diff --git a/api.php b/api.php
index 8af3679..32f8f65 100644
--- a/api.php
+++ b/api.php
@@ -26,14 +26,13 @@ include "common.inc.php";
require_once("account.inc.php");
require_once("user.inc.php");
require_once("schedule.inc.php");
-/* FIXME!!! Unremark before committing
if($_SERVER['HTTPS']!="on") {
$ret['status']="error";
$ret['error']="SSL is required for API access, please access the API over https";
echo json_encode($ret);
exit;
}
-*/
+
$request=explode("/",$_GET['request']);
$ret=array();
@@ -500,11 +499,11 @@ switch($request[0]) {
}
break;
- /* APIDOC: user/edit
- description(edit user information for current conference)
- post(user array)
- return(user array)
- */
+ /* APIDOC: user/edit
+ description(edit user information for current conference)
+ post(user array)
+ return(user array)
+ */
case "edit":
if($origu=user_load($_SESSION['users_id'])) {
$u=json_decode($_POST['user']);
@@ -535,6 +534,30 @@ switch($request[0]) {
$ret['error']="Error loading user in order to edit";
}
break;
+
+ /* APIDOC: user/connect_to_school
+ description(connects the current users teacher role to the specified school using the school's access code)
+ post(schools_id integer, accesscode varchar(16))
+ return(school array)
+ */
+ case 'connect_to_school':
+ if($u = user_load($_SESSION['users_id'])) {
+ $schoolId = mysql_real_escape_string($_POST['schools_id']);
+ $accesscode = mysql_real_escape_string($_POST['accesscode']);
+ if(user_set_school($u, $schoolId, $accesscode)){
+ $ret['status'] = "ok";
+ $ret['school'] = mysql_fetch_assoc(mysql_query("SELECT school, phone, fax, address, city, province_code AS province, postalcode FROM schools WHERE id = $schoolId"));
+ }else{
+ $ret['status'] = "error";
+ $ret['error'] = "Error matching schools_id and accesscode";
+ }
+ }else{
+ $ret['status'] = "error";
+ $ret['error'] = "Error loading user";
+ }
+
+
+ break;
}
break;
@@ -674,6 +697,18 @@ switch($request[0]) {
}
break;
+ case 'school':
+ switch($request[1]){
+ /* APIDOC: school/list
+ description(list schools)
+ return(schools array)
+ */
+ case 'list':
+ $ret['schools'] = get_schools($conference['id']);
+ $ret['status'] = 'ok';
+ break;
+ }
+
default:
$ret['status']="error";
$ret['error']="invalid API command ({$request[0]})";
@@ -681,11 +716,6 @@ switch($request[0]) {
}
echo json_encode($ret);
- /* APIDOC: school/list
- notimplemented
- description(list schools)
- return(schools array)
- */
/* APIDOC: account/edit
notimplemented
@@ -694,11 +724,5 @@ echo json_encode($ret);
return(account array)
*/
- /* APIDOC: user/connect_teacher_to_school
- notimplemented
- description(connects the current users teacher role to the specified school usign the schools access code)
- post(schools_id integer, accesscode varchar(16))
- return(school array)
- */
?>
diff --git a/common.inc.functions.php b/common.inc.functions.php
index b10c869..48a0c38 100644
--- a/common.inc.functions.php
+++ b/common.inc.functions.php
@@ -808,7 +808,6 @@ function get_timeslots($conferenceId){
}
// a convenience function for getting the special awards that are relevant to the specified conference.
-// separated because it's used in a couple of spots
function get_special_awards($conferenceId){
$returnval = array();
$q = mysql_query("SELECT award_awards.id,
@@ -830,3 +829,23 @@ function get_special_awards($conferenceId){
return $returnval;
}
+// a convenience function for getting a list of schools that are relevant to the specified conference
+function get_schools($conferenceId){
+ $data = array();
+ $returnval = array();
+ $q = mysql_query("SELECT MAX(id) AS id,school,city FROM schools GROUP BY school, city");
+ while($record = mysql_fetch_assoc($q)) $data[] = $record;
+ $prevRecord = null;
+ for($n = 0; $n < count($data); $n++){
+ $record = $data[$n];
+ $title = $data[$n]['school'];
+ if(array_key_exists($n + 1, $data) && $data[$n + 1]['school'] == $title){
+ $title .= " ({$record['city']})";
+ }else if($prevRecord != null && $prevRecord['school'] == $title){
+ $title .= " ({$record['city']})";
+ }
+ $returnval[$record['id']] = $title;
+ $prevRecord = $record;
+ }
+ return $returnval;
+}
diff --git a/testapi.php b/testapi.php
index 2d11ed2..c284970 100644
--- a/testapi.php
+++ b/testapi.php
@@ -128,6 +128,17 @@ foreach($roles AS $role=>$r) {
}?>
+
+Schools
+School Listing
+
+
+
+
Session Variables
array(
'label' => 'Time Avail.',
'types' => array('judge'),
'file' => 'judge_availability.php',
+ 'disabled' => 'true'
),
'judgesa' => array(
'label' => 'Special Awards',
diff --git a/user_school.php b/user_school.php
index 360ab63..8c431a8 100644
--- a/user_school.php
+++ b/user_school.php
@@ -41,15 +41,9 @@ if(array_key_exists('action', $_POST)){
case 'submit_code':
$code = mysql_real_escape_string($_POST['code']);
$school = mysql_real_escape_string($_POST['school']);
- $query = "SELECT * FROM schools WHERE id = $school AND accesscode = '$code'";
- $data = mysql_fetch_assoc(mysql_query($query));
- if(is_array($data)){
- $query = "UPDATE users SET schools_id = $school WHERE id = $edit_id";
- if(mysql_query($query)){
- // we successfully updated the school for this user. Now send the info back to papulate the page
- $schoolData = mysql_fetch_assoc(mysql_query("SELECT school, address, city, province_code, postalcode, phone FROM schools WHERE id='$school'"));
- echo "schoolInfo = '" . implode("
", $schoolData) . "';";
- }
+ if(user_set_school($u, $school, $code)){
+ $schoolData = mysql_fetch_assoc(mysql_query("SELECT school, address, city, province_code, postalcode, phone FROM schools WHERE id='$school'"));
+ echo "schoolInfo = '" . implode("
", $schoolData) . "';";
}
break;
default:
@@ -86,7 +80,7 @@ $translations = array(
$('#instructions').html("");
}
- }
+ }
);
}
@@ -114,22 +108,16 @@ echo "";
// build a select box for them to pick out a school
echo '";
echo " | ";
echo "| ";
|