arman/science-ation
1
1
Fork 0
forked from science-ation/science-ation
Code Pull Requests Activity
de52f85ec3
science-ation/user_roles.php
dave de52f85ec3 Use a second list for "other things to do". Things like the account 
info and role info don't need to be complete/incomplete
2010-08-08 17:15:17 +00:00

183 lines
6.7 KiB
PHP
Raw Blame History

<?
/*
This file is part of the 'Science Fair In A Box' project
SFIAB Website: http://www.sfiab.ca
Copyright (C) 2005 Sci-Tech Ontario Inc <info@scitechontario.org>
Copyright (C) 2005 James Grant <james@lightbox.org>
Copyright (C) 2007 David Grant <dave@lightbox.org>
This program is free software; you can redistribute it and/or
modify it under the terms of the GNU General Public
License as published by the Free Software Foundation, version 2.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; see the file COPYING. If not, write to
the Free Software Foundation, Inc., 59 Temple Place - Suite 330,
Boston, MA 02111-1307, USA.
*/
?>
<?
require_once('common.inc.php');
require_once('user.inc.php');
require_once('user_edit.inc.php');
/* Ensure they're logged in as something, anything */
user_auth_required();
$edit_id = isset($_GET['users_id']) ? intval($_GET['users_id']) : $_SESSION['users_id'];
if($edit_id != $_SESSION['users_id'])
user_auth_required('admin');
else
user_auth_required();
$u = user_load($edit_id);
/* Validate the incoming role, make sure it is actually a role */
$role = '';
if($_GET['action'] != '') {
$role = $_GET['role'];
if(!array_key_exists($role, $roles)) {
echo "ERROR: not an allowed role.";
exit;
}
/* We're not adding a role, but this checks to see if
* the user is allowed to be associated with this role, we don't
* want a student to deactivate a committee role, which would
* set the 'active' to 'no', but would create the 'committee' entry
* in the roles array, making them part of that role suddenly. We
* also check for this case below to prevent it */
if(!user_add_role_allowed($u, $role)) {
/* If we get in here, someone is hand crafting URLs */
echo "HALT: invalid role to manipulate for this user.";
exit;
}
}
switch($_GET['action']) {
case 'delete':
//okay here we go, lets get rid of them completely, since this is what theyve asked for
message_push(happy(i18n("Account successfully deleted. Goodbye")));
user_delete($u);
header('location: user_login.php?action=logout');
exit;
case 'remove':
/* Like delete, only we're only deleting a role, not the whole account */
happy_("{$roles[$role]['name']} role successfully removed.");
echo error(i18n("Permanently Removed"));
user_delete($u, $role);
exit;
case 'activate':
if(!array_key_exists($role, $u['roles'])) {
/* Hand crafting URLs? */
echo "HALT: can't activate a role the user doesn't have";
exit;
}
$u['roles'][$role]['active'] = 'yes';
user_save($u);
happy_("{$roles[$role]['name']} role for %1 successfully activated",array($config['FAIRYEAR']));
echo happy(i18n("Active"));
exit;
case 'deactivate':
if(!array_key_exists($role, $u['roles'])) {
/* Hand crafting URLs? */
echo "HALT: can't deactivate a role the user doesn't have";
exit;
}
$u['roles'][$role]['active'] = 'no';
user_save($u);
happy_("{$roles[$role]['name']} role for %1 successfully deactivated",array($config['FAIRYEAR']));
echo error(i18n("Deactivated"));
exit;
}
?>
<h4><?=i18n("Roles")?></h4>
<?
echo '<ul>';
echo '<li>'.i18n("An <b>Active Role</b> indicates you would like to participate in the %1 %2 as that role (Judge, Volunteer, etc.)",array($config['FAIRYEAR'],$config['fairname']));
echo '</li><li>'.i18n("A <b>Deactivated Role</b> indicates you cannot participate in the deactivated roles this year, but would like remain on the mailing lists for future years. You can activate your deactivated role at any time.");
echo '</li><li>'.i18n("The <b>Remove Role</b> button completely deletes the role from your account. You will not receive future emails for the removed role. This action cannot be undone.");
echo '</li><li>'.i18n("The <b>Delete Entire Account</b> button at the bottom of the page completely deletes your entire account. You will not receive any future email for any roles. It completely removes you from the system. This action cannot be undone.");
echo '</ul>';
?>
<script type="text/javascript">
function activate(role)
{
$("#status_"+role).load("<?=$config['SFIABDIRECTORY']?>/user_roles.php?action=activate&users_id=<?=$u['id']?>&role="+role,$('#rolesform').serializeArray());
$("#activate_"+role).attr('disabled', 'disabled');
$("#deactivate_"+role).removeAttr('disabled');
$("#remove_"+role).removeAttr('disabled');
}
function deactivate(role)
{
$("#status_"+role).load("<?=$config['SFIABDIRECTORY']?>/user_roles.php?action=deactivate&users_id=<?=$u['id']?>&role="+role,$('#rolesform').serializeArray());
$("#activate_"+role).removeAttr('disabled');
$("#deactivate_"+role).attr('disabled', 'disabled');
$("#remove_"+role).attr('disabled', 'disabled');
}
function remove(role)
{
var con = confirmClick("<?=i18n("Are you sure you want to remove this role from your account?\\nThis action cannot be undone.")?>");
if(con == true) {
$("#status_"+role).load("<?=$config['SFIABDIRECTORY']?>/user_roles.php?action=remove&users_id=<?=$u['id']?>&role="+role,$('#rolesform').serializeArray());
$("#activate_"+role).attr('disabled', 'disabled');
$("#deactivate_"+role).attr('disabled', 'disabled');
$("#remove_"+role).attr('disabled', 'disabled');
}
}
</script>
<form id="rolesform">
<?
foreach(array_keys($u['roles']) as $r) {
echo '<h3>'.i18n("Role: {$roles[$r]['name']}").'</h3>';
echo "<div id=\"status_$r\">";
if($u['roles'][$r]['active'] == 'yes') {
echo happy(i18n('Active'));
$a = 'disabled="disabled"';
$d = '';
} else {
echo notice(i18n('Deactivated'));
$a = '';
$d = 'disabled="disabled"';
}
?>
</div>
<table><tr><td>
<input style="width: 200px;" id="activate_<?=$r?>" <?=$a?> onclick="activate('<?=$r?>');return false;" type="submit" value="<?=i18n("Activate Role")?>">
</td><td>
<input style="width: 200px;" id="deactivate_<?=$r?>"<?=$d?> onclick="deactivate('<?=$r?>');return false;" type="submit" value="<?=i18n("Deactivate Role")?>">
</td><td>
<input style="width: 200px;" id="remove_<?=$r?>"<?=$d?> onclick="remove('<?=$r?>');return false;" type="submit" value="<?=i18n("Remove Role")?>">
</td></tr></table>
<br />
<hr />
<?
}
?>
</form>
<form method="post" action="<?=$config['SFIABDIRECTORY']?>/user_roles.php?action=delete&users_id=<?=$u['id']?>" >
<input style="width: 300px;" onclick="return confirmClick('<?=i18n("Are you sure you want to completely delete your account?\\nDoing so will remove you from our mailing list for future years and you will never hear from us again.\\nThis action cannot be undone.")?>');"
type="submit" value="<?=i18n("Delete Entire Account")?>">
</form>
View Git Blame Copy Permalink