noalyss Version-10
NOALYSS : serveur de comptabilité et ERP (2002)
Loading...
Searching...
No Matches
user.inc.php
Go to the documentation of this file.
1<?php
2/*
3 * This file is part of NOALYSS.
4 *
5 * NOALYSS is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License as published by
7 * the Free Software Foundation; either version 2 of the License, or
8 * (at your option) any later version.
9 *
10 * NOALYSS is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 * GNU General Public License for more details.
14 *
15 * You should have received a copy of the GNU General Public License
16 * along with NOALYSS; if not, write to the Free Software
17 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
18*/
19
20// Copyright Author Dany De Bontridder danydb@aevalys.eu
21if ( !defined ('ALLOWED')) die('Forbidden');
22/*!\file
23 *
24 *
25 * \brief user managemnt, included from admin-noalyss,
26 * action=user_mgt
27 *
28 */
29$http=new HttpInput();
30echo '<div class="content" >';
31\Noalyss\Dbg::echo_file(__FILE__);
32/******************************************************/
33// Add user
34/******************************************************/
35if ( isset ($_POST["ADD"]) )
36{
37 $cn=new Database();
38 $a_result =check_password_strength($_POST['PASS']);
39 $pass5=md5($_POST['PASS']);
40 $new_user=new Noalyss_user($cn,0);
41 $new_user->first_name=$http->post('FNAME');
42 $new_user->last_name=$http->post('LNAME');
43 $new_user->setAdmin(0);
44 $login=$http->post('LOGIN');
45 $login=str_replace("'","",$login);
46 $login=str_replace('"',"",$login);
47 $login=str_replace(" ","",$login);
48 $login=strtolower($login);
49 $new_user->login=$login;
50 //$new_user->auth_method=
51 $new_user->email=$http->post('EMAIL',"string",'');
52 if ( trim($login)=="" || strlen($login)<5)
53 {
54 alert(_("Le login ne peut pas être vide et avoir au moins 5 lettres"));
55 }elseif (count($a_result['msg']) > 0){
56 // password too weak
57 $msg='<span class="warning">'._("Mot de passe inchangé").'</span>';
58 foreach ($a_result['msg'] as $result ) {
59 $msg.="$result <br/>";
60 }
61 alert($msg);
62 }
63 else
64 {
65 $exist_user=$cn->get_value("select count(*) from ac_users where use_login=lower($1)",[$login]);
66 if ( $exist_user == 0 ) {
67 $new_user->setPassword($pass5);
68 $new_user->insert();
69 $new_user->load();
70 put_global(array(['key'=>'use_id',"value"=>$new_user->id]));
71 Noalyss_user::audit_admin(sprintf('ADD USER %s %s',$new_user->id,$login));
72 } else {
73 echo_warning(_("Utilisateur existant"));
74 $uid=$cn->get_value("select use_id from ac_users where use_login=lower($1)",[$login]);
75 $new_user->setId($uid);
76 put_global(array(['key'=>'use_id',"value"=>$new_user->id]));
77 $new_user->load();
78 }
79
80 require_once NOALYSS_INCLUDE.'/user_detail.inc.php';
81 return;
82
83 }
84} //SET login
85/******************************************************/
86// Update user
87/******************************************************/
88$sbaction=$http->post('sbaction',"string", "");
89if ($sbaction == "save")
90{
91 $uid = $http->post("UID");
92
93 // Update User
94 $cn = new Database();
95 $UserChange = new Noalyss_user($cn, $uid);
96
97 if ($UserChange->load() == -1)
98 {
99 alert(_("Cet utilisateur n'existe pas"));
100 }
101 else
102 {
103 $UserChange->first_name =$http->post('fname');
104 $UserChange->last_name = $http->post('lname');
105 $UserChange->active = $http->post('Actif');
106 $UserChange->admin = $http->post('Admin');
107 $UserChange->email = $http->post('email');
108 $UserChange->authent_method = $http->post('auth_method',"number");
109 if ($UserChange->active ==-1 || $UserChange->admin ==-1)
110 {
111 die ('Missing data');
112 }
113 if ( trim($_POST['password'])<>'')
114 {
115 $a_result =check_password_strength($_POST['password']);
116 if (count($a_result['msg']) > 0){
117 // password too weak
118 $msg='<span class="warning">'._("Mot de passe inchangé").'</span>';
119 foreach ($a_result['msg'] as $result ) {
120 $msg.="$result <br/>";
121 }
122 alert($msg);
123 require_once NOALYSS_INCLUDE.'/user_detail.inc.php';
124 return;
125 } else {
126 $UserChange->setPassword(md5($_POST['password']));
127
128 }
129 }
130 // if request new secret for OTP
131 if ( $http->post("generate_otp","number",0)==1){
132
133 $UserChange->generate_otp();
134 }
135
136 // save user change
137 $UserChange->save();
138 if ( $UserChange->authent_method !=0 && filter_var($UserChange->email, FILTER_VALIDATE_EMAIL) === false ) {
139 echo_warning(_("Email invalide"));
140 require_once NOALYSS_INCLUDE.'/user_detail.inc.php';
141 return;
142 }
143 // send a email with link if authen_method !=0 (freeOTP)
144 if ( $UserChange->authent_method !=0
145 && filter_var($UserChange->email, FILTER_VALIDATE_EMAIL) == true
146 && $http->post('email_otp','number',0) == 1
147 ) {
148 // delete previous send for this user
149 $cn->exec_sql('delete from otp_send_secret where use_id=$1',[$UserChange->getId()]);
150 // send a email with a link to the qcode
151 $UserChange->send_link_otp();
152 }
153
154 }
155}
156else if ($sbaction == "delete")
157{
158/******************************************************/
159// Delete the user
160/******************************************************/
161 // check that the control is correct
162 try {
163 $code=$http->post("userdel");
164 $ctl_code=$http->post('ctlcode');
165 $uid = $http->request('use_id');
166 } catch (Exception $ex) {
167 echo_error($ex->getMessage());
168 throw $ex;
169 }
170 if ( DEBUGNOALYSS > 1) {
171 echo "code [$code] code control [$ctl_code]";
172 }
173 if ( $code != $ctl_code) {
174 echo_warning (_("Code invalide, effacement refusé"));
175 require_once NOALYSS_INCLUDE.'/user_detail.inc.php';
176 return;
177 }
178 if ($uid == 1) {
179 echo_warning(_("Administrateur ne peut pas être effacé"));
180 require_once NOALYSS_INCLUDE.'/user_detail.inc.php';
181 return;
182 }
183 $cn = new Database();
184 $auser=$cn->get_row('select use_login from ac_users where use_id = $1',[$uid]);
185 if ( $auser == null) return;
186 $Res = $cn->exec_sql("delete from jnt_use_dos where use_id=$1", array($uid));
187 $Res = $cn->exec_sql("delete from ac_users where use_id=$1", array($uid));
188 //------------------------------------
189 // Remove user from all the dossiers
190 //------------------------------------
191 $a_dossier=$cn->get_array('select dos_id from ac_dossier');
192 if ( is_array($a_dossier) ) {
193 $nb=count($a_dossier);
194 for ( $i=0;$i<$nb;$i++)
195 Noalyss_user::remove_inexistant_user($a_dossier[$i]['dos_id']);
196 }
197 Noalyss_user::audit_admin(sprintf('DELETE USER %s %s',$uid,$auser['use_login']));
198 echo "<H2 class=\"notice\">";
199 printf (_("Utilisateur %s %s est effacé"),$http->post('fname'),$http->post('lname')) ;
200 echo " </H2>";
201}
202// View user detail
203if ( isset($_REQUEST['det']) && $sbaction=="")
204{
205 require_once NOALYSS_INCLUDE.'/user_detail.inc.php';
206
207 return;
208}
209?>
210 <span id="info_passid"></span>
211<div id="create_user" style="display:none;margin-right: 20%;position:float;" class="inner_box2">
212<?php echo HtmlInput::title_box(_('Ajout Utilisateur'),"create_user","hide");?>
213 <form action="admin-noalyss.php?action=user_mgt" method="POST" onsubmit="return check_form()">
214 <div style="text-align: center">
215
216<TABLE class="result" >
217 <TR><TD style="text-align: right"> <?php echo _('login')?></TD><TD><INPUT id="input_login" class="input_text" TYPE="TEXT" NAME="LOGIN" autocomplete=“off” required></TD></tr>
218 <TR><TD style="text-align: right"> <?php echo _('Prénom')?></TD><TD><INPUT class="input_text" TYPE="TEXT" NAME="FNAME" autocomplete=“off”></TD></tr>
219 <TR><TD style="text-align: right"> <?php echo _('Nom')?></TD><TD><INPUT class="input_text" TYPE="TEXT" NAME="LNAME" autocomplete=“off” required></TD></TR>
220 <TR>
221 <TD style="text-align: right"> <?php echo _('Mot de passe')?>
222 <?=\Icon_Action::tips("Mot de passe : longueur minimale = 8 dont au moins 1 majuscule, 1 minuscule,1 chiffre et 1 car.spécial")?>
223
224 </TD>
225 <TD> <INPUT id="input_password" class="input_text" TYPE="TEXT" NAME="PASS"
226 onkeyup="check_password_strength('input_password','info_passid',true)"
227 autocomplete=“off”
228 required
229 >
230
231 </TD></TR>
232 <TR><TD style="text-align: right"> <?php echo _('Email')?></TD><TD> <INPUT class="input_text" TYPE="TEXT" NAME="EMAIL"></TD></TR>
233 <tr>
234 <td></td>
235 <td></td>
236 <tr>
237</TABLE>
238
239<?php
240echo HtmlInput::submit("ADD",_('Créer Utilisateur'),"",'button');
241echo HtmlInput::button_action(_("Fermer"), "$('create_user').style.display='none';");
242
243?>
244</div>
245</FORM>
246 <script>
247 function check_form() {
248 if ($F('input_login') == "") {
249 smoke.alert('<?php echo _('Le login ne peut être vide') ?>');
250 $('input_login').setStyle({border:"red solid 2px"});
251 return false;
252 }
253 if ($F('input_password') == "") {
254 smoke.alert('<?php echo _('Le mot de passe ne peut être vide') ?>');
255 $('input_password').setStyle({border:"red solid 2px"});
256 return false;
257 }
258 if ($F('input_login').length < 5) {
259 smoke.alert('<?php echo _('Le login doit avoir au moins 5 lettres') ?>');
260 $('input_password').setStyle({border:"red solid 2px"});
261 return false;
262 }
263 return true;
264 }
265
266 </script>
267</div>
268<div>
269<?php
270echo '<p>';
271echo HtmlInput::button_action(_("Ajout utilisateur"), "$('create_user').show();","cu");
272echo '</p>';
273// Show all the existing user on 7 columns
274$repo=new Dossier(0);
275/******************************************************/
276// Detail of a user
277/******************************************************/
278
279
280
281$compteur=0;
282$header=new Sort_Table();
283$url=basename($_SERVER['PHP_SELF'])."?action=".$_REQUEST['action'];
284$header->add(_("Login"), $url," order by use_login asc", "order by use_login desc","la", "ld"); // 0
285$header->add(_("Nom"), $url," order by use_name asc,use_first_name asc", "order by use_name desc,use_first_name desc","na", "nd"); // 1
286$header->add(_("Authentification"), $url," order by use_auth_method asc,use_login asc", "order by use_auth_method desc ,use_login asc","auth", "nauth"); // 2
287$header->add(_('Dossier'),$url,' order by ag_dossier asc','order by ag_dossier desc', //3
288 'da','dd');
289$header->add(_("Actif"), $url," order by use_active asc", "order by use_active desc","aa", "ad"); // 4
290$header->add(_("Email"), $url," order by use_email asc,use_name asc,use_first_name asc", "order by use_email desc,use_name desc,use_first_name desc","na", "nd"); //5
291$ord=$http->request("ord","string","la");
292$sql=$header->get_sql_order($ord);
293$a_user=$repo->get_user_folder($sql);
294
295if ( !empty ($a_user) )
296{
297 echo '<span style="display:block">';
298 echo _('Cherche').Icon_Action::infobulle(22);
299 echo HtmlInput::filter_table("user", "0,1,2,3,5,6","1");
300 echo '</span>';
301 echo '<table id="user" class="result">';
302 echo '<tr>';
303 echo '<th>'.$header->get_header(0).'</th>';
304 echo '<th>'.$header->get_header(1).'</th>';
305 echo th(_("Prénom"));
306 echo '<th>'.$header->get_header(5).'</th>';
307 echo '<th>'.$header->get_header(2).'</th>';
308 echo '<th>'.$header->get_header(4).'</th>';
309 echo "<th>"._('Type')."</th>";
310 echo '<th>'.$header->get_header(3).'</th>';
311 echo '</tr>';
312 $a_auth=[0=>_("Mot de passe"),1=>'Email et OTP',2=>'OTP'];
313
314 foreach ( $a_user as $r_user)
315 {
316 $compteur++;
317 $class=($compteur%2==0)?"odd":"even";
318
319 echo "<tr class=\"$class\">";
320 if ( $r_user['use_active'] == 0 )
321 {
322 $Active=$g_failed;
323 }
324 else
325 {
326 $Active=$g_succeed;
327 }
328 $det_url=$url."&det&use_id=".$r_user['use_id'];
329 echo "<td>";
330 echo HtmlInput::anchor($r_user['use_login'],$det_url);
331 echo "</td>";
332
333 echo td($r_user['use_name']);
334 echo td($r_user['use_first_name']);
335 echo td($r_user['use_email']);
336
337 echo td($a_auth[$r_user['use_auth_method']]);
338 echo td($Active);
339 $type=($r_user['use_admin']==1)?_("Administrateur"):_("Utilisateur");
340 echo "<td>".$type."</td>";
341 if ( $r_user['use_admin'] == 0)
342 echo td($r_user['ag_dossier']);
343 else {
344 echo td(_('Tous'));
345 }
346 echo '</tr>';
347 }// foreach
348 echo '</table>';
349} // $cn != null
350?>
351
352</div>
th
th($p_string, $p_extra='', $raw='')
Definition ac_common.php:58
put_global
put_global($array)
Put in superglobal (get,post,request) the value contained in the parameter field (me_parameter)
Definition ac_common.php:1284
span
span($p_string, $p_extra='')
Definition ac_common.php:43
echo_warning
echo_warning($p_string)
warns
Definition ac_common.php:642
check_password_strength
check_password_strength($password)
returns an double array with the error found and code , if the count is 0 then the password is very s...
Definition ac_common.php:1812
echo_error
echo_error($p_log, $p_line="", $p_message="")
log error into the /tmp/noalyss_error.log it doesn't work on windows
Definition ac_common.php:169
tr
tr($p_string, $p_extra='')
Definition ac_common.php:88
td
td($p_string='', $p_extra='')
surround the string with td
Definition ac_common.php:83
alert
alert($p_msg, $buffer=false)
alert in javascript
Definition ac_common.php:791
$i
$i
Definition action_document_type_mtable_input.php:83
$sql
$sql
Definition ajax_add_concerned_card.php:100
$cn
$cn
Definition ajax_anc_accounting.php:30
$nb
$nb
Definition ajax_auto_anc_card.php:32
$code
$code
Definition ajax_bookmark.php:94
$url
$url
Definition ajax_bookmark.php:76
$msg
$msg
Definition ajax_create_menu.php:10
style
$opd_description style
Definition ajax_mod_predf_op.php:52
$repo
if(isset($_REQUEST['gDossier']) && $http->request("gDossier","number", 0) !=0) $repo
Definition ajax_preference.php:47
$_REQUEST
$_REQUEST['ac']
Definition ajax_search_action.php:26
$result
$result
Definition ajax_search_peppol.php:189
_
_("actif, passif,charge,...")
Definition balance.inc.php:195
$ex
$ex
Definition balance.inc.php:45
$type
$type
Definition balance_age.inc.php:28
$class
$class
Display the Plugin and for each profile were it is installed or not.
Definition cfgplugin.inc.php:95
Database
contains the class for connecting to Noalyss
Definition database.class.php:33
HtmlInput\filter_table
static filter_table($p_table_id, $p_col, $start_row)
filter the rows in a table and keep the colored row in alternance
Definition html_input.class.php:1085
HtmlInput\anchor
static anchor($p_text, $p_url="", $p_js="", $p_style=' class="line" ', $p_title="click", array $p_attribute=[])
Return a simple LINK with a url or a javascript if $p_js is not null then p_url will be javascript:vo...
Definition html_input.class.php:976
HtmlInput\button_action
static button_action($action, $javascript, $id=NULL, $p_class="button", $p_symbole="")
button Html with javascript
Definition html_input.class.php:549
HtmlInput\title_box
static title_box($p_name, $p_div, $p_mod="close", $p_js="", $p_draggable="n", $p_enlarge='n', $raw="", $refresh='')
Title for boxes, you can customize the symbol thanks symbol with the mode "custom".
Definition html_input.class.php:894
HtmlInput\submit
static submit($p_name, $p_value, $p_javascript="", $p_class="smallbutton")
Definition html_input.class.php:229
HttpInput
manage the http input (get , post, request) and extract from an array
Definition http_input.class.php:38
Icon_Action\tips
static tips($p_comment)
Display a info in a bubble, text is given as parameter.
Definition icon_action.class.php:123
Noalyss\Dbg\echo_file
static echo_file($msg, $print=true)
display the file
Definition dbg.php:88
Sort_Table
Description of class_syn_sort_table.
Definition sort_table.class.php:27
$g_failed
global $g_failed
Definition compta_fin_rec.inc.php:30
$g_succeed
global $g_succeed
Definition compta_fin_rec.inc.php:30
$_POST
$_POST['ac']
Definition do.php:323
$header
if(count($a_accounting)==0) $header
Definition export_gl_csv.php:69
elseif
if( $delta< 0) elseif( $delta==0)
Definition letter_prop.php:166
$ord
$ord
Definition menu.inc.php:116
$sbaction
if(isset($_POST["ADD"])) $sbaction
Definition user.inc.php:88
$UserChange
catch(Exception $ex) $UserChange
Definition user_detail.inc.php:34
Generated on Thu Jan 15 2026 10:14:39 for noalyss by doxygen 1.13.2