
/*
|
||||||
if($ret['deleted'] != 'no') {
|
if($ret['deleted'] != 'no') {
|
||||||
/* User is deleted */
|
// User is deleted
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
*/
|
||||||
|
|
||||||
/* Do we need to do number conversions? */
|
/* Do we need to do number conversions? */
|
||||||
$ret['id'] = intval($ret['id']);
|
$ret['id'] = intval($ret['id']);
|
||||||
@ -214,8 +212,8 @@ function user_load($user, $uid = false)
|
|||||||
$ret['year'] = intval($ret['year']);
|
$ret['year'] = intval($ret['year']);
|
||||||
|
|
||||||
/* Turn the type into an array, because there could be more than one */
|
/* Turn the type into an array, because there could be more than one */
|
||||||
$ts = explode(',', $ret['types']);
|
// $ts = explode(',', $ret['types']);
|
||||||
$ret['types'] = $ts; /* Now we can use in_array('judge', $ret['types']) ; */
|
// $ret['types'] = $ts; /* Now we can use in_array('judge', $ret['types']) ; */
|
||||||
|
|
||||||
/* Convenience */
|
/* Convenience */
|
||||||
$ret['name'] = ($ret['firstname'] ? "{$ret['firstname']} " : '').$ret['lastname'];
|
$ret['name'] = ($ret['firstname'] ? "{$ret['firstname']} " : '').$ret['lastname'];
|
||||||
@ -262,10 +260,6 @@ function user_load($user, $uid = false)
|
|||||||
$orig = $ret;
|
$orig = $ret;
|
||||||
$ret['orig'] = $orig;
|
$ret['orig'] = $orig;
|
||||||
|
|
||||||
/* echo "<pre>User load returning: \n";
|
|
||||||
print_r($ret);
|
|
||||||
echo "</pre>";
|
|
||||||
*/
|
|
||||||
return $ret;
|
return $ret;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -433,6 +427,7 @@ function user_save(&$u)
|
|||||||
exit;
|
exit;
|
||||||
}
|
}
|
||||||
//give em a record, the primary key on the table takes care of uniqueness
|
//give em a record, the primary key on the table takes care of uniqueness
|
||||||
|
echo "foo\n";
|
||||||
$q=mysql_query("INSERT INTO users_$t (users_id) VALUES ('{$u['id']}')");
|
$q=mysql_query("INSERT INTO users_$t (users_id) VALUES ('{$u['id']}')");
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -45,17 +45,20 @@
|
|||||||
return false;
|
return false;
|
||||||
|
|
||||||
$user = mysql_escape_string($user);
|
$user = mysql_escape_string($user);
|
||||||
|
$q = mysql_query("SELECT id, password FROM users WHERE username='$user'");
|
||||||
|
/*
|
||||||
$q = mysql_query("SELECT id,username,password,year,deleted
|
$q = mysql_query("SELECT id,username,password,year,deleted
|
||||||
FROM users
|
FROM users
|
||||||
WHERE username='$user'
|
WHERE username='$user'
|
||||||
AND deleted='no'
|
AND deleted='no'
|
||||||
ORDER BY year DESC LIMIT 1");
|
ORDER BY year DESC LIMIT 1");
|
||||||
|
*/
|
||||||
if(mysql_num_rows($q) < 1) return false;
|
if(mysql_num_rows($q) < 1) return false;
|
||||||
|
|
||||||
$r = mysql_fetch_object($q);
|
$r = mysql_fetch_object($q);
|
||||||
|
|
||||||
/* See if the user account has been deleted */
|
/* See if the user account has been deleted */
|
||||||
if($r->deleted == 'yes') return false;
|
// if($r->deleted == 'yes') return false; // FIXME - do we need a deleted field in the accounts table as well?
|
||||||
|
|
||||||
/* See if the password matches */
|
/* See if the password matches */
|
||||||
if($r->password != $pass) return false;
|
if($r->password != $pass) return false;
|
||||||
|
Loading…
x
Reference in New Issue
Block a user