noalyss Version-9
profile.inc.php
Go to the documentation of this file.
1<?php
2
3/*
4 * This file is part of NOALYSS.
5 *
6 * NOALYSS is free software; you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License as published by
8 * the Free Software Foundation; either version 2 of the License, or
9 * (at your option) any later version.
10 *
11 * NOALYSS is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 * GNU General Public License for more details.
15 *
16 * You should have received a copy of the GNU General Public License
17 * along with NOALYSS; if not, write to the Free Software
18 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
19 */
20// Copyright Author Dany De Bontridder danydb@aevalys.eu
21if (!defined('ALLOWED'))
22 die('Appel direct ne sont pas permis');
23require_once NOALYSS_INCLUDE.'/database/profile_sql.class.php';
24global $cn,$http;
25
26//**********************************************
27// Save avail. profiles
28//**********************************************
29if (isset($_POST['change_profile']))
30{
31 try
32 {
33 $aRight=$http->post("right","array",array());
34 $aUserProfile=$http->post("ua_id","array",array());
35 $p_id=$http->post("p_id","number");
36 $aProfile=$http->post("ap_id","array",array());
37 for ($e=0; $e<count($aUserProfile); $e++)
38 {
39 if ($aUserProfile[$e]=='X'&&$aUserProfile[$e]=='')
40 continue;
41 if ($aRight[$e]=='X'&&$aUserProfile[$e]!='')
42 {
43 $cn->exec_sql("delete from user_sec_action_profile where p_id=$1 and p_granted=$2",
44 array($p_id, $aProfile[$e]));
45 continue;
46 }
47 if ($aUserProfile[$e]==""&& $aRight[$e] !='X')
48 {
49 $cn->exec_sql("insert into user_sec_action_profile (p_id,p_granted,ua_right) values($1,$2,$3)",
50 array($p_id, $aProfile[$e], $aRight[$e]));
51 continue;
52 }
53 if ($aUserProfile[$e]!='')
54 {
55 $cn->exec_sql("update user_sec_action_profile set ua_right=$3 where p_id=$1 and p_granted=$2 ",
56 array($p_id, $aProfile[$e], $aRight[$e]));
57 continue;
58 }
59 }
60 }
61 catch (Exception $exc)
62 {
63 echo $exc->getMessage();
64 record_log( $exc->getTraceAsString());
65 throw $exc;
66 }
67}
68//**********************************************
69// Save avail. profiles
70//**********************************************
71if (isset($_POST['change_stock']))
72{
73 try
74 {
75 $p_id=$http->post("p_id","number");
76 $right=$http->post("right","array",array());
77 $ar_id=$http->post("ar_id","array",array());
78 $ur_id=$http->post("ur_id","array",array());
79
80 for ($e=0; $e<count($right); $e++)
81 {
82 if ($right[$e]=='X'&&$ur_id[$e]=='')
83 continue;
84 if ($right[$e]=='X'&&$ur_id[$e]!='')
85 {
86 $cn->exec_sql("delete from profile_sec_repository where p_id=$1 and r_id=$2",
87 array($p_id, $ar_id[$e]));
88 continue;
89 }
90 if ($ur_id[$e]=="")
91 {
92 $cn->exec_sql("insert into profile_sec_repository (p_id,r_id,ur_right) values($1,$2,$3)",
93 array($p_id, $ar_id[$e], $right[$e]));
94 continue;
95 }
96 if ($ur_id[$e]!='')
97 {
98 $cn->exec_sql("update profile_sec_repository set ur_right=$3 where p_id=$1 and r_id=$2 ",
99 array($p_id, $ar_id[$e], $right[$e]));
100 continue;
101 }
102 }
103 }
104 catch (Exception $exc)
105 {
106 echo $exc->getMessage();
107 record_log($exc->getTraceAsString());
108 throw $exc;
109 }
110}
111//**********************************************
112// Save_name
113// *********************************************
114
115if (isset($_POST['save_name']))
116{
117 $http=new HttpInput();
118 $p_name=$http->post("p_name");
119 $p_id=$http->post("p_id");
120 $with_calc=$http->post("with_calc","string",'f');
121 $with_direct_form=$http->post("with_direct_form","string",'f');
122 $with_search_card=$http->post("with_search_card","string",0);
123 $p_desc=$http->post('p_desc');
124 try
125 {
126 if (noalyss_strlentrim($p_name)==0)
127 throw new Exception("Nom ne peut être vide");
128 if (isNumber($p_id)==0)
129 throw new Exception("profile Invalide");
130 $p_desc=(noalyss_strlentrim($p_desc)==0)?null:trim($p_desc);
131 if ($p_id!=-1)
132 {
133 $cn->exec_sql("update profile set p_name=$1,p_desc=$2,
134 with_calc=$3, with_direct_form=$4 ,with_search_card=$6
135 where p_id=$5",
136 array($p_name,
138 }
139 else
140 {
141 $p_id=$cn->get_value("insert into profile (p_name,
142 p_desc,with_calc,with_direct_form,with_search_card) values
143 ($1,$2,$3,$4,$5) returning p_id",
144 array(
146 ));
147 }
148 }
149 catch (Exception $e)
150 {
151 alert($e->getMessage());
152 }
153}
154//************************************
155// Clone
156//************************************
157if (isset($_POST['clone']))
158{
159 try
160 {
161 $p_id = $http->post("p_id","number", 0);
162 $cn->start();
163 $new_id=$cn->get_value("insert into profile(p_name,p_desc,with_calc,
164 with_direct_form,with_search_card)
165 select 'copie de '||p_name,p_desc,with_calc,
166 with_direct_form , with_search_card from profile where p_id=$1 returning p_id", array($p_id));
167 $cn->exec_sql("
168 insert into profile_menu (p_id,me_code,me_code_dep,p_order,p_type_display,pm_default)
169 select $1,me_code,me_code_dep,p_order,p_type_display,pm_default from profile_menu
170 where p_id=$2
171 ", array($new_id, $p_id));
172 $cn->exec_sql("select menu_complete_dependency($1)",array($new_id));
173 $cn->exec_sql("update profile_menu
174 set pm_id_dep=(select distinct higher_dep
175 from v_menu_dependency as a
176 where
177 a.pm_id= profile_menu.pm_id)
178 where pm_id_dep is null and p_id=$1",array($new_id));
179 $cn->commit();
180 $p_id=$new_id;
181 $_POST['p_id'] = $new_id;
182 $_GET['p_id'] = $new_id;
183 $_REQUEST['p_id'] = $new_id;
184 $_POST['tab']="profile_gen_div";
185 }
186 catch (Exception $exc)
187 {
188 echo alert($exc->getMessage());
189 $cn->rollback();
190 }
191
192}
193//************************************
194// Delete
195//************************************
196if (isset($_POST['delete_profil']))
197{
198 try
199 {
200 $p_id=$http->post("p_id","number");
201
202 $cn->start();
203 if ($p_id==1)
204 {
205 throw new Exception('On ne peut pas effacer le profil par défaut');
206 }
207 $new_id=$cn->get_value("delete from profile
208 where p_id=$1 ", array($p_id));
209 $cn->commit();
210 }
211 catch (Exception $exc)
212 {
213 echo alert($exc->getMessage());
214 $cn->rollback();
215 }
216}
217//************************************
218// Modify the menu
219//************************************
220if (isset($_POST['mod']))
221{
222 try
223 {
224 // pm_id of the menu to modify
225 $pm_id=$http->post("pm_id", "number");
226 // profile id
227 $p_id=$http->post("p_id", "number");
228 // display order
229 $p_order=$http->post("p_order", "number");
230 // code to add
231 $me_code=$http->post("me_code");
232 // tab
233 $tab=$http->post("tab");
234 // set Default
235 $pm_default=$http->post('pm_default', "string", 0);
236 /**
237 * Printing cannot be a menu and do not depend of anything
238 */
239 $menu_type=$cn->get_value("select me_type from menu_ref
240 where me_code=$1", array($me_code));
241
242 if ($menu_type=='PR')
243 {
244 $p_type='P';
245 $me_code_dep=-1;
246 }
247 $cn->start();
249 if ($pm_default==1)
250 {
251 // reset all default
252 $cn->exec_sql("update profile_menu set pm_default=0
253 where pm_id_dep=(select pm_id_dep from profile_menu
254 where
255 pm_id=$1)", array($pm_id));
256 }
257 $cn->exec_sql("update profile_menu set me_code=$1,p_order=$2,pm_default=$3
258 where pm_id=$4", array($me_code, $p_order, $pm_default, $pm_id));
259 $cn->commit();
260 }
261 catch (Exception $e)
262 {
263 $cn->rollback();
264 alert($e->getMessage());
265 }
266}
267
268//****************************************************
269// Add a menu, module, submenu,plugin...
270//****************************************************
271if (isset($_POST['add_menu'])||isset($_POST['add_impress']))
272{
273 try
274 {
275 // type of menu me or pr
276 $p_type=$http->post("type","string",null);
277 // level
278 $p_level=$http->post("p_level","string",null);
279 // pm_id of menu parent
280 $p_dep=$http->post("dep","number",null);
281 // profile id
282 $p_id=$http->post("p_id", "number");
283 // display order
284 $p_order=$http->post("p_order");
285 // code to add
286 $me_code=$http->post("me_code");
287 // tab
288 $tab=$http->post("tab");
289 $cn->start();
290
291
292 /**
293 * Printing cannot be a menu and do not depend of anything
294 */
295 $menu_type=$cn->get_value("select me_type from menu_ref
296 where me_code=$1", array($me_code));
297
298 if ($menu_type=='PR')
299 {
300 $p_type='P';
301 $me_code_dep=null;
302 $pm_id_dep=null;
303 }
304
305 // Module never depends of anything
306 if ($p_type=='me')
307 {
308 if ($p_level==0)
309 {
310 $me_code_dep=null;
311 $pm_id_dep=null;
312 $p_type='M';
313 }
314 else
315 {
316 $me_code_dep=$cn->get_value('select me_code from profile_menu'
317 .' where pm_id = $1 and p_id=$2', array($p_dep, $p_id));
318 $pm_id_dep=$p_dep;
319 $p_type='E';
320 }
321 }
322 /**
323 * Check for infinite loop
324 */
325 $inf=$cn->get_value("select count(*) from profile_menu
326 where p_id=$1 and me_code_dep=$2 and me_code=$3",
327 array($p_id, $me_code, $me_code_dep));
328 if ($inf>0)
329 throw new Exception(_("Boucle infinie"));
330 /**
331 * Check if we don't add a menu depending on itself
332 */
333 if ($me_code==$me_code_dep)
334 throw new Exception(_("Un menu ne peut pas dépendre de lui-même"));
335
336
337 /**
338 * if me_code_dep == -1, it means it is null
339 */
340 $me_code_dep=($me_code_dep==-1)?null:$me_code_dep;
341
342 /*
343 * Do not insert twice the same menu
344 */
345 $duplicate = $cn->get_value(" select count(*) from profile_menu where "
346 . " pm_id_dep = $1 and me_code = $2",array($pm_id_dep,$me_code));
347 if ( $duplicate > 0 ) {
348 throw new Exception(_('Doublon'));
349 }
350 $pm_default=(isset($pm_default))?1:0;
351 $cn->exec_sql("
352 insert into profile_menu (me_code,me_code_dep,p_id,p_order,pm_default,p_type_display,pm_id_dep)
353 values ($1,$2,$3,$4,$5,$6,$7)
354 ",
355 array($me_code, $me_code_dep, $p_id, $p_order, $pm_default, $p_type,
356 $pm_id_dep));
357
358 $cn->commit();
359 }
360 catch (Exception $exc)
361 {
362 alert($exc->getMessage());
363 $cn->rollback();
364 }
365}
366
367echo '<div id="list_profile" class="content">';
369$url=$_SERVER['REQUEST_URI'];
370
371$table->add(_('Nom'), $url, "order by p_name asc", "order by p_name desc", "na",
372 "nd");
373$table->add(_('Description'), $url, "order by p_desc asc",
374 "order by p_desc desc", "da", "dd");
375$table->add(_('Calculatrice visible'), $url, "order by with_calc asc",
376 "order by with_calc desc", "ca", "cd");
377$table->add(_('Accès Direct visible'), $url, "order by with_direct_form asc",
378 "order by with_direct_form desc", "fa", "fd");
379
380$ord=(isset($_REQUEST['ord']))?$_REQUEST['ord']:'na';
381
382$order=$table->get_sql_order($ord);
383
385$ret=$menu->seek("where p_id > 0 ".$order);
386echo '<table class="result">';
387echo '<tr>';
388echo '<th>'.$table->get_header(0).'</th>';
389echo '<th>'.$table->get_header(1).'</th>';
390echo '<th>'.$table->get_header(2).'</th>';
391echo '<th>'.$table->get_header(3).'</th>';
392echo '</tr>';
394for ($i=0; $i<Database::num_row($ret); $i++)
395{
396 $row=$menu->get_object($ret, $i);
397
398 $js=sprintf('<a href="javascript:void(0)" style="text-decoration:underline" onclick="get_profile_detail(\'%s\',\'%s\')">',
399 $gDossier, $row->p_id);
400 echo '<tr>';
401 echo "<td>".$js.$row->p_name.'</a>'.'</td>';
402 echo td($row->p_desc);
403 echo td($row->with_calc);
404 echo td($row->with_direct_form);
405 echo '</tr>';
406}
407$js=sprintf('<a href="javascript:void(0)" class="button" onclick="get_profile_detail(\'%s\',\'%s\')">',
408 $gDossier, -1);
409echo '<tr>';
410echo "<td>".$js._("Ajouter un profil")." </td>";
411echo '</tr>';
412echo '</table>';
413echo '</div>';
415$profile_mobile->create_js_script();
416
417//*******************************************************
418// Show details of the selected profile
419//*******************************************************
420echo '<div id="detail_profile" class="content">';
421if (isset($_POST['p_id']) && $_POST['p_id'] != -1 )
422{
423 require_once NOALYSS_INCLUDE.'/ajax/ajax_get_profile.php';
424 ?>
425 <script>
426 $('list_profile').hide()
427 </script>
428 <?php
429
430}
431echo '</div>';
432if (isset($_POST['delete_profil']))
433{
434 echo create_script(" $('detail_profile').hide()");
435 ?>
436 <script>
437 $('list_profile').show()
438 </script>
439 <?php
440
441}
442$dep=$http->post("dep","string","");
443?>
444<script>
445 var selected_menu="<?php echo $dep;?>";
446 function menu_select(rowid) {
447 $('sub'+rowid).addClassName("selectedmenu");
448 if ( selected_menu != "0" && rowid != selected_menu ) {
449 if ( $('sub'+selected_menu) ) {
450 $('sub'+selected_menu).removeClassName("selectedmenu");
451 }
452 }
453 selected_menu=rowid;
454 }
455
456</script>
isNumber($p_int)
Definition: ac_common.php:215
noalyss_strlentrim($p_string)
Definition: ac_common.php:1549
record_log($p_message)
Record an error message into the log file of the server.
Definition: ac_common.php:1342
td($p_string='', $p_extra='')
surround the string with td
Definition: ac_common.php:83
alert($p_msg, $buffer=false)
alert in javascript
Definition: ac_common.php:738
$p_level
$with_search_card
$with_direct_form
$with_calc
$_REQUEST['ac']
$_GET['qcode']
static num_row($ret)
wrapper for the function pg_num_rows
static id()
return the 'gDossier' value after a check
manage the http input (get , post, request) and extract from an array
static build($p_id, $profile_id)
Manage the table public.profile.
Description of class_syn_sort_table.
$_POST['ac']
Definition: do.php:310
create_script($p_string)
create the HTML for adding the script tags around of the script
if(isset($_POST['delete_profil'])) $dep
$gDossier
$order
$menu
global $http
Definition: profile.inc.php:24
global $cn
Definition: profile.inc.php:24
$ord
for($i=0; $i< Database::num_row($ret); $i++) $js
$profile_mobile
$url
$table
$ret