Separated the functionality of school selection from the pages, implemented it in the API

This commit is contained in:
jacob 2010-10-27 16:40:17 +00:00
parent f1b9123835
commit d0d3c7b7c4
6 changed files with 103 additions and 42 deletions

50
api.php
View File

@ -26,14 +26,13 @@ include "common.inc.php";
require_once("account.inc.php"); require_once("account.inc.php");
require_once("user.inc.php"); require_once("user.inc.php");
require_once("schedule.inc.php"); require_once("schedule.inc.php");
/* FIXME!!! Unremark before committing
if($_SERVER['HTTPS']!="on") { if($_SERVER['HTTPS']!="on") {
$ret['status']="error"; $ret['status']="error";
$ret['error']="SSL is required for API access, please access the API over https"; $ret['error']="SSL is required for API access, please access the API over https";
echo json_encode($ret); echo json_encode($ret);
exit; exit;
} }
*/
$request=explode("/",$_GET['request']); $request=explode("/",$_GET['request']);
$ret=array(); $ret=array();
@ -535,6 +534,30 @@ switch($request[0]) {
$ret['error']="Error loading user in order to edit"; $ret['error']="Error loading user in order to edit";
} }
break; break;
/* APIDOC: user/connect_to_school
description(connects the current users teacher role to the specified school using the school's access code)
post(schools_id integer, accesscode varchar(16))
return(school array)
*/
case 'connect_to_school':
if($u = user_load($_SESSION['users_id'])) {
$schoolId = mysql_real_escape_string($_POST['schools_id']);
$accesscode = mysql_real_escape_string($_POST['accesscode']);
if(user_set_school($u, $schoolId, $accesscode)){
$ret['status'] = "ok";
$ret['school'] = mysql_fetch_assoc(mysql_query("SELECT school, phone, fax, address, city, province_code AS province, postalcode FROM schools WHERE id = $schoolId"));
}else{
$ret['status'] = "error";
$ret['error'] = "Error matching schools_id and accesscode";
}
}else{
$ret['status'] = "error";
$ret['error'] = "Error loading user";
}
break;
} }
break; break;
@ -674,6 +697,18 @@ switch($request[0]) {
} }
break; break;
case 'school':
switch($request[1]){
/* APIDOC: school/list
description(list schools)
return(schools array)
*/
case 'list':
$ret['schools'] = get_schools($conference['id']);
$ret['status'] = 'ok';
break;
}
default: default:
$ret['status']="error"; $ret['status']="error";
$ret['error']="invalid API command ({$request[0]})"; $ret['error']="invalid API command ({$request[0]})";
@ -681,11 +716,6 @@ switch($request[0]) {
} }
echo json_encode($ret); echo json_encode($ret);
/* APIDOC: school/list
notimplemented
description(list schools)
return(schools array)
*/
/* APIDOC: account/edit /* APIDOC: account/edit
notimplemented notimplemented
@ -694,11 +724,5 @@ echo json_encode($ret);
return(account array) return(account array)
*/ */
/* APIDOC: user/connect_teacher_to_school
notimplemented
description(connects the current users teacher role to the specified school usign the schools access code)
post(schools_id integer, accesscode varchar(16))
return(school array)
*/
?> ?>

View File

@ -808,7 +808,6 @@ function get_timeslots($conferenceId){
} }
// a convenience function for getting the special awards that are relevant to the specified conference. // a convenience function for getting the special awards that are relevant to the specified conference.
// separated because it's used in a couple of spots
function get_special_awards($conferenceId){ function get_special_awards($conferenceId){
$returnval = array(); $returnval = array();
$q = mysql_query("SELECT award_awards.id, $q = mysql_query("SELECT award_awards.id,
@ -830,3 +829,23 @@ function get_special_awards($conferenceId){
return $returnval; return $returnval;
} }
// a convenience function for getting a list of schools that are relevant to the specified conference
function get_schools($conferenceId){
$data = array();
$returnval = array();
$q = mysql_query("SELECT MAX(id) AS id,school,city FROM schools GROUP BY school, city");
while($record = mysql_fetch_assoc($q)) $data[] = $record;
$prevRecord = null;
for($n = 0; $n < count($data); $n++){
$record = $data[$n];
$title = $data[$n]['school'];
if(array_key_exists($n + 1, $data) && $data[$n + 1]['school'] == $title){
$title .= " ({$record['city']})";
}else if($prevRecord != null && $prevRecord['school'] == $title){
$title .= " ({$record['city']})";
}
$returnval[$record['id']] = $title;
$prevRecord = $record;
}
return $returnval;
}

View File

@ -128,6 +128,17 @@ foreach($roles AS $role=>$r) {
}?> }?>
<input type="submit" value="List Registration Fields for Selected Roles"> <input type="submit" value="List Registration Fields for Selected Roles">
</form> </form>
<h1>Schools</h1>
<a href="api/school/list">School Listing</a><br/>
<form method="post" action="api/user/connect_to_school">
<input type="text" size=4 name="schools_id">
<input type="text" size=6 name="accesscode">
<input type="submit" value="Set user's school">
</form>
<h1>Session Variables</h1> <h1>Session Variables</h1>
<? <?
echo json_encode($_SESSION); echo json_encode($_SESSION);

View File

@ -284,7 +284,10 @@ function user_get_role_fields($role){
$fields = array('sponsors_id','primary','position','notes'); $fields = array('sponsors_id','primary','position','notes');
break; break;
case 'teacher': case 'teacher':
$fields = array(); $fields = array('schools_id');
break;
case 'principal':
$fields = array('schools_id');
break; break;
case 'volunteer': case 'volunteer':
$fields = array('languages'); $fields = array('languages');
@ -599,7 +602,7 @@ function user_save(&$u)
'willing_chair','special_award_only', 'willing_chair','special_award_only',
'cat_prefs','div_prefs','divsub_prefs', 'cat_prefs','div_prefs','divsub_prefs',
'expertise_other','languages', 'highest_psd'); 'expertise_other','languages', 'highest_psd');
$fields_for_role['student'] = array('schools_id'); // $fields_for_role['student'] = array('schools_id');
$fields_for_role['fair'] = array('fairs_id'); $fields_for_role['fair'] = array('fairs_id');
$fields_for_role['sponsor'] = array('sponsors_id','primary','position'); $fields_for_role['sponsor'] = array('sponsors_id','primary','position');
$fields_for_role['teacher'] = array(); $fields_for_role['teacher'] = array();
@ -935,6 +938,21 @@ function user_add_role_allowed(&$u, $role)
return true; return true;
} }
// Set the user's school to the one specifed. Verifying the school code is needed
// here, as it will be called from both the web interface and the API.
// returns true on success, false otherwise
function user_set_school($u, $schoolId, $schoolCode){
$returnval = false;
// make sure the id and code match
$tally = mysql_result(mysql_query("SELECT COUNT(*) FROM schools WHERE id = $schoolId AND accesscode = '$schoolCode'"), 0);
if($tally == 1){
if(mysql_query("UPDATE users SET schools_id = $schoolId WHERE id = " . $u['id'])){
$u['schools_id'] = $schoolId;
$returnval = true;
}
}
return $returnval;
}
// Add a role for a user. // Add a role for a user.
// now just a skin on top of account_add_role // now just a skin on top of account_add_role

View File

@ -131,6 +131,7 @@ $tabs = array( 'fairinfo' => array(
'label' => 'Time Avail.', 'label' => 'Time Avail.',
'types' => array('judge'), 'types' => array('judge'),
'file' => 'judge_availability.php', 'file' => 'judge_availability.php',
'disabled' => 'true'
), ),
'judgesa' => array( 'judgesa' => array(
'label' => 'Special Awards', 'label' => 'Special Awards',

View File

@ -41,16 +41,10 @@ if(array_key_exists('action', $_POST)){
case 'submit_code': case 'submit_code':
$code = mysql_real_escape_string($_POST['code']); $code = mysql_real_escape_string($_POST['code']);
$school = mysql_real_escape_string($_POST['school']); $school = mysql_real_escape_string($_POST['school']);
$query = "SELECT * FROM schools WHERE id = $school AND accesscode = '$code'"; if(user_set_school($u, $school, $code)){
$data = mysql_fetch_assoc(mysql_query($query));
if(is_array($data)){
$query = "UPDATE users SET schools_id = $school WHERE id = $edit_id";
if(mysql_query($query)){
// we successfully updated the school for this user. Now send the info back to papulate the page
$schoolData = mysql_fetch_assoc(mysql_query("SELECT school, address, city, province_code, postalcode, phone FROM schools WHERE id='$school'")); $schoolData = mysql_fetch_assoc(mysql_query("SELECT school, address, city, province_code, postalcode, phone FROM schools WHERE id='$school'"));
echo "schoolInfo = '" . implode("<br/>", $schoolData) . "';"; echo "schoolInfo = '" . implode("<br/>", $schoolData) . "';";
} }
}
break; break;
default: default:
// invalid action // invalid action
@ -114,21 +108,15 @@ echo "</td><td>";
// build a select box for them to pick out a school // build a select box for them to pick out a school
echo '<select id="schoolId">'; echo '<select id="schoolId">';
$query = "SELECT MAX(id) AS id,school,city FROM schools GROUP BY school, city";
$q = mysql_query($query);
$prev="somethingthatdoesnotexist";
echo "<option value=\"\">".i18n("Choose a school")."</option>\n"; echo "<option value=\"\">".i18n("Choose a school")."</option>\n";
while($r=mysql_fetch_object($q)){ $schoolList = get_schools($conference['id']);
if($r->school == $schoolData['school']){ foreach($schoolList as $id => $school){
if($school == $schoolData['school']){
$sel= "selected=\"selected\""; $sel= "selected=\"selected\"";
}else{ }else{
$sel= ""; $sel= "";
} }
if($r->school==$prev) echo "<option $sel value=\"$id\">$school</option>";
echo "<option $sel value=\"$r->id\">$r->school ($r->city)</option>\n";
else
echo "<option $sel value=\"$r->id\">$r->school</option>\n";
$prev=$r->school;
} }
echo "</select>"; echo "</select>";
echo "</td></tr>"; echo "</td></tr>";