Add account/view api

2010-10-01 21:04:05 +00:00 · 2010-10-01 21:04:05 +00:00 · f0b362eff7
commit f0b362eff7
parent a92544bbea
2 changed files with 59 additions and 39 deletions
--- a/account.inc.php
+++ b/account.inc.php
@ -91,7 +91,18 @@ function account_set_password($accounts_id, $password = NULL)
 function account_load($id)
 {
 	$id = intval($id);
-	$q = mysql_query("SELECT * FROM accounts WHERE id='$id'");
+	//we dont want password or the pending email code in here 
+	$q = mysql_query("SELECT id,
+	username,
+	link_username_to_email,
+	passwordset,
+	email,
+	pendingemail,
+	superuser,
+	deleted,
+	deleted_datetime,
+	created
+	 FROM accounts WHERE id='$id'");
 	if(mysql_num_rows($q) == 0) {
 		return false;
 	}
--- a/api.php
+++ b/api.php
@ -209,41 +209,58 @@ switch($request[0]) {
 	break;

 	case "account":
-		/*	APIDOC: account/create
-			description(creates an account)
-			post(username varchar(64), password varchar(64), email varchar(64) optional)
-			return(account array)
-		*/
-		if($request[1]=="create") {
-			$user = trim($_POST['username']);
-			$pass = trim($_POST['password']);
-			$email = trim($_POST['email']);
-			if($user && $pass) {
-				$a=account_create($user,$pass);
-				if(is_array($a)) {
-					if($email)
-						account_set_email($a['id'],$email);
-					$account=account_load($a['id']);
-					$ret['status']="ok";
-					$ret['account']=$account;
+		switch($request[1]) {
+			/*	APIDOC: account/create
+				description(creates an account)
+				post(username varchar(64), password varchar(64), email varchar(64) optional)
+				return(account array)
+			*/
+			case 'create':
+				$user = trim($_POST['username']);
+				$pass = trim($_POST['password']);
+				$email = trim($_POST['email']);
+				if($user && $pass) {
+					$a=account_create($user,$pass);
+					if(is_array($a)) {
+						if($email)
+							account_set_email($a['id'],$email);
+						$account=account_load($a['id']);
+						$ret['status']="ok";
+						$ret['account']=$account;
+					}
+					else {
+						$ret['status']="error";
+						switch($a) {
+							case -1: $ret['error']="invalid username"; break;
+							case -2: $ret['error']="username already exists"; break;
+							case -3: $ret['error']="invalid password"; break;
+							default: $ret['error']="unknown account creation error"; break;
+						}
+					}
+				} else {
+					$ret['status']="error";
+					$ret['error']="username (varchar 64) and password (varchar 64) are required ";
+				}
+			break;
+
+			/*	APIDOC: account/view
+				description(view account information for currently logged in account)
+				return(account array)
+			*/
+			case 'view':
+				if(isset($_SESSION['accounts_id'])) {
+					$a = account_load($_SESSION['accounts_id']);
+					$ret['status']='ok';
+					$ret['account']=$a;
 				}
 				else {
 					$ret['status']="error";
-					switch($a) {
-						case -1: $ret['error']="invalid username"; break;
-						case -2: $ret['error']="username already exists"; break;
-						case -3: $ret['error']="invalid password"; break;
-						default: $ret['error']="unknown account creation error"; break;
-					}
+					$ret['error']="You are not logged in";
 				}
-			} else {
+			break;
+			default:
 				$ret['status']="error";
-				$ret['error']="username (varchar 64) and password (varchar 64) are required ";
-			}
-		}
-		else {
-			$ret['status']="error";
-			$ret['error']="invalid account command";
+				$ret['error']="invalid account command";
 		}
 	break;

@ -429,7 +446,6 @@ switch($request[0]) {
 			break;
 		}

-		require_once("so_teams.inc.php");
 		switch($request[1]) {
 			/*	APIDOC: user/view
 				description(view user information for current conference)
@ -499,13 +515,6 @@ echo json_encode($ret);
 			return(schools array)
 		*/

-		/*	APIDOC: account/edit
-			notimplemented
-			description(edit account information)
-			post(account array)
-			return(account array)
-		*/
-


 		/*	APIDOC: user/connect_teacher_to_school