forked from science-ation/science-ation
Modifications on how roles get handled
This commit is contained in:
parent
898bdaacfc
commit
d2afb6a94e
83
user.inc.php
83
user.inc.php
@ -245,30 +245,11 @@ function user_save(&$u)
|
||||
return -1;
|
||||
}
|
||||
|
||||
/* Add any new roles */
|
||||
$orig_roles = array_keys($u['orig']['roles']);
|
||||
// Update all roles
|
||||
$new_roles = array_keys($u['roles']);
|
||||
|
||||
/* Delete any removed roles */
|
||||
$removed = array_diff($orig_roles, $new_roles);
|
||||
foreach($removed as $r) {
|
||||
mysql_query("DELETE FROM user_roles WHERE users_id='{$u['id']}' AND roles_id='{$roles[$r]['id']}'");
|
||||
}
|
||||
|
||||
/* Update all roles */
|
||||
foreach($new_roles as $r) {
|
||||
if(!in_array($r, $orig_roles)) {
|
||||
/* Role is new */
|
||||
if(!user_add_role_allowed($u, $r)) {
|
||||
echo "HALT: user can't add this role";
|
||||
exit;
|
||||
}
|
||||
mysql_query("INSERT INTO user_roles(accounts_id,users_id,roles_id,active,complete)
|
||||
VALUES('{$u['accounts_id']}','{$u['id']}','{$roles[$r]['id']}','no','no')");
|
||||
echo mysql_error();
|
||||
|
||||
} else if($u['roles'][$r] != $u['orig']['roles'][$r]) {
|
||||
/* $u['roles'][$r] has changed from original, update it */
|
||||
if($u['roles'][$r] != $u['orig']['roles'][$r]) {
|
||||
// $u['roles'][$r] has changed from original, update it
|
||||
mysql_query("UPDATE user_roles SET active='{$u['roles'][$r]['active']}',
|
||||
complete='{$u['roles'][$r]['complete']}'
|
||||
WHERE id='{$u['roles'][$r]['id']}'");
|
||||
@ -276,7 +257,6 @@ function user_save(&$u)
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
$fields = array('salutation','firstname','lastname',
|
||||
'phonehome','phonework','phonecell','fax','organization',
|
||||
'address','address2','city','province','postalcode','sex',
|
||||
@ -359,8 +339,9 @@ function user_remove_role(&$u, $role)
|
||||
|
||||
/* Delete the role */
|
||||
unset($u['roles'][$role]);
|
||||
mysql_query("DELETE FROM user_roles WHERE roles_id={$role['id']} AND users_id='$id'");
|
||||
|
||||
/* Save this user (takes care of removing entries from the user_roles db) */
|
||||
/* Save this user */
|
||||
user_save($u);
|
||||
}
|
||||
|
||||
@ -510,19 +491,61 @@ function user_add_role_allowed(&$u, $role)
|
||||
return true;
|
||||
}
|
||||
|
||||
function user_add_role(&$u, $role)
|
||||
function user_add_role(&$u, $role, $password = null)
|
||||
{
|
||||
global $config, $roles;
|
||||
if(!user_add_role_allowed($u, $role)) {
|
||||
/* If we get in here, someone is hand crafting URLs */
|
||||
echo "HALT: invalid role add specified for operation.";
|
||||
exit;
|
||||
}
|
||||
|
||||
/* Add the role */
|
||||
$u['roles'][$role] = array('active' =>'yes',
|
||||
'complete' => 'no');
|
||||
/* Save it now so the DB gets updated */
|
||||
user_save($u);
|
||||
// ensure that this role can indeed be added
|
||||
$valid = false;
|
||||
if(array_key_exists($role . '_registration_type', $config)){
|
||||
switch($config[$role . '_registration_type']){
|
||||
case 'open':
|
||||
$valid = true;
|
||||
break;
|
||||
case 'singlepassword':
|
||||
if($password == $config[$role . '_registration_singlepassword']){
|
||||
$valid = true;
|
||||
}
|
||||
break;
|
||||
case 'schoolpassword':
|
||||
if($pasword != null){
|
||||
$schoolId = $u['schools_id'];
|
||||
$schoolDat = mysql_fetch_assoc(mysql_query("SELECT registration_password FROM schools WHERE id=$schoolId"));
|
||||
if($password == $schoolDat['registration_password']) $valid = true;
|
||||
}
|
||||
break;
|
||||
case 'invite':
|
||||
//$valid = false;
|
||||
break;
|
||||
case 'openorinvite':
|
||||
$valid = true;
|
||||
break;
|
||||
}
|
||||
}
|
||||
|
||||
if($valid){
|
||||
// ok, the conditions are met, make sure they don't already have this role
|
||||
$check = mysql_fetch_assoc(mysql_query("SELECT COUNT(*) AS tally FROM user_roles WHERE users_id = {$u['id']} AND roles_id={$roles[$role]['id']}"));
|
||||
if($check['tally'] == 0){
|
||||
|
||||
$q = "INSERT INTO user_roles (accounts_id, users_id, roles_id, active, complete) VALUES(";
|
||||
$q .= $u['accounts_id'];
|
||||
$q .= ", " . $u['id'];
|
||||
$q .= ", " . $roles[$role]['id'];
|
||||
$q .= ", 'yes', 'no');";
|
||||
if(mysql_query($q)){
|
||||
$u['roles'][$role] = array('active' =>'yes', 'complete' => 'no');
|
||||
}else{
|
||||
$error = mysql_error();
|
||||
}
|
||||
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
function user_create($accounts_id, $conferences_id=0)
|
||||
|
@ -36,12 +36,21 @@ else
|
||||
if(array_key_exists('join', $_GET)){
|
||||
// this is a request to join this conference
|
||||
// get the corresponding account id to go with this user id
|
||||
$result = mysql_fetch_assoc(mysql_query("SELECT accounts_id FROM users WHERE id=$edit_id"));
|
||||
if($edit_id == null){
|
||||
// this will happen if they have no user record
|
||||
$edit_accounts_id = $_SESSION['accounts_id'];
|
||||
}else{
|
||||
$q = mysql_query("SELECT accounts_id FROM users WHERE id=$edit_id");
|
||||
if(!$q){
|
||||
echo mysql_error();
|
||||
exit();
|
||||
}
|
||||
$result = mysql_fetch_assoc($q);
|
||||
$edit_accounts_id = $result['accounts_id'];
|
||||
|
||||
}
|
||||
// find out if they're already a member of this conference
|
||||
$query = "SELECT COUNT(*) FROM users WHERE conferences_id = {$_SESSION['conferences_id']}"
|
||||
. " AND accounts_id = " . $_SESSION['accounts_id'];
|
||||
. " AND accounts_id = " . $edit_accounts_id;
|
||||
$data = mysql_fetch_array(mysql_query($query));
|
||||
|
||||
if($data[0] == 0){
|
||||
|
@ -25,7 +25,6 @@
|
||||
<?
|
||||
require_once("common.inc.php");
|
||||
require_once("user.inc.php");
|
||||
|
||||
user_auth_required();
|
||||
|
||||
|
||||
@ -42,12 +41,39 @@
|
||||
echo "<br />";
|
||||
echo "<br />";
|
||||
|
||||
echo "<ul>";
|
||||
foreach(array_keys($u['roles']) as $r) {
|
||||
echo "<li>".$roles[$r]['name']."</li>";
|
||||
// echo "<a href=\"{$r}_main.php\">".$roles[$r]['name']." Main Page</a><br />";
|
||||
// get a list of all roles that this user can potentially sign up for
|
||||
$rlist = array();
|
||||
$q = mysql_query("SELECT * FROM roles");
|
||||
$available = array();
|
||||
$registered = array();
|
||||
while($row = mysql_fetch_assoc($q)){
|
||||
$roleid = $row['type'];
|
||||
$idx = $roleid . "_registration_type";
|
||||
if(array_key_exists($idx, $config)){
|
||||
// this is a role that can potentially be registered for
|
||||
if(is_array($user['roles']) && array_key_exists($row['type'], $user['roles'])){
|
||||
$registered[$row['type']] = $row['name'];
|
||||
}else{
|
||||
$available[$row['type']] = $row['name'];
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
if(count($registered) > 0){
|
||||
echo "<h4>You are currently registered for the following roles:</h4>";
|
||||
foreach($registered as $type => $title){
|
||||
echo "$title<br/>";
|
||||
}
|
||||
echo "<br/>";
|
||||
}
|
||||
|
||||
if(count($available) > 0){
|
||||
echo "<h4>The following roles are available:</h4>";
|
||||
foreach($available as $type => $title){
|
||||
echo "$title<br/>";
|
||||
}
|
||||
echo "<br/>";
|
||||
}
|
||||
echo "</ul>";
|
||||
|
||||
echo "<br />";
|
||||
echo i18n('Other Options and Things To Do').':<br />';
|
||||
@ -60,4 +86,3 @@ echo "<ul>";
|
||||
echo '</ul>';
|
||||
|
||||
send_footer();
|
||||
?>
|
||||
|
@ -97,6 +97,11 @@ case 'remove':
|
||||
happy_("{$roles[$role]['name']} role for %1 successfully deactivated",array($config['FAIRYEAR']));
|
||||
echo i18n("Deactivated");
|
||||
exit;
|
||||
case 'add':
|
||||
// add the role
|
||||
// echo 'add role: ' . $role;
|
||||
user_add_role($u, $role, $_GET['password']);
|
||||
exit;
|
||||
}
|
||||
|
||||
?>
|
||||
@ -146,6 +151,14 @@ function remove(role)
|
||||
}
|
||||
}
|
||||
|
||||
// add the specified role to this user at this fair
|
||||
function addRole(role){
|
||||
$.get('user_roles.php', {'action':'add', 'role':role, 'password':$('#password').val()}, function(result){
|
||||
$('#testoutput').html(result);
|
||||
});
|
||||
}
|
||||
|
||||
|
||||
</script>
|
||||
|
||||
|
||||
@ -182,6 +195,16 @@ function remove(role)
|
||||
</table>
|
||||
</form>
|
||||
|
||||
<?php
|
||||
/*
|
||||
// testing link
|
||||
if(!in_array('judge', $u['roles'])){
|
||||
echo "<div><span style=\"font-weight:bold\" onmouseover=\"this.style.cursor='pointer';\" onmouseout=\"this.style.cursor='auto';\" onclick=\"addRole('judge');\">Make me a judge</span></div>";
|
||||
echo "<div>Password<input type=\"text\" id=\"password\"></input></div>";
|
||||
}
|
||||
*/
|
||||
?>
|
||||
|
||||
<br/><hr/><br/>
|
||||
<?=i18n("The <b>Delete Entire Account</b> button completely deletes your entire account. You will not receive any future email for any roles. It completely removes you from the system. This action cannot be undone.")?>
|
||||
<br/>
|
||||
@ -190,4 +213,4 @@ function remove(role)
|
||||
<input style="width: 300px;" onclick="return confirmClick('<?=i18n("Are you sure you want to completely delete your account?\\nDoing so will remove you from our mailing list for future years and you will never hear from us again.\\nThis action cannot be undone.")?>');"
|
||||
type="submit" value="<?=i18n("Delete Entire Account")?>">
|
||||
</form>
|
||||
|
||||
<div id="testoutput"></div>
|
||||
|
Loading…
Reference in New Issue
Block a user