/**
* Takes a system name and checks if it's a class or user. If it's a class,
* makes sure that the local DB is synchronized with the class data,
* otherwise, checks the user db
*/
function synchronizeLocalUserAndClassDB($systemName)
{
global $cfg;
if ($systemName == 'everyone' || $systemName == 'institute') {
return;
}
if (isclass($systemName)) {
// it's a class code
synchronizeClassDBFromCode($systemName);
} else {
// we're going to assume this is a user
// look up their email address & full name
$unames = userlookup($systemName, LDAP_USER, LDAP_EXACT, LDAP_LASTNAME, 0, true);
$info = $unames[$systemName];
$fullname = $info[0];
$email = $info[1];
$type = $info[2];
// we're going to assume the loginMethod is LDAP -- THIS COULD BE A STUPID MOVE! (remember, this is a hack)
synchronizeUserDB($systemName, $email, $fullname, $type, $cfg["network"] == "kenyon" ? "pam" : "ldap");
// done and done.
}
// that should do it...
}
}
}
/******************************************************************************
* Delete student from a class site
******************************************************************************/
if ($_REQUEST['action'] == "delete" && $_REQUEST['delstudent']) {
$query = "\n\t\tDELETE\n\t\tFROM\n\t\t\tugroup_user\n\t\tWHERE\n\t\t\tFK_ugroup = '" . addslashes($_REQUEST['ugroup_id']) . "'\n\t\t\t\tAND\n\t\t\tFK_user = '******'delstudent']) . "'\t\n\t";
db_query($query);
}
/******************************************************************************
* Lookup a student in userlookup
******************************************************************************/
if ($_REQUEST[n]) {
//include("config.inc.php");
//include("functions.inc.php");
$usernames = userlookup($_REQUEST[n], LDAP_BOTH, LDAP_WILD, LDAP_LASTNAME, 0);
}
/******************************************************************************
* Site Owner add student UI: get students in the class
******************************************************************************/
if (isset($_REQUEST[name])) {
//$ugroup_name = $_REQUEST[name];
$ugroup_id = db_get_value("ugroup", "ugroup_id", "ugroup_name = '" . addslashes($_REQUEST[name]) . "'");
// if the slot name has no group id then must be a grouped site
if (!isset($ugroup_id)) {
$classlist = group::getClassesFromName($_REQUEST[name]);
if (is_array($classlist)) {
$list = implode(", ", $classlist);
$ugroup_id = db_get_value("ugroup", "ugroup_id", "ugroup_name = '" . $classlist[0] . "'");
$class_id = $_REQUEST[name];
} else {
$errorPrinter->doError(500, 'Invalid configuration: DATAPORT_SEGUE1_SECRET_KEY is not defined.');
}
if (!defined('DATAPORT_SEGUE1_SECRET_VALUE')) {
$errorPrinter->doError(500, 'Invalid configuration: DATAPORT_SEGUE1_SECRET_VALUE is not defined.');
}
if (!isset($_GET[DATAPORT_SEGUE1_SECRET_KEY])) {
$errorPrinter->doError(403, 'Invalid Key/Password combination.');
}
if ($_GET[DATAPORT_SEGUE1_SECRET_KEY] != DATAPORT_SEGUE1_SECRET_VALUE) {
$errorPrinter->doError(403, 'Invalid Key/Password combination.');
}
if (!isset($_GET['user']) || !strlen($_GET['user'])) {
$errorPrinter->doError(400, 'No user specified.');
}
// Validate the username
$usernames = @userlookup($_REQUEST['user'], LDAP_BOTH, LDAP_WILD, LDAP_LASTNAME, 0);
if (!is_array($usernames)) {
$errorPrinter->doError(400, "Invalid user, '" . $_GET['user'] . "'.");
}
$nameGood = false;
foreach ($usernames as $uname => $fname) {
if ($_GET['user'] === $uname && strlen($fname)) {
$nameGood = true;
break;
}
}
if (!$nameGood) {
$errorPrinter->doError(400, "Invalid user, '" . $_GET['user'] . "'. Did you mean one of the following? <div style='margin-left: 20px;'>" . implode(" <br/>", array_keys($usernames)) . "</div>");
}
// Start the output
header('Content-Type: text/xml');
function ldapfname($uname)
{
$uname = strtolower($uname);
if (isgroup($uname)) {
return "Students in group";
}
if (isclass($uname)) {
return "Students in class";
}
if ($fname = db_get_value("user", "user_fname", "user_uname='" . addslashes($uname) . "'")) {
return $fname;
}
$r = userlookup($uname, LDAP_USER, LDAP_EXACT, LDAP_LASTNAME, 1);
return $r[$uname];
}
