From fe4c9517b7aa08c147bfe949862aa13b2f64537c Mon Sep 17 00:00:00 2001
From: patrick <patrick@algolibre.io>
Date: Wed, 5 Mar 2025 14:10:25 +0000
Subject: [PATCH] Provide passwords for new speciality accounts in email

---
 user.inc.php | 136 +++++++++++++++++++++++++++++++++++----------------
 user_new.php |   2 +-
 2 files changed, 96 insertions(+), 42 deletions(-)

diff --git a/user.inc.php b/user.inc.php
index 1e8555f2..0f319bb0 100644
--- a/user.inc.php
+++ b/user.inc.php
@@ -24,9 +24,10 @@
  */
 ?>
 <?
-require_once ('helper.inc.php');
+require_once('helper.inc.php');
 
-$user_what = array('student' => 'Participant',
+$user_what = array(
+	'student' => 'Participant',
 	'judge' => 'Judge',
 	'committee' => 'Committee Member',
 	'volunteer' => 'Volunteer',
@@ -36,7 +37,8 @@ $user_what = array('student' => 'Participant',
 	'teacher' => 'Teacher',
 	'parent' => 'Parent',
 	'alumni' => 'Alumni',
-	'mentor' => 'Mentor');
+	'mentor' => 'Mentor'
+);
 $user_types = array_keys($user_what);
 
 function user_valid_type($type)
@@ -103,8 +105,12 @@ function user_load_judge(&$u)
 	//	$u['highest_psd'] = $u['highest_psd'];
 
 	/* Sanity check the arrays, make sure they are arrays */
-	$should_be_arrays = array('cat_prefs', 'div_prefs',
-		'divsub_prefs', 'languages');
+	$should_be_arrays = array(
+		'cat_prefs',
+		'div_prefs',
+		'divsub_prefs',
+		'languages'
+	);
 	foreach ($should_be_arrays as $k) {
 		if (!is_array($u[$k]))
 			$u[$k] = array();
@@ -202,6 +208,7 @@ function user_load($user, $uid = false)
 			LEFT JOIN `users_mentor` ON `users_mentor`.`users_id`=`users`.`id` 
 			LEFT JOIN `users_alumni` ON `users_alumni`.`users_id`=`users`.`id` 
 			WHERE ';
+
 	if ($uid != false) {
 		$uid = intval($uid);
 		$query .= "`users`.`uid`='$uid' ORDER BY `users`.`year` DESC LIMIT 1";
@@ -209,6 +216,8 @@ function user_load($user, $uid = false)
 		$id = intval($user);
 		$query .= "	`users`.`id`='$id'";
 	}
+
+
 	$q = $pdo->prepare($query);
 	$q->execute();
 
@@ -221,6 +230,7 @@ function user_load($user, $uid = false)
 
 	$ret = $q->fetch(PDO::FETCH_ASSOC);
 
+
 	/*
 	 * echo "ret looks like: ";
 	 * echo "<pre>";
@@ -342,7 +352,7 @@ function user_set_password($id, $password = NULL)
 	global $pdo;
 	/* pass $u by reference so we can update it */
 	$save_old = false;
-	if ($password == NULL) {
+	if ($password == NULL || $passwrd = "") {
 		$q = $pdo->prepare('SELECT passwordset FROM users WHERE id=?');
 		$q->execute([$id]);
 		$u = $q->fetch(PDO::FETCH_ASSOC);
@@ -417,8 +427,16 @@ function user_save_volunteer($u)
 
 function user_save_committee($u)
 {
-	$fields = array('committee_complete', 'committee_active', 'emailprivate', 'ord', 'displayemail', 'access_admin',
-		'access_config', 'access_super');
+	$fields = array(
+		'committee_complete',
+		'committee_active',
+		'emailprivate',
+		'ord',
+		'displayemail',
+		'access_admin',
+		'access_config',
+		'access_super'
+	);
 	user_save_type_list($u, 'users_committee', $fields);
 	committee_status_update($u);
 }
@@ -426,10 +444,23 @@ function user_save_committee($u)
 // two new fields added: private_info and flagged_judge
 function user_save_judge($u)
 {
-	$fields = array('judge_active', 'judge_complete', 'years_school', 'years_regional', 'years_national',
-		'willing_chair', 'special_award_only',
-		'cat_prefs', 'div_prefs', 'divsub_prefs',
-		'expertise_other', 'languages', 'highest_psd', 'private_info', 'flagged_judge');
+	$fields = array(
+		'judge_active',
+		'judge_complete',
+		'years_school',
+		'years_regional',
+		'years_national',
+		'willing_chair',
+		'special_award_only',
+		'cat_prefs',
+		'div_prefs',
+		'divsub_prefs',
+		'expertise_other',
+		'languages',
+		'highest_psd',
+		'private_info',
+		'flagged_judge'
+	);
 	user_save_type_list($u, 'users_judge', $fields);
 }
 
@@ -465,7 +496,9 @@ function user_save(&$u)
 {
 	global $pdo;
 	/* Add any new types */
+
 	$added = array_diff($u['types'], $u['orig']['types']);
+
 	foreach ($added as $t) {
 		if (!user_add_role_allowed($t, $u)) {
 			echo "HALT: user can't add this type";
@@ -476,11 +509,27 @@ function user_save(&$u)
 		$q->execute([$u['id']]);
 	}
 
-	$fields = array('salutation', 'firstname', 'lastname', 'username',
+	$fields = array(
+		'salutation',
+		'firstname',
+		'lastname',
+		'username',
 		'email',
-		'phonehome', 'phonework', 'phonecell', 'fax', 'organization',
-		'address', 'address2', 'city', 'province', 'postalcode', 
-		'firstaid', 'cpr', 'types', 'lang');
+		'phonehome',
+		'phonework',
+		'phonecell',
+		'fax',
+		'organization',
+		'address',
+		'address2',
+		'city',
+		'province',
+		'postalcode',
+		'firstaid',
+		'cpr',
+		'types',
+		'lang'
+	);
 
 	$set = '';
 	foreach ($fields as $f) {
@@ -508,9 +557,11 @@ function user_save(&$u)
 		show_pdo_errors_if_any($pdo);
 	}
 
+	echo '<pre>'; var_dump($u['password']); var_dump($u['orig']['password']); echo '</pre>';
+
 	/* Save the password if it changed */
-	if ($u['password'] != $u['orig']['password'])
-		user_set_password($u['id'], $u['password']);
+	if (($u['password'] == "") || ($u['password'] != $u['orig']['password']))
+		$u['password'] = user_set_password($u['id'], $u['password']);
 
 	if (count($u['types'])) {
 		/* Save types */
@@ -804,33 +855,34 @@ function user_create($type, $username, $u = NULL)
 	global $config;
 	global $pdo;
 	if (!is_array($u)) {
-		$stmt = $pdo->prepare("INSERT INTO users (`types`,`username`,`passwordset`,`created`,`year`,`deleted`) 
-			VALUES (?,?,'0000-00-00', NOW(),?,'no')");
-		$stmt->execute([$type, $username, $config['FAIRYEAR']]);
-		show_pdo_errors_if_any($pdo);
-		$uid = $pdo->lastInsertId();
+		try {
+			$stmt = $pdo->prepare("INSERT INTO users (`types`,`username`,`passwordset`,`created`,`year`,`deleted`) VALUES (?,?,'0000-00-00', NOW(),?,'no')");
+			$stmt->execute([$type, $username, $config['FAIRYEAR']]);
+			$uid = $pdo->lastInsertId();
 
-		if (user_valid_email($username)) {
-			$stmt = $pdo->prepare('UPDATE users SET email=? WHERE id=?');
-			$stmt->execute([$username, $uid]);
-		}
+			if (user_valid_email($username)) {
+				$stmt = $pdo->prepare('UPDATE users SET email=? WHERE id=?');
+				$stmt->execute([$username, $uid]);
+			}
 
-		$stmt = $pdo->prepare('UPDATE users SET uid=? WHERE id=?');
-		$stmt->execute([$uid, $uid]);
-		show_pdo_errors_if_any($pdo);
+			$stmt = $pdo->prepare('UPDATE users SET uid=? WHERE id=?');
+			$stmt->execute([$uid, $uid]);
 
-		/*
+			/*
 		 * Since the user already has a type, user_save won't create this
 		 * entry for us, so do it here
 		 */
-		$stmt = $pdo->prepare("INSERT INTO users_$type (users_id) VALUES(?)");
-		$stmt->execute([$uid]);
-		show_pdo_errors_if_any($pdo);
-		/* Load the complete user */
-		$u = user_load($uid);
-		//	echo "user_create / user_load($uid) returned <pre>";
-		//	print_r($u);
-		//	echo "</pre>";
+			$stmt = $pdo->prepare("INSERT INTO users_$type (users_id) VALUES(?)");
+			$stmt->execute([$uid]);
+
+			/* Load the complete user */
+			$u = user_load($uid);
+			//	echo "user_create / user_load($uid) returned <pre>";
+			//	print_r($u);
+			//	echo "</pre>";
+		} catch (PDOException $exception) {
+			error_log($exception);
+		}
 	} else {
 		/*
 		 * The user has been specified and already exists,
@@ -1016,8 +1068,10 @@ function user_personal_info_status(&$u)
 {
 	$required = array();
 	foreach ($u['types'] as $t) {
-		$required = array_merge($required,
-			user_personal_required_fields($t));
+		$required = array_merge(
+			$required,
+			user_personal_required_fields($t)
+		);
 	}
 	foreach ($required as $r) {
 		$val = trim($u[$r]);
diff --git a/user_new.php b/user_new.php
index 2b51cbf8..e9bf757e 100644
--- a/user_new.php
+++ b/user_new.php
@@ -200,7 +200,7 @@ switch ($action) {
 		}
 
 		/*
-		 * If we havne't encountered a break; or an exit; yet, then go ahead
+		 * If we haven't encountered a break; or an exit; yet, then go ahead
 		 * and create the account
 		 */