arman/science-ation
1
1
Fork 0
forked from science-ation/science-ation
Code Pull Requests Activity

Modifications on how roles get handled

Browse Source
This commit is contained in:
jacob 2010-10-05 15:04:15 +00:00
parent 898bdaacfc
commit d2afb6a94e
4 changed files with 122 additions and 42 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

83
user.inc.php
View File

@ -245,30 +245,11 @@ function user_save(&$u)
return -1;
}
/* Add any new roles */
$orig_roles = array_keys($u['orig']['roles']);
// Update all roles
$new_roles = array_keys($u['roles']);
/* Delete any removed roles */
$removed = array_diff($orig_roles, $new_roles);
foreach($removed as $r) {
mysql_query("DELETE FROM user_roles WHERE users_id='{$u['id']}' AND roles_id='{$roles[$r]['id']}'");
}
/* Update all roles */
foreach($new_roles as $r) {
if(!in_array($r, $orig_roles)) {
/* Role is new */
if(!user_add_role_allowed($u, $r)) {
echo "HALT: user can't add this role";
exit;
}
mysql_query("INSERT INTO user_roles(accounts_id,users_id,roles_id,active,complete)
VALUES('{$u['accounts_id']}','{$u['id']}','{$roles[$r]['id']}','no','no')");
echo mysql_error();
} else if($u['roles'][$r] != $u['orig']['roles'][$r]) {
/* $u['roles'][$r] has changed from original, update it */
if($u['roles'][$r] != $u['orig']['roles'][$r]) {
// $u['roles'][$r] has changed from original, update it
mysql_query("UPDATE user_roles SET active='{$u['roles'][$r]['active']}',
complete='{$u['roles'][$r]['complete']}'
WHERE id='{$u['roles'][$r]['id']}'");
@ -276,7 +257,6 @@ function user_save(&$u)
}
}
$fields = array('salutation','firstname','lastname',
'phonehome','phonework','phonecell','fax','organization',
'address','address2','city','province','postalcode','sex',
@ -359,8 +339,9 @@ function user_remove_role(&$u, $role)
/* Delete the role */
unset($u['roles'][$role]);
mysql_query("DELETE FROM user_roles WHERE roles_id={$role['id']} AND users_id='$id'");
/* Save this user (takes care of removing entries from the user_roles db) */
/* Save this user */
user_save($u);
}
@ -510,19 +491,61 @@ function user_add_role_allowed(&$u, $role)
return true;
}
function user_add_role(&$u, $role)
function user_add_role(&$u, $role, $password = null)
{
global $config, $roles;
if(!user_add_role_allowed($u, $role)) {
/* If we get in here, someone is hand crafting URLs */
echo "HALT: invalid role add specified for operation.";
exit;
}
/* Add the role */
$u['roles'][$role] = array('active' =>'yes',
'complete' => 'no');
/* Save it now so the DB gets updated */
user_save($u);
// ensure that this role can indeed be added
$valid = false;
if(array_key_exists($role . '_registration_type', $config)){
switch($config[$role . '_registration_type']){
case 'open':
$valid = true;
break;
case 'singlepassword':
if($password == $config[$role . '_registration_singlepassword']){
$valid = true;
}
break;
case 'schoolpassword':
if($pasword != null){
$schoolId = $u['schools_id'];
$schoolDat = mysql_fetch_assoc(mysql_query("SELECT registration_password FROM schools WHERE id=$schoolId"));
if($password == $schoolDat['registration_password']) $valid = true;
}
break;
case 'invite':
//$valid = false;
break;
case 'openorinvite':
$valid = true;
break;
}
}
if($valid){
// ok, the conditions are met, make sure they don't already have this role
$check = mysql_fetch_assoc(mysql_query("SELECT COUNT(*) AS tally FROM user_roles WHERE users_id = {$u['id']} AND roles_id={$roles[$role]['id']}"));
if($check['tally'] == 0){
$q = "INSERT INTO user_roles (accounts_id, users_id, roles_id, active, complete) VALUES(";
$q .= $u['accounts_id'];
$q .= ", " . $u['id'];
$q .= ", " . $roles[$role]['id'];
$q .= ", 'yes', 'no');";
if(mysql_query($q)){
$u['roles'][$role] = array('active' =>'yes', 'complete' => 'no');
}else{
$error = mysql_error();
}
}
}
}
function user_create($accounts_id, $conferences_id=0)

17
user_edit.php
View File

@ -36,12 +36,21 @@ else
if(array_key_exists('join', $_GET)){
// this is a request to join this conference
// get the corresponding account id to go with this user id
$result = mysql_fetch_assoc(mysql_query("SELECT accounts_id FROM users WHERE id=$edit_id"));
$edit_accounts_id = $result['accounts_id'];
if($edit_id == null){
// this will happen if they have no user record
$edit_accounts_id = $_SESSION['accounts_id'];
}else{
$q = mysql_query("SELECT accounts_id FROM users WHERE id=$edit_id");
if(!$q){
echo mysql_error();
exit();
}
$result = mysql_fetch_assoc($q);
$edit_accounts_id = $result['accounts_id'];
}
// find out if they're already a member of this conference
$query = "SELECT COUNT(*) FROM users WHERE conferences_id = {$_SESSION['conferences_id']}"
. " AND accounts_id = " . $_SESSION['accounts_id'];
. " AND accounts_id = " . $edit_accounts_id;
$data = mysql_fetch_array(mysql_query($query));
if($data[0] == 0){

39
user_main.php
View File

@ -25,7 +25,6 @@
<?
require_once("common.inc.php");
require_once("user.inc.php");
user_auth_required();
@ -42,12 +41,39 @@
echo "<br />";
echo "<br />";
echo "<ul>";
foreach(array_keys($u['roles']) as $r) {
echo "<li>".$roles[$r]['name']."</li>";
// echo "<a href=\"{$r}_main.php\">".$roles[$r]['name']." Main Page</a><br />";
// get a list of all roles that this user can potentially sign up for
$rlist = array();
$q = mysql_query("SELECT * FROM roles");
$available = array();
$registered = array();
while($row = mysql_fetch_assoc($q)){
$roleid = $row['type'];
$idx = $roleid . "_registration_type";
if(array_key_exists($idx, $config)){
// this is a role that can potentially be registered for
if(is_array($user['roles']) && array_key_exists($row['type'], $user['roles'])){
$registered[$row['type']] = $row['name'];
}else{
$available[$row['type']] = $row['name'];
}
}
}
if(count($registered) > 0){
echo "<h4>You are currently registered for the following roles:</h4>";
foreach($registered as $type => $title){
echo "$title<br/>";
}
echo "<br/>";
}
if(count($available) > 0){
echo "<h4>The following roles are available:</h4>";
foreach($available as $type => $title){
echo "$title<br/>";
}
echo "<br/>";
}
echo "</ul>";
echo "<br />";
echo i18n('Other Options and Things To Do').':<br />';
@ -60,4 +86,3 @@ echo "<ul>";
echo '</ul>';
send_footer();
?>

25
user_roles.php
View File

@ -97,6 +97,11 @@ case 'remove':
happy_("{$roles[$role]['name']} role for %1 successfully deactivated",array($config['FAIRYEAR']));
echo i18n("Deactivated");
exit;
case 'add':
// add the role
// echo 'add role: ' . $role;
user_add_role($u, $role, $_GET['password']);
exit;
}
?>
@ -146,6 +151,14 @@ function remove(role)
}
}
// add the specified role to this user at this fair
function addRole(role){
$.get('user_roles.php', {'action':'add', 'role':role, 'password':$('#password').val()}, function(result){
$('#testoutput').html(result);
});
}
</script>
@ -182,6 +195,16 @@ function remove(role)
</table>
</form>
<?php
/*
// testing link
if(!in_array('judge', $u['roles'])){
echo "<div><span style=\"font-weight:bold\" onmouseover=\"this.style.cursor='pointer';\" onmouseout=\"this.style.cursor='auto';\" onclick=\"addRole('judge');\">Make me a judge</span></div>";
echo "<div>Password<input type=\"text\" id=\"password\"></input></div>";
}
*/
?>
<br/><hr/><br/>
<?=i18n("The <b>Delete Entire Account</b> button completely deletes your entire account. You will not receive any future email for any roles. It completely removes you from the system. This action cannot be undone.")?>
<br/>
@ -190,4 +213,4 @@ function remove(role)
<input style="width: 300px;" onclick="return confirmClick('<?=i18n("Are you sure you want to completely delete your account?\\nDoing so will remove you from our mailing list for future years and you will never hear from us again.\\nThis action cannot be undone.")?>');"
type="submit" value="<?=i18n("Delete Entire Account")?>">
</form>
<div id="testoutput"></div>