function updateGroup($groupId, $groupName, $description, $type, $db) { // creates a group and adds the current user to it strip_tags($groupName); strip_tags($description); strip_tags($type); $qString = 'UPDATE groups SET name = :name, description = :description, projectType = :type WHERE id = :groupId'; $stm = $db->prepare($qString); if ($stm->execute(array(':name' => $groupName, ':description' => $description, ':type' => $type, ':groupId' => $groupId))) { if (addToGroup($userId, $db, getGroupId($groupName, $db), true)) { echo "<meta http-equiv='REFRESH' content='0;url=/?page=group'>"; } else { echo 'couldnt add to group!'; } } else { print_r($stm->errorInfo()); } }
$requestType = filter_input(INPUT_POST, 'type', FILTER_SANITIZE_STRING); $studentid = filter_input(INPUT_POST, 'studentid', FILTER_SANITIZE_NUMBER_INT); $groupid = filter_input(INPUT_POST, 'groupid', FILTER_SANITIZE_NUMBER_INT); $userid = filter_input(INPUT_POST, 'userid', FILTER_SANITIZE_NUMBER_INT); $userval = base64_decode(filter_input(INPUT_POST, 'userval', FILTER_SANITIZE_STRING)); $external = filter_input(INPUT_POST, 'external', FILTER_SANITIZE_STRING); $role = validateRequest($userid, $userval, $external); if (!$role) { failRequest("There was a problem validating your request"); } switch ($requestType) { case "ADDTOGROUP": if (!authoriseUserRoles($role, ["SUPER_USER", "STAFF"])) { failRequest("You are not authorised to complete that request"); } addToGroup($studentid, $groupid); break; case "REMOVEFROMGROUP": if (!authoriseUserRoles($role, ["SUPER_USER", "STAFF"])) { failRequest("You are not authorised to complete that request"); } removeFromGroup($studentid, $groupid); break; default: failRequest("There was a problem with your request, please try again."); break; } function addToGroup($studentid, $groupid) { $query1 = "SELECT `Link ID` FROM TUSERGROUPS WHERE `User ID` = {$studentid} AND `Group ID` = {$groupid};"; try {
if (session_status() === PHP_SESSION_NONE) { session_start(); } unset($_SESSION['id']); break; } } if (isset($_GET['action']) && $_GET['action'] == 'remove') { removeFromGroup($_GET['user'], $db, $group); echo "<meta http-equiv='REFRESH' content='0;url=/?page=group'>"; } else { if (isset($_GET['action']) && $_GET['action'] == 'add') { addToGroup($_GET['user'], $db, $group, false); } else { if (isset($_GET['action']) && $_GET['action'] == 'addMeToExisting') { if (addToGroup($userId, $db, $_GET['group'], false)) { echo "<meta http-equiv='REFRESH' content='0;url=/?page=group'>"; } } else { if (isset($_GET['action']) && $_GET['action'] == 'editGroup') { updateGroup($group, $_POST['name'], $_POST['description'], $_POST['type'], $db); } else { if (isset($_GET['action']) && $_GET['action'] == 'setLeader') { setLeader($group, $_GET['user'], $userId, $db); echo "<meta http-equiv='REFRESH' content='0;url=/?page=group'>"; } } } } } /* login/permissions check
} } } /*if(isset($_POST['setowner'])){ $sql = "UPDATE Groups SET owner='$_POST[newowner]' WHERE group=$_GET[group]'"; mysqli_query($conn, $sql); mysqli_error($conn); }*/ if (isset($_GET['group'])) { $group = $_GET['group']; //If submitted by group owner if ($_SESSION['username'] == getGroupOwner($group)) { //Add a user if (isset($_GET['add'])) { $user_to_add = mysqli_real_escape_string($_GET['add']); addToGroup($group, $user_to_add); } else { if (isset($_GET['remove'])) { $user_to_remove = mysqli_real_escape_string($_GET['remove']); removeFromGroup($group, $user_to_remove); } } //If group is private, add the "add/remove" user dialogue here. if (checkGroupPrivate($group)) { $output .= file_get_contents("templates/add-remove-users.html"); } $output .= "<form name='leave-group' method='post' action=''><label>Set new group admin:</label><input type='text' name='newowner'><input type='submit' value='Leave Group' name='setowner'></form>"; } else { if (getGroupMember($username, $group)) { //Everyone else then sees... $output .= "<form name='leave-group' method='post' action=''><input type='submit' text='Leave Group'></form>";
<?php include 'pdo.inc'; function testGetGroupId() { include 'groupHandler.php'; echo getGroupId('Group Name', $db); } function testNewPost($db) { include 'postHandler.php'; echo createNewPost($db, 12, 1, 'Testing'); } include 'groupHandler.php'; addToGroup(1, $db, 1, true); ?> <link rel="stylesheet" href="style.css" /> <br> <a class="button" href="/">Home</a>
if (convert_boolean($project[PA_PROJECT_TABLE_FIELDNAME::EXPIRED])) { // Don't create groups and members for expired projects continue; } // FIXME: If I had attributes, I could skip trying to recreate the group here if it already exists // create group $created = irods_create_group($project_id, $project[PA_PROJECT_TABLE_FIELDNAME::PROJECT_NAME], $user); $group_name = group_name($project[PA_PROJECT_TABLE_FIELDNAME::PROJECT_NAME]); if ($created === 0) { error_log("irods.php created group for already existing project {$group_name} cause of page load by " . $user->prettyName()); } // If the group was created, then this user was added // But if the group already existed and we just created their iRODS account, then we must add them to the group if ($created === 1 and $didCreate) { // add user to group $added = addToGroup($project_id, $group_name, $user->account_id, $user); if ($added === -1) { error_log("FAILed to add {$username} to iRODS group {$group_name}"); } } } } // Now show a page with the result show_header('GENI Portal: Profile'); include "tool-breadcrumbs.php"; include "tool-showmessage.php"; ?> <h1>iRODS Account</h1> <p>iRODS is a server for storing data about your experiments. It is used by the GIMI and GEMINI Instrumentation and Measurement systems.</p> <?php if ($didCreate) {
function irods_modify_group_members($project_id, $members_to_add, $members_to_remove, $user, $result) { // error_log("irods asked to modify group members for project $project_id"); // Note this function must bail if result suggests an error of some kind // $result is a triple if (isset($result) and is_array($result) and array_key_exists(RESPONSE_ARGUMENT::CODE, $result) and $result[RESPONSE_ARGUMENT::CODE] != RESPONSE_ERROR::NONE) { error_log("iRODS: Result of modify_membership suggests an error. Nothing to do. Got result: " . print_r($result, true)); return; } if ((!isset($members_to_add) or !is_array($members_to_add) or count($members_to_add) == 0) and (!isset($members_to_remove) or !is_array($members_to_remove) or count($members_to_remove) == 0)) { error_log("iRODS: 0 members to add or remove. nothing to do."); return; } if (!isset($project_id) || $project_id == "-1" || !uuid_is_valid($project_id)) { error_log("irods_modify_group_members: not a valid project ID. Nothing to do. {$project_id}"); return; } global $disable_irods; if (isset($disable_irods)) { error_log("irodsModifyGroupMembers: disable_irods was set. Doing nothing."); return -1; } if (!isset($sa_url)) { $sa_url = get_first_service_of_type(SR_SERVICE_TYPE::SLICE_AUTHORITY); if (!isset($sa_url) || is_null($sa_url) || $sa_url == '') { error_log("iRODS Found no SA in SR!'"); } } // must get project name and then groupname $project = lookup_project($sa_url, $user, $project_id); $project_name = $project[PA_PROJECT_TABLE_FIELDNAME::PROJECT_NAME]; $group_name = group_name($project_name); // $members_to_add is a dictionary of {member_id => role, ....} if (isset($members_to_add)) { foreach (array_keys($members_to_add) as $member_id) { $added = addToGroup($project_id, $group_name, $member_id, $user); } } if (isset($members_to_remove)) { foreach ($members_to_remove as $member_id) { $removed = removeFromGroup($project_id, $group_name, $member_id, $user); } } }