Jump to content

$users->get with specific role ?

Doc

By Doc
in General Support

 Share

Recommended Posts

Doc Sr. Member

Doc

Posted
Posted

Hi,

I've just hit a problem I didn't think of.

I've registered a fake player on my website (still in dev) with the email I've used for the administrator.

So, when I connect, password doesn't match and I can't sign me up.

I'm using : (sum up)  

	$connect_user = $users->get("email=$email");

                if($connect_user && $connect_user->id) {
                    $username = $connect_user->name;
                } else {
                    echo "unknown email";
                }

                // if everything is ok :
                    if ($session->login($username, $password) !== null) {
                        // Go on

It only retrieves the admin (guest, superuser) roles but not the player I'm looking for, who has another kind of role.

Is there a way to add the role filter in the $users->get ?

I've used too : 

$connect_user = $users->find("email=$email");

but it brings back different stuff than $users->get.

Thanks

rick Hero Member

rick

Posted
Posted

Hi Doc,

A slight flaw in the logic. You created a second user with the same email as the administrator, and are basing your user->get 'query' on that email entry. The result of your 'query' is not unique. I would recommend you create unique emails per user to resolve this issue.

Once that is corrected, you can access the user roles of the logged-in user for further processing.

  • Like 1
LostKobrakai Hero Member

LostKobrakai

Posted
Posted

First of all $users->find() is not interchangeable with $users->get() (just like with $pages). The first does return a list of users. While the second one does return the first found result. So $users->find() will find both your users, but returns them in a list. 

To limit your query like you asked to use 

$users->get("email=$email, roles!=superuser")
11 minutes ago, rick said:

A slight flaw in the logic. […] I would recommend you create unique emails per user to resolve this issue.

I wouldn't say so. It's perfectly fine to allow for non-unique emails if one is aware of the consequences.

  • Like 2
Doc Sr. Member

Doc

Posted
  • Author
Posted

Thanks to both of you. The support is awesome here :)

I'll use LostKobrakai's proposal to filter the right user.

I shouldn't have added the same email, but, I like the idea to filter them correctly as they don't have the same privileges.

 

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...