noalyss Version-9
user.inc.php
Go to the documentation of this file.
1<?php
2/*
3 * This file is part of NOALYSS.
4 *
5 * NOALYSS is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License as published by
7 * the Free Software Foundation; either version 2 of the License, or
8 * (at your option) any later version.
9 *
10 * NOALYSS is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 * GNU General Public License for more details.
14 *
15 * You should have received a copy of the GNU General Public License
16 * along with NOALYSS; if not, write to the Free Software
17 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
18*/
19
20// Copyright Author Dany De Bontridder danydb@aevalys.eu
21if ( !defined ('ALLOWED')) die('Forbidden');
22/*!\file
23 *
24 *
25 * \brief user managemnt, included from admin-noalyss,
26 * action=user_mgt
27 *
28 */
30echo '<div class="content" >';
32/******************************************************/
33// Add user
34/******************************************************/
35if ( isset ($_POST["ADD"]) )
36{
37 $cn=new Database();
38 $a_result =check_password_strength($_POST['PASS']);
39 $pass5=md5($_POST['PASS']);
40 $new_user=new Noalyss_user($cn,0);
41 $new_user->first_name=$http->post('FNAME');
42 $new_user->last_name=$http->post('LNAME');
43 $login=$http->post('LOGIN');
44 $login=str_replace("'","",$login);
45 $login=str_replace('"',"",$login);
46 $login=str_replace(" ","",$login);
47 $login=strtolower($login);
48 $new_user->login=$login;
49
50 $new_user->email=$http->post('EMAIL',"string",'');
51 if ( trim($login)=="" || strlen($login)<5)
52 {
53 alert(_("Le login ne peut pas être vide et avoir au moins 5 lettres"));
54 }elseif (count($a_result['msg']) > 0){
55 // password too weak
56 $msg='<span class="warning">'._("Mot de passe inchangé").'</span>';
57 foreach ($a_result['msg'] as $result ) {
58 $msg.="$result <br/>";
59 }
60 alert($msg);
61 }
62 else
63 {
64 $exist_user=$cn->get_value("select count(*) from ac_users where use_login=lower($1)",[$login]);
65 if ( $exist_user == 0 ) {
66 $new_user->insert();
67 $new_user->load();
68 put_global(array(['key'=>'use_id',"value"=>$new_user->id]));
69 Noalyss_user::audit_admin(sprintf('ADD USER %s %s',$new_user->id,$login));
70 } else {
71 echo_warning(_("Utilisateur existant"));
72 $uid=$cn->get_value("select use_id from ac_users where use_login=lower($1)",[$login]);
73 $new_user->setId($uid);
74 put_global(array(['key'=>'use_id',"value"=>$new_user->id]));
75 $new_user->load();
76 }
77
78 require_once NOALYSS_INCLUDE.'/user_detail.inc.php';
79 return;
80
81 }
82} //SET login
83/******************************************************/
84// Update user
85/******************************************************/
86$sbaction=$http->post('sbaction',"string", "");
87if ($sbaction == "save")
88{
89 $uid = $http->post("UID");
90
91 // Update User
92 $cn = new Database();
93 $UserChange = new Noalyss_user($cn, $uid);
94
95 if ($UserChange->load() == -1)
96 {
97 alert(_("Cet utilisateur n'existe pas"));
98 }
99 else
100 {
101 $UserChange->first_name =$http->post('fname');
102 $UserChange->last_name = $http->post('lname');
103 $UserChange->active = $http->post('Actif');
104 $UserChange->admin = $http->post('Admin');
105 $UserChange->email = $http->post('email');
106 if ($UserChange->active ==-1 || $UserChange->admin ==-1)
107 {
108 die ('Missing data');
109 }
110 if ( trim($_POST['password'])<>'')
111 {
112 $a_result =check_password_strength($_POST['password']);
113 if (count($a_result['msg']) > 0){
114 // password too weak
115 $msg='<span class="warning">'._("Mot de passe inchangé").'</span>';
116 foreach ($a_result['msg'] as $result ) {
117 $msg.="$result <br/>";
118 }
119 alert($msg);
120 } else {
121 $UserChange->setPassword(md5($_POST['password']));
122 $UserChange->save();
123 }
124 }
125 else
126 {
127 $UserChange->save();
128 }
129
130 }
131}
132else if ($sbaction == "delete")
133{
134/******************************************************/
135// Delete the user
136/******************************************************/
137 // check that the control is correct
138 try {
139 $code=$http->post("userdel");
140 $ctl_code=$http->post('ctlcode');
141 $uid = $http->request('use_id');
142 } catch (Exception $ex) {
143 echo_error($ex->getMessage());
144 throw $ex;
145 }
146 if ( DEBUGNOALYSS > 1) {
147 echo "code [$code] code control [$ctl_code]";
148 }
149 if ( $code != $ctl_code) {
150 echo _("Code invalide, effacement refusé");
151 return;
152 }
153 $cn = new Database();
154 $auser=$cn->get_row('select use_login from ac_users where use_id = $1',[$uid]);
155 if ( $auser == null) return;
156 $Res = $cn->exec_sql("delete from jnt_use_dos where use_id=$1", array($uid));
157 $Res = $cn->exec_sql("delete from ac_users where use_id=$1", array($uid));
158 //------------------------------------
159 // Remove user from all the dossiers
160 //------------------------------------
161 $a_dossier=$cn->get_array('select dos_id from ac_dossier');
162 if ( is_array($a_dossier) ) {
163 $nb=count($a_dossier);
164 for ( $i=0;$i<$nb;$i++)
165 Noalyss_user::remove_inexistant_user($a_dossier[$i]['dos_id']);
166 }
167 Noalyss_user::audit_admin(sprintf('DELETE USER %s %s',$uid,$auser['use_login']));
168 echo "<H2 class=\"notice\">";
169 printf (_("Utilisateur %s %s est effacé"),$http->post('fname'),$http->post('lname')) ;
170 echo " </H2>";
171}
172// View user detail
173if ( isset($_REQUEST['det']) && $sbaction=="")
174{
175 require_once NOALYSS_INCLUDE.'/user_detail.inc.php';
176
177 return;
178}
179?>
180
181<div id="create_user" style="display:none;width:30%;margin-right: 20%" class="inner_box">
182<?php echo HtmlInput::title_box(_('Ajout Utilisateur'),"create_user","hide");?>
183 <form action="admin-noalyss.php?action=user_mgt" method="POST" onsubmit="return check_form()">
184 <div style="text-align: center">
185 <span style="position:absolute;font-size:75%" id="info_passid"></span>
186<TABLE class="result" >
187 <TR><TD style="text-align: right"> <?php echo _('login')?></TD><TD><INPUT id="input_login" class="input_text" TYPE="TEXT" NAME="LOGIN"></TD></tr>
188 <TR><TD style="text-align: right"> <?php echo _('Prénom')?></TD><TD><INPUT class="input_text" TYPE="TEXT" NAME="FNAME"></TD></tr>
189 <TR><TD style="text-align: right"> <?php echo _('Nom')?></TD><TD><INPUT class="input_text" TYPE="TEXT" NAME="LNAME"></TD></TR>
190 <TR>
191 <TD style="text-align: right"> <?php echo _('Mot de passe')?>
192 <?=\Icon_Action::tips("Mot de passe : longueur minimale = 8 dont au moins 1 majuscule, 1 minuscule,1 chiffre et 1 car.spécial")?>
193
194 </TD>
195 <TD> <INPUT id="input_password" class="input_text" TYPE="TEXT" NAME="PASS"
196 onkeyup="check_password_strength('input_password','info_passid',true)"
197 >
198
199 </TD></TR>
200 <TR><TD style="text-align: right"> <?php echo _('Email')?></TD><TD> <INPUT class="input_text" TYPE="TEXT" NAME="EMAIL"></TD></TR>
201</TABLE>
202
203<?php
204echo HtmlInput::submit("ADD",_('Créer Utilisateur'),"",'button');
205echo HtmlInput::button_action(_("Fermer"), "$('create_user').style.display='none';");
206
207?>
208</div>
209</FORM>
210 <script>
211 function check_form() {
212 if ($F('input_login') == "") {
213 smoke.alert('<?php echo _('Le login ne peut être vide') ?>');
214 $('input_login').setStyle({border:"red solid 2px"});
215 return false;
216 }
217 if ($F('input_password') == "") {
218 smoke.alert('<?php echo _('Le mot de passe ne peut être vide') ?>');
219 $('input_password').setStyle({border:"red solid 2px"});
220 return false;
221 }
222 if ($F('input_login').length < 5) {
223 smoke.alert('<?php echo _('Le login doit avoir au moins 5 lettres') ?>');
224 $('input_password').setStyle({border:"red solid 2px"});
225 return false;
226 }
227 return true;
228 }
229
230 </script>
231</div>
232
233<?php
234echo '<p>';
235echo HtmlInput::button_action(_("Ajout utilisateur"), "$('create_user').show();","cu");
236echo '</p>';
237// Show all the existing user on 7 columns
238$repo=new Dossier(0);
239/******************************************************/
240// Detail of a user
241/******************************************************/
242
243
244
245$compteur=0;
246$header=new Sort_Table();
247$url=basename($_SERVER['PHP_SELF'])."?action=".$_REQUEST['action'];
248$header->add(_("Login"), $url," order by use_login asc", "order by use_login desc","la", "ld");
249$header->add(_("Nom"), $url," order by use_name asc,use_first_name asc", "order by use_name desc,use_first_name desc","na", "nd");
250$header->add(_('Dossier'),$url,' order by ag_dossier asc','order by ag_dossier desc',
251 'da','dd');
252$header->add(_("Actif"), $url," order by use_active asc", "order by use_active desc","aa", "ad");
253$header->add(_("Email"), $url," order by use_email asc,use_name asc,use_first_name asc", "order by use_email desc,use_name desc,use_first_name desc","na", "nd");
254$ord=(isset($_REQUEST['ord']))?$_REQUEST['ord']:'la';
255$sql=$header->get_sql_order($ord);
256
257$a_user=$repo->get_user_folder($sql);
258
259if ( !empty ($a_user) )
260{
261 echo '<span style="display:block">';
262 echo _('Cherche').Icon_Action::infobulle(22);
263 echo HtmlInput::filter_table("user", "0,1,2,3,5,6","1");
264 echo '</span>';
265 echo '<table id="user" class="result">';
266 echo '<tr>';
267 echo '<th>'.$header->get_header(0).'</th>';
268 echo '<th>'.$header->get_header(1).'</th>';
269 echo th(_("Prénom"));
270 echo '<th>'.$header->get_header(4).'</th>';
271 echo '<th>'.$header->get_header(3).'</th>';
272 echo "<th>"._('Type')."</th>";
273 echo '<th>'.$header->get_header(2).'</th>';
274 echo '</tr>';
275
276 foreach ( $a_user as $r_user)
277 {
278 $compteur++;
279 $class=($compteur%2==0)?"odd":"even";
280
281 echo "<tr class=\"$class\">";
282 if ( $r_user['use_active'] == 0 )
283 {
284 $Active=$g_failed;
285 }
286 else
287 {
288 $Active=$g_succeed;
289 }
290 $det_url=$url."&det&use_id=".$r_user['use_id'];
291 echo "<td>";
292 echo HtmlInput::anchor($r_user['use_login'],$det_url);
293 echo "</td>";
294
295 echo td($r_user['use_name']);
296 echo td($r_user['use_first_name']);
297 echo td($r_user['use_email']);
298 echo td($Active);
299 $type=($r_user['use_admin']==1)?_("Administrateur"):_("Utilisateur");
300 echo "<td>".$type."</td>";
301 if ( $r_user['use_admin'] == 0)
302 echo td($r_user['ag_dossier']);
303 else {
304 echo td(_('Tous'));
305 }
306 echo '</tr>';
307 }// foreach
308 echo '</table>';
309} // $cn != null
310?>
311
312</div>
th($p_string, $p_extra='', $raw='')
Definition: ac_common.php:58
put_global($array)
Put in superglobal (get,post,request) the value contained in the parameter field (me_parameter)
Definition: ac_common.php:1233
span($p_string, $p_extra='')
Definition: ac_common.php:43
echo_warning($p_string)
warns
Definition: ac_common.php:589
check_password_strength($password)
returns an double array with the error found and code , if the count is 0 then the password is very s...
Definition: ac_common.php:1700
echo_error($p_log, $p_line="", $p_message="")
log error into the /tmp/noalyss_error.log it doesn't work on windows
Definition: ac_common.php:169
tr($p_string, $p_extra='')
Definition: ac_common.php:88
td($p_string='', $p_extra='')
surround the string with td
Definition: ac_common.php:83
alert($p_msg, $buffer=false)
alert in javascript
Definition: ac_common.php:738
$code
$url
$opd_description style
if(isset($_REQUEST['gDossier']) && $http->request("gDossier","number", 0) !=0) $repo
$_REQUEST['ac']
$ex
Definition: balance.inc.php:45
$class
contains the class for connecting to Noalyss
manage the current dossier, everywhere we need to know to which folder we are connected,...
static filter_table($p_table_id, $p_col, $start_row)
filter the rows in a table and keep the colored row in alternance
static anchor($p_text, $p_url="", $p_js="", $p_style=' class="line" ', $p_title="click", array $p_attribute=[])
Return a simple anchor with a url or a javascript if $p_js is not null then p_url will be javascript:...
static button_action($action, $javascript, $id=NULL, $p_class="button", $p_symbole="")
button Html with javascript
static title_box($p_name, $p_div, $p_mod="close", $p_js="", $p_draggable="n", $p_enlarge='n')
Title for boxes, you can customize the symbol thanks symbol with the mode "custom".
static submit($p_name, $p_value, $p_javascript="", $p_class="smallbutton")
manage the http input (get , post, request) and extract from an array
static tips($p_comment)
Display a info in a bubble, text is given as parameter.
static echo_file($msg, $print=true)
display the file
Definition: dbg.php:88
Description of class_syn_sort_table.
global $g_failed
global $g_succeed
$_POST['ac']
Definition: do.php:310
$Res
if(count($a_accounting)==0) $header
if( $delta< 0) elseif( $delta==0)
$ord
Definition: menu.inc.php:115
if(isset($_POST["ADD"])) $sbaction
Definition: user.inc.php:86
$http
Definition: user.inc.php:29
catch(Exception $ex) $UserChange