forked from science-ation/science-ation
Separated the functionality of school selection from the pages, implemented it in the API
This commit is contained in:
parent
f1b9123835
commit
d0d3c7b7c4
60
api.php
60
api.php
@ -26,14 +26,13 @@ include "common.inc.php";
|
||||
require_once("account.inc.php");
|
||||
require_once("user.inc.php");
|
||||
require_once("schedule.inc.php");
|
||||
/* FIXME!!! Unremark before committing
|
||||
if($_SERVER['HTTPS']!="on") {
|
||||
$ret['status']="error";
|
||||
$ret['error']="SSL is required for API access, please access the API over https";
|
||||
echo json_encode($ret);
|
||||
exit;
|
||||
}
|
||||
*/
|
||||
|
||||
$request=explode("/",$_GET['request']);
|
||||
$ret=array();
|
||||
|
||||
@ -500,11 +499,11 @@ switch($request[0]) {
|
||||
}
|
||||
break;
|
||||
|
||||
/* APIDOC: user/edit
|
||||
description(edit user information for current conference)
|
||||
post(user array)
|
||||
return(user array)
|
||||
*/
|
||||
/* APIDOC: user/edit
|
||||
description(edit user information for current conference)
|
||||
post(user array)
|
||||
return(user array)
|
||||
*/
|
||||
case "edit":
|
||||
if($origu=user_load($_SESSION['users_id'])) {
|
||||
$u=json_decode($_POST['user']);
|
||||
@ -535,6 +534,30 @@ switch($request[0]) {
|
||||
$ret['error']="Error loading user in order to edit";
|
||||
}
|
||||
break;
|
||||
|
||||
/* APIDOC: user/connect_to_school
|
||||
description(connects the current users teacher role to the specified school using the school's access code)
|
||||
post(schools_id integer, accesscode varchar(16))
|
||||
return(school array)
|
||||
*/
|
||||
case 'connect_to_school':
|
||||
if($u = user_load($_SESSION['users_id'])) {
|
||||
$schoolId = mysql_real_escape_string($_POST['schools_id']);
|
||||
$accesscode = mysql_real_escape_string($_POST['accesscode']);
|
||||
if(user_set_school($u, $schoolId, $accesscode)){
|
||||
$ret['status'] = "ok";
|
||||
$ret['school'] = mysql_fetch_assoc(mysql_query("SELECT school, phone, fax, address, city, province_code AS province, postalcode FROM schools WHERE id = $schoolId"));
|
||||
}else{
|
||||
$ret['status'] = "error";
|
||||
$ret['error'] = "Error matching schools_id and accesscode";
|
||||
}
|
||||
}else{
|
||||
$ret['status'] = "error";
|
||||
$ret['error'] = "Error loading user";
|
||||
}
|
||||
|
||||
|
||||
break;
|
||||
}
|
||||
|
||||
break;
|
||||
@ -674,6 +697,18 @@ switch($request[0]) {
|
||||
}
|
||||
break;
|
||||
|
||||
case 'school':
|
||||
switch($request[1]){
|
||||
/* APIDOC: school/list
|
||||
description(list schools)
|
||||
return(schools array)
|
||||
*/
|
||||
case 'list':
|
||||
$ret['schools'] = get_schools($conference['id']);
|
||||
$ret['status'] = 'ok';
|
||||
break;
|
||||
}
|
||||
|
||||
default:
|
||||
$ret['status']="error";
|
||||
$ret['error']="invalid API command ({$request[0]})";
|
||||
@ -681,11 +716,6 @@ switch($request[0]) {
|
||||
}
|
||||
echo json_encode($ret);
|
||||
|
||||
/* APIDOC: school/list
|
||||
notimplemented
|
||||
description(list schools)
|
||||
return(schools array)
|
||||
*/
|
||||
|
||||
/* APIDOC: account/edit
|
||||
notimplemented
|
||||
@ -694,11 +724,5 @@ echo json_encode($ret);
|
||||
return(account array)
|
||||
*/
|
||||
|
||||
/* APIDOC: user/connect_teacher_to_school
|
||||
notimplemented
|
||||
description(connects the current users teacher role to the specified school usign the schools access code)
|
||||
post(schools_id integer, accesscode varchar(16))
|
||||
return(school array)
|
||||
*/
|
||||
|
||||
?>
|
||||
|
@ -808,7 +808,6 @@ function get_timeslots($conferenceId){
|
||||
}
|
||||
|
||||
// a convenience function for getting the special awards that are relevant to the specified conference.
|
||||
// separated because it's used in a couple of spots
|
||||
function get_special_awards($conferenceId){
|
||||
$returnval = array();
|
||||
$q = mysql_query("SELECT award_awards.id,
|
||||
@ -830,3 +829,23 @@ function get_special_awards($conferenceId){
|
||||
return $returnval;
|
||||
}
|
||||
|
||||
// a convenience function for getting a list of schools that are relevant to the specified conference
|
||||
function get_schools($conferenceId){
|
||||
$data = array();
|
||||
$returnval = array();
|
||||
$q = mysql_query("SELECT MAX(id) AS id,school,city FROM schools GROUP BY school, city");
|
||||
while($record = mysql_fetch_assoc($q)) $data[] = $record;
|
||||
$prevRecord = null;
|
||||
for($n = 0; $n < count($data); $n++){
|
||||
$record = $data[$n];
|
||||
$title = $data[$n]['school'];
|
||||
if(array_key_exists($n + 1, $data) && $data[$n + 1]['school'] == $title){
|
||||
$title .= " ({$record['city']})";
|
||||
}else if($prevRecord != null && $prevRecord['school'] == $title){
|
||||
$title .= " ({$record['city']})";
|
||||
}
|
||||
$returnval[$record['id']] = $title;
|
||||
$prevRecord = $record;
|
||||
}
|
||||
return $returnval;
|
||||
}
|
||||
|
11
testapi.php
11
testapi.php
@ -128,6 +128,17 @@ foreach($roles AS $role=>$r) {
|
||||
}?>
|
||||
<input type="submit" value="List Registration Fields for Selected Roles">
|
||||
</form>
|
||||
|
||||
<h1>Schools</h1>
|
||||
<a href="api/school/list">School Listing</a><br/>
|
||||
|
||||
<form method="post" action="api/user/connect_to_school">
|
||||
<input type="text" size=4 name="schools_id">
|
||||
<input type="text" size=6 name="accesscode">
|
||||
<input type="submit" value="Set user's school">
|
||||
</form>
|
||||
|
||||
|
||||
<h1>Session Variables</h1>
|
||||
<?
|
||||
echo json_encode($_SESSION);
|
||||
|
22
user.inc.php
22
user.inc.php
@ -284,7 +284,10 @@ function user_get_role_fields($role){
|
||||
$fields = array('sponsors_id','primary','position','notes');
|
||||
break;
|
||||
case 'teacher':
|
||||
$fields = array();
|
||||
$fields = array('schools_id');
|
||||
break;
|
||||
case 'principal':
|
||||
$fields = array('schools_id');
|
||||
break;
|
||||
case 'volunteer':
|
||||
$fields = array('languages');
|
||||
@ -599,7 +602,7 @@ function user_save(&$u)
|
||||
'willing_chair','special_award_only',
|
||||
'cat_prefs','div_prefs','divsub_prefs',
|
||||
'expertise_other','languages', 'highest_psd');
|
||||
$fields_for_role['student'] = array('schools_id');
|
||||
// $fields_for_role['student'] = array('schools_id');
|
||||
$fields_for_role['fair'] = array('fairs_id');
|
||||
$fields_for_role['sponsor'] = array('sponsors_id','primary','position');
|
||||
$fields_for_role['teacher'] = array();
|
||||
@ -935,6 +938,21 @@ function user_add_role_allowed(&$u, $role)
|
||||
return true;
|
||||
}
|
||||
|
||||
// Set the user's school to the one specifed. Verifying the school code is needed
|
||||
// here, as it will be called from both the web interface and the API.
|
||||
// returns true on success, false otherwise
|
||||
function user_set_school($u, $schoolId, $schoolCode){
|
||||
$returnval = false;
|
||||
// make sure the id and code match
|
||||
$tally = mysql_result(mysql_query("SELECT COUNT(*) FROM schools WHERE id = $schoolId AND accesscode = '$schoolCode'"), 0);
|
||||
if($tally == 1){
|
||||
if(mysql_query("UPDATE users SET schools_id = $schoolId WHERE id = " . $u['id'])){
|
||||
$u['schools_id'] = $schoolId;
|
||||
$returnval = true;
|
||||
}
|
||||
}
|
||||
return $returnval;
|
||||
}
|
||||
|
||||
// Add a role for a user.
|
||||
// now just a skin on top of account_add_role
|
||||
|
@ -131,6 +131,7 @@ $tabs = array( 'fairinfo' => array(
|
||||
'label' => 'Time Avail.',
|
||||
'types' => array('judge'),
|
||||
'file' => 'judge_availability.php',
|
||||
'disabled' => 'true'
|
||||
),
|
||||
'judgesa' => array(
|
||||
'label' => 'Special Awards',
|
||||
|
@ -41,15 +41,9 @@ if(array_key_exists('action', $_POST)){
|
||||
case 'submit_code':
|
||||
$code = mysql_real_escape_string($_POST['code']);
|
||||
$school = mysql_real_escape_string($_POST['school']);
|
||||
$query = "SELECT * FROM schools WHERE id = $school AND accesscode = '$code'";
|
||||
$data = mysql_fetch_assoc(mysql_query($query));
|
||||
if(is_array($data)){
|
||||
$query = "UPDATE users SET schools_id = $school WHERE id = $edit_id";
|
||||
if(mysql_query($query)){
|
||||
// we successfully updated the school for this user. Now send the info back to papulate the page
|
||||
$schoolData = mysql_fetch_assoc(mysql_query("SELECT school, address, city, province_code, postalcode, phone FROM schools WHERE id='$school'"));
|
||||
echo "schoolInfo = '" . implode("<br/>", $schoolData) . "';";
|
||||
}
|
||||
if(user_set_school($u, $school, $code)){
|
||||
$schoolData = mysql_fetch_assoc(mysql_query("SELECT school, address, city, province_code, postalcode, phone FROM schools WHERE id='$school'"));
|
||||
echo "schoolInfo = '" . implode("<br/>", $schoolData) . "';";
|
||||
}
|
||||
break;
|
||||
default:
|
||||
@ -86,7 +80,7 @@ $translations = array(
|
||||
$('#instructions').html("<?=$translations['incorrect'];?>");
|
||||
}
|
||||
|
||||
}
|
||||
}
|
||||
);
|
||||
}
|
||||
</script>
|
||||
@ -114,22 +108,16 @@ echo "</td><td>";
|
||||
|
||||
// build a select box for them to pick out a school
|
||||
echo '<select id="schoolId">';
|
||||
$query = "SELECT MAX(id) AS id,school,city FROM schools GROUP BY school, city";
|
||||
$q = mysql_query($query);
|
||||
$prev="somethingthatdoesnotexist";
|
||||
echo "<option value=\"\">".i18n("Choose a school")."</option>\n";
|
||||
while($r=mysql_fetch_object($q)){
|
||||
if($r->school == $schoolData['school']){
|
||||
$schoolList = get_schools($conference['id']);
|
||||
foreach($schoolList as $id => $school){
|
||||
if($school == $schoolData['school']){
|
||||
$sel= "selected=\"selected\"";
|
||||
}else{
|
||||
$sel= "";
|
||||
}
|
||||
if($r->school==$prev)
|
||||
echo "<option $sel value=\"$r->id\">$r->school ($r->city)</option>\n";
|
||||
else
|
||||
echo "<option $sel value=\"$r->id\">$r->school</option>\n";
|
||||
$prev=$r->school;
|
||||
}
|
||||
echo "<option $sel value=\"$id\">$school</option>";
|
||||
}
|
||||
echo "</select>";
|
||||
echo "</td></tr>";
|
||||
echo "<tr><td>";
|
||||
|
Loading…
Reference in New Issue
Block a user