diff --git a/api.php b/api.php index f479700..74fed50 100644 --- a/api.php +++ b/api.php @@ -599,6 +599,35 @@ switch($request[0]) { } + break; + /* APIDOC: user/invite + description(invites a user to play a particular role in the conference, creating an account for them, and giving them the specifed role) + post(username varchar(64), password varchar(64), email varchar(64), roles_id integer) + return(user array) + */ + case 'invite': + // let's make sure we have all of the data posted + $ok = true; + foreach(array('username' => 'varchar(64)', 'password' => 'varchar(64)', 'email' => 'varchar(64)', 'roles_id' => 'integer') as $field => $format){ + if(!array_key_exists($field, $_POST)){ + $ret['status'] == 'error'; + $ret['error'] = "$field ($format) is required"; + $ok = false; + break; + } + } + + if($ok){ + $newUser = user_invite($_POST['username'], $_POST['password'], $_POST['email'], $_POST['roles_id']); + if(is_array($newUser)){ + $ret['status'] = 'ok'; + $ret['user'] = $newUser; + }else{ + $ret['status'] = 'error'; + $ret['error'] = $newUser; + } + } + break; } diff --git a/db/db.update.224.sql b/db/db.update.224.sql new file mode 100644 index 0000000..d10b5b1 --- /dev/null +++ b/db/db.update.224.sql @@ -0,0 +1,6 @@ +INSERT INTO `rolestasks` (`id`, `pid`, `roles_id`, `level`, `task`, `ord`, `link`, `navident`, `conferencetype`) VALUES +(128, 89, 10, 2, 'School Information', 1, '/schoolinfo.php', '', 'scienceolympics'), +(129, 90, 10, 2, 'School Feedback', 1, '/schoolfeedback.php', '', 'scienceolympics'); + +ALTER TABLE `pagetext` DROP INDEX `textname` , ADD UNIQUE `textname` ( `textname` , `conferences_id` , `lang` ); +UPDATE roles SET `type` = 'participant', `name` = 'Participant' WHERE type = 'student'; diff --git a/super/conferences.php b/super/conferences.php index 22e9a1c..14871e7 100644 --- a/super/conferences.php +++ b/super/conferences.php @@ -273,7 +273,16 @@ function dropConference(cid){ function openWizard(){ wizard = $('
'); $('#conferences').append(wizard); - wizard.dialog({'modal':'true'}); + wizard.dialog({ + modal:true, + width:500, + height:200, + resizable:false, + draggable:false, + closeOnEscape:false, + open: function(event, ui) { $(".ui-dialog-titlebar-close").hide(); } + + }); wizard.load('conferences.php?action=new'); } @@ -371,7 +380,7 @@ function wizard_draw_step($step, $message = null){ } // draw the actual content of this step - echo "
"; + echo "
"; if(function_exists($wizard_steps[$step]['builder'])){ $wizard_steps[$step]['builder'](); } @@ -412,8 +421,10 @@ function build_start_step(){ }else{ } echo '

' . i18n("What would you like to do?") . '

'; - echo '' . i18n('Create a new conference') . '
'; - echo '' . i18n('Copy an existing conference') . '
'; + echo '
'; + echo ' ' . i18n('Create a new conference') . '
'; + echo ' ' . i18n('Copy an existing conference') . '
'; + echo '
'; } } @@ -439,13 +450,15 @@ function handle_start_step(){ function build_select_nametype_step(){ global $conference_types; echo "

" . i18n("Please enter the name and type of this conference.") . "

"; + + echo '
'; echo ""; echo ""; $val = ''; if(array_key_exists('name', $_SESSION['conference_wizard'])){ $val = ' VALUE="' . $_SESSION['conference_wizard']['name'] . '" '; } - echo ""; + echo ""; echo ""; echo ""; echo ""; echo "
" . i18n("Conference Name") . "
" . i18n("Conference Type") . "
"; + echo "
"; } function handle_select_nametype_step(){ @@ -500,7 +514,8 @@ function build_select_conference_step(){ } echo "

" . i18n("Please select the conference that you wish to copy.") . "

"; - echo "
" . i18n("Conference to Copy:") . ""; + echo '
'; + echo ""; + echo ""; - echo ""; + echo ""; echo "
"; echo ""; - echo "
" . i18n("End this conference after copying it:") . ""; + echo "
"; echo ""; - echo "
" . i18n("End this conference after copying it") . "
" . i18n("Increment dates by a year:") . ""; + echo "
"; echo ""; - echo "
" . i18n("Increment dates by a year") . "
"; + echo '
'; } function handle_select_conference_step(){ @@ -541,8 +557,6 @@ function handle_select_conference_step(){ function build_enter_name_step(){ echo "

" . i18n("Please enter a name for this conference") . "

"; - echo ""; - echo ""; $val = ''; if(array_key_exists('name', $_SESSION['conference_wizard'])){ // get the value previously answered @@ -553,8 +567,7 @@ function build_enter_name_step(){ $result = mysql_fetch_assoc(mysql_query($query)); $val = ' VALUE="' . $result['name'] . '" '; } - echo ""; - echo "
" . i18n("Conference Name") . "
"; + echo "
"; } function handle_enter_name_step(){ @@ -800,10 +813,8 @@ function copy_conference($params){ $errorMessage .= roll($oldConfId, $newConfId, 'award_awards_projectcategories', "award_awards_id='{$r->id}'", array('award_awards_id' => $award_awards_id)); - $errorMessage .= roll($oldConfId, $newConfId, 'award_awards_projectdivisions', "award_awards_id='{$r->id}'", array('award_awards_id' => $award_awards_id)); - echo i18n("  Rolling award prizes")."
"; $errorMessage .= roll($oldConfId, $newConfId, 'award_prizes', "award_awards_id='{$r->id}'", array('award_awards_id' => $award_awards_id)); } @@ -939,7 +950,7 @@ function roll($oldConfId, $newConfId, $table, $where='', $replace=array()){ /* Skip year field */ if($k == 'year') continue; /* Skip conferences_id field */ - if($k == 'year') continue; + if($k == 'conferences_id') continue; $fields[] = $k; } diff --git a/testapi.php b/testapi.php index 0eb83c1..50fa25f 100644 --- a/testapi.php +++ b/testapi.php @@ -119,6 +119,14 @@ Link username to email? User Stuff View the user
+Invite a user:
+
+username:
+password:
+email address:
+role id:
+ +

Event Schedule

Schedule Listing
diff --git a/theme/default/sfiab.css b/theme/default/sfiab.css index 5537a0c..3f6ab05 100644 --- a/theme/default/sfiab.css +++ b/theme/default/sfiab.css @@ -756,56 +756,3 @@ ul.conferencenav li a:hover { .scheduleevent_tour { background: #CCFFD5; } -/* -#wizardWrapper{ - display: none; - position: absolute; - top: 0; - left: 0; - width: 100%; - height: 100%; -} -#wizardBackdrop{ - display: none; - position: absolute; - top: 0; - left: 0; - width: 100%; - height: 100%; - background-color: #383878; -} - -#wizard { - background-color: #E0E0FF; - border: 2px solid silver; - width: 40em; - margin-left:auto; - margin-right:auto; - top: 20%; -} - -#wizard h2{ - background-color: #1B86B7; - color: #FFF; - text-align:center; - padding:0; - margin:0; - margin-left:auto; - margin-right:auto; - border-bottom: 1px solid silver; -} - -#wizard p{ - margin: 0.5em; -} - -.wizard_content{ - background-color: #E0E0FF; - margin: 1em; -} - -.wizard_buttons{ - background-color: #1B86B7; - padding: 0.25em; -} -*/ diff --git a/user.inc.php b/user.inc.php index ced39c3..7dc9600 100644 --- a/user.inc.php +++ b/user.inc.php @@ -1113,7 +1113,7 @@ function api_user_auth_required($all_required = array(), $one_required = array() if(!isset($_SESSION['roles']) || !isset($_SESSION['accounts_id'])) { $ret['status']="error"; - $ret['error']="Not logged in"; + $returnval="Not logged in"; return $ret; } @@ -1140,14 +1140,14 @@ function api_user_auth_required($all_required = array(), $one_required = array() if(!$ok) { $ret['status']="error"; - $ret['error']="You do not have permission to access that information"; + $returnval="You do not have permission to access that information"; return $ret; } /* Forward to password expired, remember the target URI */ if($_SESSION['password_expired'] == true) { $ret['status']="error"; - $ret['error']="Your password has expired"; + $returnval="Your password has expired"; return $ret; } $ret['status']="ok"; @@ -1445,5 +1445,88 @@ function user_conference_load($accounts_id,$conferences_id) { //exit; } +// sends an invitation from the user currently logged in, to the new user info passed in the parameters +// returns the created user object on success, error message otherwise +function user_invite($username, $password, $email, $roles_id){ + global $roles, $conference; + $u = user_load($_SESSION['users_id']); + $ok = false; + $returnval = null; + $schoolId = null; + + $roletype = null; + foreach($roles as $t => $r){ + if($r['id'] == $roles_id){ + $roletype = $t; + break; + } + } + + if($roletype === null){ + $returnval = 'Invalid roles_id parameter'; + } + + // find out if this user has the necessary permission to invite another one + if(!is_array($u['roles'])){ + $returnval = 'You do not have a valid role for inviting users'; + } + + if(array_key_exists('admin', $u['roles'])){ + // This is an administrative user; they can invite people to any role they want. + $ok = true; + }else if(array_key_exists('teacher', $u['roles'])){ + // This is a teacher; they can add students. + + // make sure this teacher is tied to a school + if(array_key_exists('schools_id', $u) && $u['schools_id'] > 0){ + if($roletype == 'participant'){ + $ok = true; + $schoolId = $u['schools_id']; + }else{ + $returnval = 'You do not have permission to invite this role'; + } + }else{ + $returnval = 'You must be associated with a school to add participants'; + } + }else{ + $returnval = 'You do not have a role with permission to invite users'; + } + + if($returnval == null){ + // all fields have been passed in, let's go ahead and create the account/user/role + $newAccount = account_create($username, $password); + if(!is_array($newAccount)){ + switch($newAccount){ + case -1: $returnval = "Invalid username"; break; + case -2: $returnval = "Username already in use"; break; + case -3: $returnval = "Invalid password"; break; + } + } + } + + if($returnval == null){ + $newUser = user_create($newAccount['id'], $conference['id']); + if(!is_array($newUser)){ + $returnval = 'Error creating user'; + }else if($schoolId !== null){ + // schoolId is only defined if this is a teacher inviting a student + $newUser['schools_id'] = $schoolId; + user_save($newUser); + } + } + + if($returnval == null){ + $result = user_add_role($newUser, $roletype); + if($result == 'ok'){ + // if we made it here, then it all worked nicely + $returnval = user_load($newUser['id']); + }else{ + $returnval = "Error adding '$roletype' role: $result"; + } + } + + return $returnval; + +} ?>