forked from science-ation/science-ation
Add user/view API
Change user_load() to explicitly load specific values instead of all values, as there's now some fields that need to be deleted but we cant delete them yet...
This commit is contained in:
parent
9db042fc10
commit
895bcc36e2
48
api.php
48
api.php
@ -421,7 +421,48 @@ switch($request[0]) {
|
|||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
break;
|
break;
|
||||||
|
case 'user':
|
||||||
|
$chk=api_user_auth_required();
|
||||||
|
if($chk['status']!="ok") {
|
||||||
|
$ret['status']="error";
|
||||||
|
$ret['error']=$chk['error'];
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
|
||||||
|
require_once("so_teams.inc.php");
|
||||||
|
switch($request[1]) {
|
||||||
|
/* APIDOC: user/view
|
||||||
|
description(view user information for current conference)
|
||||||
|
return(user array)
|
||||||
|
*/
|
||||||
|
case "view":
|
||||||
|
if($u=user_load($_SESSION['users_id'])) {
|
||||||
|
unset($u['orig']);
|
||||||
|
unset($u['types']);
|
||||||
|
unset($u['username']);
|
||||||
|
unset($u['password']);
|
||||||
|
unset($u['year']);
|
||||||
|
unset($u['access_admin']);
|
||||||
|
unset($u['access_config']);
|
||||||
|
unset($u['access_super']);
|
||||||
|
$ret['status']="ok";
|
||||||
|
$ret['user']=$u;
|
||||||
|
}
|
||||||
|
else {
|
||||||
|
$ret['status']="error";
|
||||||
|
$ret['error']="Error loading user";
|
||||||
|
}
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
|
||||||
|
/* APIDOC: user/edit
|
||||||
|
notimplemented
|
||||||
|
description(edit user information for current conference)
|
||||||
|
post(user array)
|
||||||
|
return(user array)
|
||||||
|
*/
|
||||||
|
|
||||||
|
break;
|
||||||
default:
|
default:
|
||||||
$ret['status']="error";
|
$ret['status']="error";
|
||||||
$ret['error']="Invalid API command ({$request[0]})";
|
$ret['error']="Invalid API command ({$request[0]})";
|
||||||
@ -442,12 +483,7 @@ echo json_encode($ret);
|
|||||||
return(account array)
|
return(account array)
|
||||||
*/
|
*/
|
||||||
|
|
||||||
/* APIDOC: user/edit
|
|
||||||
notimplemented
|
|
||||||
description(edit user information for current conference)
|
|
||||||
post(user array)
|
|
||||||
return(user array)
|
|
||||||
*/
|
|
||||||
|
|
||||||
/* APIDOC: user/connect_teacher_to_school
|
/* APIDOC: user/connect_teacher_to_school
|
||||||
notimplemented
|
notimplemented
|
||||||
|
57
user.inc.php
57
user.inc.php
@ -39,7 +39,50 @@ function user_valid_role($role)
|
|||||||
function user_load($users_id, $accounts_id = false)
|
function user_load($users_id, $accounts_id = false)
|
||||||
{
|
{
|
||||||
/* Load user, join accounts so we also load the email, superuser flag */
|
/* Load user, join accounts so we also load the email, superuser flag */
|
||||||
$query = "SELECT users.* FROM users JOIN accounts ON accounts.id=users.accounts_id WHERE ";
|
//hand-code the list here because we dont want all the old stuff that hasnt been removed yet like username/password access_*, etc.
|
||||||
|
$query = "SELECT users.id,
|
||||||
|
users.accounts_id,
|
||||||
|
users.conferences_id,
|
||||||
|
users.salutation,
|
||||||
|
users.firstname,
|
||||||
|
users.lastname,
|
||||||
|
users.sex,
|
||||||
|
users.phonehome,
|
||||||
|
users.phonework,
|
||||||
|
users.phonecell,
|
||||||
|
users.fax,
|
||||||
|
users.organization,
|
||||||
|
users.birthdate,
|
||||||
|
users.lang,
|
||||||
|
users.created,
|
||||||
|
users.lastlogin,
|
||||||
|
users.address,
|
||||||
|
users.address2,
|
||||||
|
users.city,
|
||||||
|
users.province,
|
||||||
|
users.postalcode,
|
||||||
|
users.firstaid,
|
||||||
|
users.cpr,
|
||||||
|
users.fairs_id,
|
||||||
|
users.years_school,
|
||||||
|
users.years_regional,
|
||||||
|
users.years_national,
|
||||||
|
users.willing_chair,
|
||||||
|
users.special_award_only,
|
||||||
|
users.cat_prefs,
|
||||||
|
users.div_prefs,
|
||||||
|
users.divsub_prefs,
|
||||||
|
users.languages,
|
||||||
|
users.highest_psd,
|
||||||
|
users.expertise_other,
|
||||||
|
users.sponsors_id,
|
||||||
|
users.primary,
|
||||||
|
users.position,
|
||||||
|
users.primary,
|
||||||
|
users.schools_id,
|
||||||
|
users.grade,
|
||||||
|
accounts.email
|
||||||
|
FROM users JOIN accounts ON accounts.id=users.accounts_id WHERE ";
|
||||||
if($accounts_id != false) {
|
if($accounts_id != false) {
|
||||||
$accounts_id = intval($accounts_id);
|
$accounts_id = intval($accounts_id);
|
||||||
$query .= "`users`.`accounts_id`='$accounts_id' LIMIT 1";
|
$query .= "`users`.`accounts_id`='$accounts_id' LIMIT 1";
|
||||||
@ -48,6 +91,7 @@ function user_load($users_id, $accounts_id = false)
|
|||||||
$query .= " `users`.`id`='$id'";
|
$query .= " `users`.`id`='$id'";
|
||||||
}
|
}
|
||||||
$q=mysql_query($query);
|
$q=mysql_query($query);
|
||||||
|
echo mysql_error();
|
||||||
if(mysql_num_rows($q) == 0)
|
if(mysql_num_rows($q) == 0)
|
||||||
return false;
|
return false;
|
||||||
|
|
||||||
@ -64,11 +108,9 @@ function user_load($users_id, $accounts_id = false)
|
|||||||
$u['accounts_id'] = intval($u['accounts_id']);
|
$u['accounts_id'] = intval($u['accounts_id']);
|
||||||
$u['year'] = intval($u['year']);
|
$u['year'] = intval($u['year']);
|
||||||
|
|
||||||
|
|
||||||
/* Get roles, and active/complete status for each role */
|
/* Get roles, and active/complete status for each role */
|
||||||
$query = "SELECT user_roles.*,roles.type,roles.name FROM user_roles LEFT JOIN roles ON roles.id=user_roles.roles_id WHERE user_roles.users_id={$u['id']}";
|
$query = "SELECT user_roles.roles_id, user_roles.active, user_roles.complete, roles.type,roles.name FROM user_roles LEFT JOIN roles ON roles.id=user_roles.roles_id WHERE user_roles.users_id={$u['id']}";
|
||||||
$q = mysql_query($query);
|
$q = mysql_query($query);
|
||||||
|
|
||||||
$u['roles'] = array();
|
$u['roles'] = array();
|
||||||
while(($roledata = mysql_fetch_assoc($q))) {
|
while(($roledata = mysql_fetch_assoc($q))) {
|
||||||
$u['roles'][$roledata['type']] = $roledata;
|
$u['roles'][$roledata['type']] = $roledata;
|
||||||
@ -101,6 +143,13 @@ function user_load($users_id, $accounts_id = false)
|
|||||||
$u['emailrecipient']="";
|
$u['emailrecipient']="";
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/* we dont want them thinking they can change the email, so dont include it here,
|
||||||
|
its part of the account, not the user, this way they still get the 'emailrecipient'
|
||||||
|
convenience variable, not not the email itself, for that, they need to access
|
||||||
|
the account. */
|
||||||
|
unset($u['email']);
|
||||||
|
|
||||||
|
|
||||||
foreach(array_keys($u['roles']) as $r) {
|
foreach(array_keys($u['roles']) as $r) {
|
||||||
/* Do the load routines inline, the explosion of user roles
|
/* Do the load routines inline, the explosion of user roles
|
||||||
* means it's just silly to have a different function for each
|
* means it's just silly to have a different function for each
|
||||||
|
Loading…
Reference in New Issue
Block a user