Jump to content

$users->get with specific role ?


Doc
 Share

Recommended Posts

Hi,

I've just hit a problem I didn't think of.

I've registered a fake player on my website (still in dev) with the email I've used for the administrator.

So, when I connect, password doesn't match and I can't sign me up.

I'm using : (sum up) 

	$connect_user = $users->get("email=$email");

                if($connect_user && $connect_user->id) {
                    $username = $connect_user->name;
                } else {
                    echo "unknown email";
                }

                // if everything is ok :
                    if ($session->login($username, $password) !== null) {
                        // Go on

It only retrieves the admin (guest, superuser) roles but not the player I'm looking for, who has another kind of role.

Is there a way to add the role filter in the $users->get ?

I've used too :

$connect_user = $users->find("email=$email");

but it brings back different stuff than $users->get.

Thanks

Link to comment
Share on other sites

Hi Doc,

A slight flaw in the logic. You created a second user with the same email as the administrator, and are basing your user->get 'query' on that email entry. The result of your 'query' is not unique. I would recommend you create unique emails per user to resolve this issue.

Once that is corrected, you can access the user roles of the logged-in user for further processing.

  • Like 1
Link to comment
Share on other sites

First of all $users->find() is not interchangeable with $users->get() (just like with $pages). The first does return a list of users. While the second one does return the first found result. So $users->find() will find both your users, but returns them in a list. 

To limit your query like you asked to use

$users->get("email=$email, roles!=superuser")
11 minutes ago, rick said:

A slight flaw in the logic. […] I would recommend you create unique emails per user to resolve this issue.

I wouldn't say so. It's perfectly fine to allow for non-unique emails if one is aware of the consequences.

  • Like 2
Link to comment
Share on other sites

Thanks to both of you. The support is awesome here :)

I'll use LostKobrakai's proposal to filter the right user.

I shouldn't have added the same email, but, I like the idea to filter them correctly as they don't have the same privileges.

 

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...