noalyss Version-9
NOALYSS : serveur de comptabilité et ERP (2002)
Loading...
Searching...
No Matches
user.inc.php
Go to the documentation of this file.
1<?php
2/*
3 * This file is part of NOALYSS.
4 *
5 * NOALYSS is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License as published by
7 * the Free Software Foundation; either version 2 of the License, or
8 * (at your option) any later version.
9 *
10 * NOALYSS is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 * GNU General Public License for more details.
14 *
15 * You should have received a copy of the GNU General Public License
16 * along with NOALYSS; if not, write to the Free Software
17 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
18*/
19
20// Copyright Author Dany De Bontridder danydb@aevalys.eu
21if ( !defined ('ALLOWED')) die('Forbidden');
22/*!\file
23 *
24 *
25 * \brief user managemnt, included from admin-noalyss,
26 * action=user_mgt
27 *
28 */
30echo '<div class="content" >';
32/******************************************************/
33// Add user
34/******************************************************/
35if ( isset ($_POST["ADD"]) )
36{
37 $cn=new Database();
38 $a_result =check_password_strength($_POST['PASS']);
39 $pass5=md5($_POST['PASS']);
40 $new_user=new Noalyss_user($cn,0);
41 $new_user->first_name=$http->post('FNAME');
42 $new_user->last_name=$http->post('LNAME');
43 $login=$http->post('LOGIN');
44 $login=str_replace("'","",$login);
45 $login=str_replace('"',"",$login);
46 $login=str_replace(" ","",$login);
47 $login=strtolower($login);
48 $new_user->login=$login;
49
50 $new_user->email=$http->post('EMAIL',"string",'');
51 if ( trim($login)=="" || strlen($login)<5)
52 {
53 alert(_("Le login ne peut pas être vide et avoir au moins 5 lettres"));
54 }elseif (count($a_result['msg']) > 0){
55 // password too weak
56 $msg='<span class="warning">'._("Mot de passe inchangé").'</span>';
57 foreach ($a_result['msg'] as $result ) {
58 $msg.="$result <br/>";
59 }
60 alert($msg);
61 }
62 else
63 {
64 $exist_user=$cn->get_value("select count(*) from ac_users where use_login=lower($1)",[$login]);
65 if ( $exist_user == 0 ) {
66 $new_user->setPassword($pass5);
67 $new_user->insert();
68 $new_user->load();
69 put_global(array(['key'=>'use_id',"value"=>$new_user->id]));
70 Noalyss_user::audit_admin(sprintf('ADD USER %s %s',$new_user->id,$login));
71 } else {
72 echo_warning(_("Utilisateur existant"));
73 $uid=$cn->get_value("select use_id from ac_users where use_login=lower($1)",[$login]);
74 $new_user->setId($uid);
75 put_global(array(['key'=>'use_id',"value"=>$new_user->id]));
76 $new_user->load();
77 }
78
79 require_once NOALYSS_INCLUDE.'/user_detail.inc.php';
80 return;
81
82 }
83} //SET login
84/******************************************************/
85// Update user
86/******************************************************/
87$sbaction=$http->post('sbaction',"string", "");
88if ($sbaction == "save")
89{
90 $uid = $http->post("UID");
91
92 // Update User
93 $cn = new Database();
94 $UserChange = new Noalyss_user($cn, $uid);
95
96 if ($UserChange->load() == -1)
97 {
98 alert(_("Cet utilisateur n'existe pas"));
99 }
100 else
101 {
102 $UserChange->first_name =$http->post('fname');
103 $UserChange->last_name = $http->post('lname');
104 $UserChange->active = $http->post('Actif');
105 $UserChange->admin = $http->post('Admin');
106 $UserChange->email = $http->post('email');
107 if ($UserChange->active ==-1 || $UserChange->admin ==-1)
108 {
109 die ('Missing data');
110 }
111 if ( trim($_POST['password'])<>'')
112 {
113 $a_result =check_password_strength($_POST['password']);
114 if (count($a_result['msg']) > 0){
115 // password too weak
116 $msg='<span class="warning">'._("Mot de passe inchangé").'</span>';
117 foreach ($a_result['msg'] as $result ) {
118 $msg.="$result <br/>";
119 }
120 alert($msg);
121 } else {
122 $UserChange->setPassword(md5($_POST['password']));
123 $UserChange->save();
124 }
125 }
126 else
127 {
128 $UserChange->save();
129 }
130
131 }
132}
133else if ($sbaction == "delete")
134{
135/******************************************************/
136// Delete the user
137/******************************************************/
138 // check that the control is correct
139 try {
140 $code=$http->post("userdel");
141 $ctl_code=$http->post('ctlcode');
142 $uid = $http->request('use_id');
143 } catch (Exception $ex) {
144 echo_error($ex->getMessage());
145 throw $ex;
146 }
147 if ( DEBUGNOALYSS > 1) {
148 echo "code [$code] code control [$ctl_code]";
149 }
150 if ( $code != $ctl_code) {
151 echo_warning (_("Code invalide, effacement refusé"));
152 return;
153 }
154 $cn = new Database();
155 $auser=$cn->get_row('select use_login from ac_users where use_id = $1',[$uid]);
156 if ( $auser == null) return;
157 $Res = $cn->exec_sql("delete from jnt_use_dos where use_id=$1", array($uid));
158 $Res = $cn->exec_sql("delete from ac_users where use_id=$1", array($uid));
159 //------------------------------------
160 // Remove user from all the dossiers
161 //------------------------------------
162 $a_dossier=$cn->get_array('select dos_id from ac_dossier');
163 if ( is_array($a_dossier) ) {
164 $nb=count($a_dossier);
165 for ( $i=0;$i<$nb;$i++)
166 Noalyss_user::remove_inexistant_user($a_dossier[$i]['dos_id']);
167 }
168 Noalyss_user::audit_admin(sprintf('DELETE USER %s %s',$uid,$auser['use_login']));
169 echo "<H2 class=\"notice\">";
170 printf (_("Utilisateur %s %s est effacé"),$http->post('fname'),$http->post('lname')) ;
171 echo " </H2>";
172}
173// View user detail
174if ( isset($_REQUEST['det']) && $sbaction=="")
175{
176 require_once NOALYSS_INCLUDE.'/user_detail.inc.php';
177
178 return;
179}
180?>
181
182<div id="create_user" style="display:none;width:30%;margin-right: 20%" class="inner_box">
183<?php echo HtmlInput::title_box(_('Ajout Utilisateur'),"create_user","hide");?>
184 <form action="admin-noalyss.php?action=user_mgt" method="POST" onsubmit="return check_form()">
185 <div style="text-align: center">
186 <span style="position:absolute;font-size:75%" id="info_passid"></span>
187<TABLE class="result" >
188 <TR><TD style="text-align: right"> <?php echo _('login')?></TD><TD><INPUT id="input_login" class="input_text" TYPE="TEXT" NAME="LOGIN"></TD></tr>
189 <TR><TD style="text-align: right"> <?php echo _('Prénom')?></TD><TD><INPUT class="input_text" TYPE="TEXT" NAME="FNAME"></TD></tr>
190 <TR><TD style="text-align: right"> <?php echo _('Nom')?></TD><TD><INPUT class="input_text" TYPE="TEXT" NAME="LNAME"></TD></TR>
191 <TR>
192 <TD style="text-align: right"> <?php echo _('Mot de passe')?>
193 <?=\Icon_Action::tips("Mot de passe : longueur minimale = 8 dont au moins 1 majuscule, 1 minuscule,1 chiffre et 1 car.spécial")?>
194
195 </TD>
196 <TD> <INPUT id="input_password" class="input_text" TYPE="TEXT" NAME="PASS"
197 onkeyup="check_password_strength('input_password','info_passid',true)"
198 >
199
200 </TD></TR>
201 <TR><TD style="text-align: right"> <?php echo _('Email')?></TD><TD> <INPUT class="input_text" TYPE="TEXT" NAME="EMAIL"></TD></TR>
202</TABLE>
203
204<?php
205echo HtmlInput::submit("ADD",_('Créer Utilisateur'),"",'button');
206echo HtmlInput::button_action(_("Fermer"), "$('create_user').style.display='none';");
207
208?>
209</div>
210</FORM>
211 <script>
212 function check_form() {
213 if ($F('input_login') == "") {
214 smoke.alert('<?php echo _('Le login ne peut être vide') ?>');
215 $('input_login').setStyle({border:"red solid 2px"});
216 return false;
217 }
218 if ($F('input_password') == "") {
219 smoke.alert('<?php echo _('Le mot de passe ne peut être vide') ?>');
220 $('input_password').setStyle({border:"red solid 2px"});
221 return false;
222 }
223 if ($F('input_login').length < 5) {
224 smoke.alert('<?php echo _('Le login doit avoir au moins 5 lettres') ?>');
225 $('input_password').setStyle({border:"red solid 2px"});
226 return false;
227 }
228 return true;
229 }
230
231 </script>
232</div>
233
234<?php
235echo '<p>';
236echo HtmlInput::button_action(_("Ajout utilisateur"), "$('create_user').show();","cu");
237echo '</p>';
238// Show all the existing user on 7 columns
239$repo=new Dossier(0);
240/******************************************************/
241// Detail of a user
242/******************************************************/
243
244
245
246$compteur=0;
247$header=new Sort_Table();
248$url=basename($_SERVER['PHP_SELF'])."?action=".$_REQUEST['action'];
249$header->add(_("Login"), $url," order by use_login asc", "order by use_login desc","la", "ld");
250$header->add(_("Nom"), $url," order by use_name asc,use_first_name asc", "order by use_name desc,use_first_name desc","na", "nd");
251$header->add(_('Dossier'),$url,' order by ag_dossier asc','order by ag_dossier desc',
252 'da','dd');
253$header->add(_("Actif"), $url," order by use_active asc", "order by use_active desc","aa", "ad");
254$header->add(_("Email"), $url," order by use_email asc,use_name asc,use_first_name asc", "order by use_email desc,use_name desc,use_first_name desc","na", "nd");
255$ord=(isset($_REQUEST['ord']))?$_REQUEST['ord']:'la';
256$sql=$header->get_sql_order($ord);
257
258$a_user=$repo->get_user_folder($sql);
259
260if ( !empty ($a_user) )
261{
262 echo '<span style="display:block">';
263 echo _('Cherche').Icon_Action::infobulle(22);
264 echo HtmlInput::filter_table("user", "0,1,2,3,5,6","1");
265 echo '</span>';
266 echo '<table id="user" class="result">';
267 echo '<tr>';
268 echo '<th>'.$header->get_header(0).'</th>';
269 echo '<th>'.$header->get_header(1).'</th>';
270 echo th(_("Prénom"));
271 echo '<th>'.$header->get_header(4).'</th>';
272 echo '<th>'.$header->get_header(3).'</th>';
273 echo "<th>"._('Type')."</th>";
274 echo '<th>'.$header->get_header(2).'</th>';
275 echo '</tr>';
276
277 foreach ( $a_user as $r_user)
278 {
279 $compteur++;
280 $class=($compteur%2==0)?"odd":"even";
281
282 echo "<tr class=\"$class\">";
283 if ( $r_user['use_active'] == 0 )
284 {
285 $Active=$g_failed;
286 }
287 else
288 {
289 $Active=$g_succeed;
290 }
291 $det_url=$url."&det&use_id=".$r_user['use_id'];
292 echo "<td>";
293 echo HtmlInput::anchor($r_user['use_login'],$det_url);
294 echo "</td>";
295
296 echo td($r_user['use_name']);
297 echo td($r_user['use_first_name']);
298 echo td($r_user['use_email']);
299 echo td($Active);
300 $type=($r_user['use_admin']==1)?_("Administrateur"):_("Utilisateur");
301 echo "<td>".$type."</td>";
302 if ( $r_user['use_admin'] == 0)
303 echo td($r_user['ag_dossier']);
304 else {
305 echo td(_('Tous'));
306 }
307 echo '</tr>';
308 }// foreach
309 echo '</table>';
310} // $cn != null
311?>
312
313</div>
th($p_string, $p_extra='', $raw='')
Definition ac_common.php:58
put_global($array)
Put in superglobal (get,post,request) the value contained in the parameter field (me_parameter)
span($p_string, $p_extra='')
Definition ac_common.php:43
echo_warning($p_string)
warns
check_password_strength($password)
returns an double array with the error found and code , if the count is 0 then the password is very s...
echo_error($p_log, $p_line="", $p_message="")
log error into the /tmp/noalyss_error.log it doesn't work on windows
tr($p_string, $p_extra='')
Definition ac_common.php:88
td($p_string='', $p_extra='')
surround the string with td
Definition ac_common.php:83
alert($p_msg, $buffer=false)
alert in javascript
$opd_description style
if(isset($_REQUEST['gDossier']) && $http->request("gDossier","number", 0) !=0) $repo
$_REQUEST['ac']
_("actif, passif,charge,...")
$ex
contains the class for connecting to Noalyss
static filter_table($p_table_id, $p_col, $start_row)
filter the rows in a table and keep the colored row in alternance
static anchor($p_text, $p_url="", $p_js="", $p_style=' class="line" ', $p_title="click", array $p_attribute=[])
Return a simple LINK with a url or a javascript if $p_js is not null then p_url will be javascript:vo...
static button_action($action, $javascript, $id=NULL, $p_class="button", $p_symbole="")
button Html with javascript
static title_box($p_name, $p_div, $p_mod="close", $p_js="", $p_draggable="n", $p_enlarge='n', $raw="")
Title for boxes, you can customize the symbol thanks symbol with the mode "custom".
static submit($p_name, $p_value, $p_javascript="", $p_class="smallbutton")
manage the http input (get , post, request) and extract from an array
static tips($p_comment)
Display a info in a bubble, text is given as parameter.
static echo_file($msg, $print=true)
display the file
Definition dbg.php:88
Description of class_syn_sort_table.
global $g_failed
global $g_succeed
$_POST['ac']
Definition do.php:312
if(count($a_accounting)==0) $header
if( $delta< 0) elseif( $delta==0)
$ord
Definition menu.inc.php:116
if(isset($_POST["ADD"])) $sbaction
Definition user.inc.php:87
catch(Exception $ex) $UserChange