This post won’t be of much use to most of you who read this blog, but just incase anyone who needs this miraculously finds it, I thought I’d write it up.
Update: (Hopefully) fixed a bug where a user would be assigned exec-member status regardless of their actual position. The changes are in the IF(… $_POST['exec/member'] == TRUE) to IF(… == ‘True’).
Anyway, when making the new Warwick Comedy Society website, I wanted to somehow link the permissions on the website with data pulled from the SU website about people’s membership. I found that the SU has an API for this, which is fairly simple. Unfortunately, however, the only example it gave was in ASP, which was completely unsuitable for my purposes, and the rest of the documentation was pretty poor. Likewise, the documentation for WordPress permissions, while fairly thorough, lacked easy to find/follow information about how to programatically change people’s user groups/levels. After a bit of experimentation, I came up with the code you see below.
To see it in action, click here.
Usage:
- You will need to make your WordPress installation process PHP code within pages. To do this, I personally use the Exec-PHP plugin, which is pretty simple, works well and has good control over who can use PHP (it is not advisable to let anyone not explicitly trusted run PHP, it would be pretty easy to destroy a site using it).
- Set up a page on the SU website to allow members to get their API key. This is done by placing “{membershipapi}” on a page using the SU page editor. I would advise using a separate page just for this, and putting an explanation on the page incase people find it by accident.
- Create a new page in WordPress and copy the code below. You need to change the values in the /* SETTINGS */ section to match what you want. I have left some default information to try and help. To read more about WordPress groups and permissions, see here.
Notes:
- You use this code at your own risk and I bear no responsibility for what happens to your website as a result.
- If you use the Role Scoper plugin, there are 3 lines near the end that are commented out that you will want to uncomment. Just delete the // at the beginning of the lines “with mysql_query(…” in to do this.
- The code protects user 1 (the default admin of a WordPress installation) from changing their admin status through using the linker. It is unlikely you will need to change this, though if you do, just change instances of “$current_user->ID != 1″ to whatever you want.
- This linker will not update user statuses unless they themselves press refresh. I may release another page later for admin usage that refreshes all users.
- You are free to modify this code how you please, though I would be grateful if you gave me some recognition for it. I have added an attribution at the end of the code, but you are free to remove it if you wish, though I would rather you didn’t.
Hope this helps people, and if you have any questions, just post a comment here and I’ll try to reply.
/* SETTINGS */
//Society API key – long key found in "membership api" of the warwicksu.com society admin pages
$soc_apikey = ”;
//API address – the location on warwicksu.com where members can find their key
$member_api_url = ‘http://www.warwicksu.com/societies/…’;
//Exec user group – WordPress group for exec members
$exec_group = ‘editor’;
//Member user group – WP group for society members
$member_group = ‘contributor’;
//Base user group – WP group for non members
$base_group = ‘subscriber’;
//User levels – no longer important for base WP, but used in case of old plugins
$exec_level = 7;
$member_level = 1;
$base_level = 0;
/* CODE – Do not change below this line. */
global $current_user;
get_currentuserinfo();
/* See http://codex.wordpress.org/Function_Reference/get_currentuserinfo */
if (” == $current_user->ID)
{
/* No login data found */
?>
You are not logged in, please <a href=’wp-login.php’>login</a> first.<br />
Please note that you need to <a href=’wp-login.php?action=register’>register</a> on this site before logging in.<br />
Your university account will NOT work on this site.<br />
<?php
}
else
{
/* Find which stage of the linker we are up to. */
if($_POST[‘stage’] == ”)
{
$page = 1;
}
else
{
$page = $_POST[‘stage’];
}
switch($page)
{
case 1:
/* Find whether user has already given information. */
$apikey = get_usermeta($current_user->ID, ‘warwick_apikey’);
if($apikey == ”)
{
/* Get api key */
?>
This process will gather information about you from the Union website. To do this we need a personal information key, which can be found <a href=’<?php echo $member_api_url ?>‘>here</a>. You will need to be logged into the Union website.<br />
<form action="membership-linker" method="post">
<input type="hidden" name="stage" value="2" />
Key:<input type="text" name="key" />
<input type="submit" value="Submit" />
</form>
<?php
}
else
{
/* Show info stored about user */
$member = get_usermeta($current_user->ID, ‘warwick_member’);
$exec = get_usermeta($current_user->ID, ‘warwick_exec’);
$fname = get_usermeta($current_user->ID, ‘warwick_fname’);
$lname = get_usermeta($current_user->ID, ‘warwick_lname’);
$uniID = get_usermeta($current_user->ID, ‘warwick_uni_id’);
$email = get_usermeta($current_user->ID, ‘warwick_email’);
echo "We have the following information stored about you:<br />";
echo "Member: $member <br /> Exec: $exec <br /> Name: $fname $lname <br />";
echo "Student ID: $uniID <br /> Email: $email <br /> API key: $apikey <br />";
?>
If you wish to remove this data from our system, press the delete button below.<br />
Please note that this will revert your site access back to basic access.<br />
<form action="membership-linker" method="post">
<input type="hidden" name="stage" value="4" />
<input type="submit" value="Delete information" />
</form>
If you have wish to update your information from the Union website (ie, in case you have bought a membership), press refresh below.<br />
<form action="membership-linker" method="post">
<input type="hidden" name="stage" value="2" />
<input type="hidden" name="key" value="<?php echo "$apikey"; ?>" />
<input type="submit" value="Refresh information" />
</form>
<?php
}
break;
case 2:
/* Take the information from the key and display it for confirmation.
* First take the xml file produced and collect the information. */
$apikey = $_POST[‘key’];
$xml_path = "http://www.warwicksu.com/membershipapi/isMember/$soc_apikey/$apikey/";
$xml_data = simplexml_load_file($xml_path);
$member = $xml_data->isMember;
$exec = $xml_data->isExecMember;
$fname = $xml_data->MemberDetails->FirstName;
$lname =$xml_data->MemberDetails->LastName;
$uniID = $xml_data->MemberDetails->UniqueID;
$email = $xml_data->MemberDetails->EmailAddress;
echo "The following information was gathered:<br />";
echo "Member: $member <br /> Exec: $exec <br /> Name: $fname $lname <br />";
echo "Student ID: $uniID <br /> Email: $email <br /> API key: $apikey <br />";
?>
<br />
If the information above appears to be correct, press confirm below: <br />
<form action="membership-linker" method="post">
<input type="hidden" name="stage" value="3" />
<input type="hidden" name="member" value="<?php echo "$member"; ?>" />
<input type="hidden" name="exec" value="<?php echo "$exec"; ?>" />
<input type="hidden" name="fname" value="<?php echo "$fname"; ?>" />
<input type="hidden" name="lname" value="<?php echo "$lname"; ?>" />
<input type="hidden" name="uniID" value="<?php echo "$uniID"; ?>" />
<input type="hidden" name="email" value="<?php echo "$email"; ?>" />
<input type="hidden" name="key" value="<?php echo "$apikey"; ?>" />
<input type="submit" value="Confirm information" />
</form>
<?php
break;
case 3:
/* Add user’s information to the meta data area of wordpress. */
update_usermeta($current_user->ID, ‘warwick_member’, $_POST[‘member’]);
update_usermeta($current_user->ID, ‘warwick_exec’, $_POST[‘exec’]);
update_usermeta($current_user->ID, ‘warwick_fname’, $_POST[‘fname’]);
update_usermeta($current_user->ID, ‘warwick_lname’, $_POST[‘lname’]);
update_usermeta($current_user->ID, ‘warwick_uni_id’, $_POST[‘uniID’]);
update_usermeta($current_user->ID, ‘warwick_email’, $_POST[‘email’]);
update_usermeta($current_user->ID, ‘warwick_apikey’, $_POST[‘key’]);
/* Set user group to right role. Make sur enot to change user 1. */
if($current_user->ID != 1 && $_POST[‘exec’] == ‘True’)
{
$permissions["$exec_group"] = 1;
update_usermeta($current_user->ID, ‘wp_capabilities’, $permissions);
update_usermeta($current_user->ID, ‘wp_user_level’, $exec_level);
// mysql_query("UPDATE wp_user2role2object_rs SET role_name=$exec_group WHERE user_id=$current_user->ID");
}
elseif($current_user->ID != 1 && $_POST[‘member’] == ‘True’)
{
$permissions["$member_group"] = 1;
update_usermeta($current_user->ID, ‘wp_capabilities’, $permissions);
update_usermeta($current_user->ID, ‘wp_user_level’, $member_level);
// mysql_query("UPDATE wp_user2role2object_rs SET role_name=$member_group WHERE user_id=$current_user->ID");
}
echo "User data successfully updated. <br />";
break;
case 4:
/* Deleting the user’s information. */
delete_usermeta($current_user->ID, ‘warwick_member’);
delete_usermeta($current_user->ID, ‘warwick_exec’);
delete_usermeta($current_user->ID, ‘warwick_fname’);
delete_usermeta($current_user->ID, ‘warwick_lname’);
delete_usermeta($current_user->ID, ‘warwick_uni_id’);
delete_usermeta($current_user->ID, ‘warwick_email’);
delete_usermeta($current_user->ID, ‘warwick_apikey’);
/* Reset the user’s group. */
if($current_user->ID != 1)
{
$permissions["$base_group"] = 1;
update_usermeta($current_user->ID, ‘wp_capabilities’, $permissions);
update_usermeta($current_user->ID, ‘wp_user_level’, $base_level);
// mysql_query("UPDATE wp_user2role2object_rs SET role_name=$base_group WHERE user_id=$current_user->ID");
}
echo "User data successfully removed. <br />";
break;
}
}
echo "<br />Membership linker written by <a href=’http://www.theskillers.co.uk/’>Mark Skilbeck</a>.<br />";
?>
This is my site!