forked from science-ation/science-ation
Properly update the session roles from the API side
Allow (u) to be empty if we dont have it, we can get it from the session users_id
This commit is contained in:
parent
241618c74f
commit
f225787e39
11
api.php
11
api.php
@ -584,10 +584,7 @@ switch($request[0]) {
|
|||||||
switch($addstatus) {
|
switch($addstatus) {
|
||||||
case "ok":
|
case "ok":
|
||||||
$ret['status']="ok";
|
$ret['status']="ok";
|
||||||
$roleName = mysql_result(mysql_query("SELECT type FROM roles WHERE id = $role_id"), 0);
|
updateSessionRoles();
|
||||||
if(!in_array($roleName, $_SESSION['roles'])){ // because account_add_role will return "ok" if they already have this role
|
|
||||||
$_SESSION['roles'][] = $roleName;
|
|
||||||
}
|
|
||||||
break;
|
break;
|
||||||
case "invalidrole": $ret['status']="error"; $ret['error']="Invalid role"; break;
|
case "invalidrole": $ret['status']="error"; $ret['error']="Invalid role"; break;
|
||||||
case "invalidaccount": $ret['status']="error"; $ret['error']="Invalid account"; break;
|
case "invalidaccount": $ret['status']="error"; $ret['error']="Invalid account"; break;
|
||||||
@ -616,11 +613,7 @@ switch($request[0]) {
|
|||||||
switch($removestatus) {
|
switch($removestatus) {
|
||||||
case "ok":
|
case "ok":
|
||||||
$ret['status']="ok";
|
$ret['status']="ok";
|
||||||
$roleName = mysql_result(mysql_query("SELECT type FROM roles WHERE id = $role_id"), 0);
|
updateSessionRoles();
|
||||||
$key = array_search($roleName, $_SESSION['roles']);
|
|
||||||
if($key !== false){
|
|
||||||
unset($_SESSION['roles'][$key]);
|
|
||||||
}
|
|
||||||
break;
|
break;
|
||||||
case "invalidrole": $ret['status']="error"; $ret['error']="Invalid role"; break;
|
case "invalidrole": $ret['status']="error"; $ret['error']="Invalid role"; break;
|
||||||
case "invalidaccount": $ret['status']="error"; $ret['error']="Invalid account"; break;
|
case "invalidaccount": $ret['status']="error"; $ret['error']="Invalid account"; break;
|
||||||
|
@ -906,7 +906,10 @@ function try_login($user, $pass)
|
|||||||
/* Login successful */
|
/* Login successful */
|
||||||
return $r['id'];
|
return $r['id'];
|
||||||
}
|
}
|
||||||
function updateSessionRoles($u) {
|
function updateSessionRoles($u=null) {
|
||||||
|
if(!$u)
|
||||||
|
$u=users_load($_SESSION['user_id']);
|
||||||
|
|
||||||
$_SESSION['roles']=array();
|
$_SESSION['roles']=array();
|
||||||
foreach($u['roles'] AS $r=>$rd) {
|
foreach($u['roles'] AS $r=>$rd) {
|
||||||
if($rd['active']=="yes")
|
if($rd['active']=="yes")
|
||||||
|
Loading…
Reference in New Issue
Block a user