noalyss  Version-6.7.2
 All Data Structures Namespaces Files Functions Variables Enumerations
user_detail.inc.php
Go to the documentation of this file.
00001 <?php
00002 /*
00003  *   This file is part of NOALYSS.
00004  *
00005  *   NOALYSS is free software; you can redistribute it and/or modify
00006  *   it under the terms of the GNU General Public License as published by
00007  *   the Free Software Foundation; either version 2 of the License, or
00008  *   (at your option) any later version.
00009  *
00010  *   NOALYSS is distributed in the hope that it will be useful,
00011  *   but WITHOUT ANY WARRANTY; without even the implied warranty of
00012  *   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
00013  *   GNU General Public License for more details.
00014  *
00015  *   You should have received a copy of the GNU General Public License
00016  *   along with NOALYSS; if not, write to the Free Software
00017  *   Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
00018  */
00019 // Copyright Author Dany De Bontridder danydb@aevalys.eu
00020 /** \file
00021  * \brief Users Security
00022  */
00023 if ( ! defined ('ALLOWED') ) die('Appel direct ne sont pas permis');
00024 include_once("ac_common.php");
00025 require_once('class_database.php');
00026 include_once("user_menu.php");
00027 include_once ("class_user.php");
00028 
00029 $rep = new Database();
00030 
00031 if (!isset($_REQUEST['use_id']))
00032 {
00033     html_page_stop();
00034     exit();
00035 }
00036 $uid = $_REQUEST['use_id'];
00037 $UserChange = new User($rep, $uid);
00038 
00039 if ($UserChange->id == false)
00040 {
00041     // Message d'erreur
00042     html_page_stop();
00043 }
00044 
00045 /*  Save the changes */
00046 if (isset($_POST['SAVE']))
00047 {
00048     $uid = $_POST['UID'];
00049 
00050     // Update User
00051     $cn = new Database();
00052     $UserChange = new User($cn, $uid);
00053     if ($UserChange->load() == -1)
00054     {
00055         alert("Cet utilisateur n'existe pas");
00056     }
00057     else
00058     {
00059         $UserChange->first_name = $_POST['fname'];
00060         $UserChange->last_name = $_POST['lname'];
00061         $UserChange->active = $_POST['Actif'];
00062         $UserChange->admin = $_POST['Admin'];
00063         if ( trim($_POST['password'])<>'')
00064         {
00065                     $UserChange->pass = md5($_POST['password']);
00066         }               else
00067                 {
00068                         $UserChange->pass=$UserChange->password;
00069                 }
00070         $UserChange->save();
00071 
00072         // Update Priv on Folder
00073         foreach ($_POST as $name => $elem)
00074         {
00075             if (substr_count($name, 'PRIV') != 0)
00076             {
00077                 $cn = new Database();
00078                                 if ( defined ('MULTI')&& MULTI==0)
00079                                 {
00080                                         $name=dbname;
00081                                         $db_id=MONO_DATABASE;
00082                                         $UserChange->set_folder_access($db_id, $elem);
00083                                 }
00084                                 else
00085                                 {
00086                                     $db_id = mb_substr($name, 4);
00087                                         $name=$cn->format_name($db_id, "dos");
00088                                         if ( $cn->exist_database($name) == 1 )
00089                                         {
00090                                                 $UserChange->set_folder_access($db_id, $elem);
00091                                                 Dossier::synchro_admin($db_id);
00092                                         }
00093                                 }
00094                         }
00095         }
00096     }
00097 }
00098 else
00099 {
00100     if (isset($_POST["DELETE"]))
00101     {
00102         $cn = new Database();
00103         $Res = $cn->exec_sql("delete from priv_user where priv_jnt in ( select jnt_id from jnt_use_dos where use_id=$1)", array($uid));
00104         $Res = $cn->exec_sql("delete from jnt_use_dos where use_id=$1", array($uid));
00105         $Res = $cn->exec_sql("delete from ac_users where use_id=$1", array($uid));
00106 
00107         echo "<center><H2 class=\"info\"> User " . h($_POST['fname']) . " " . h($_POST['lname']) . " est effacé</H2></CENTER>";
00108         require_once("class_iselect.php");
00109         require_once("user.inc.php");
00110         return;
00111     }
00112 }
00113 $UserChange->load();
00114 $it_pass=new IText('password');
00115 $it_pass->value="";
00116 ?>
00117 <h1 class="info">Modification</h1>
00118 <?php echo HtmlInput::button_anchor('Retour', 'admin_repo.php?action=user_mgt'); ?>
00119 <FORM  METHOD="POST">
00120 
00121 <?php echo HtmlInput::hidden('UID',$uid)?>
00122     <TABLE BORDER=0>
00123         <TR>
00124 
00125 <?php printf('<td>login</td><td> %s</td>', $UserChange->login); ?>
00126             </TD>
00127         </tr>
00128         <TR>
00129             <TD>
00130             <?php printf('Nom de famille </TD><td><INPUT class="input_text"  type="text" NAME="lname" value="%s"> ', $UserChange->name); ?>
00131             </TD>
00132         </TR>
00133         <TR>
00134           <?php printf('<td>prénom</td><td>
00135              <INPUT class="input_text" type="text" NAME="fname" value="%s"> ', $UserChange->first_name);
00136                 ?>
00137         </TD>
00138         </TR>
00139         <tr>
00140             <td>
00141                 Mot de passe :<span class="info">Laisser à VIDE pour ne PAS le changer</span>
00142             </td>
00143             <td>
00144                 <?php echo $it_pass->input();?>
00145             </td>
00146         </tr>
00147     </table>
00148 
00149     <TABLE>
00150 <?php
00151 if ($UserChange->active == 1)
00152 {
00153     $ACT = "CHECKED";
00154     $NACT = "UNCHECKED";
00155 }
00156 else
00157 {
00158     $ACT = "UNCHECKED";
00159     $NACT = "CHECKED";
00160 }
00161 echo "<TR><TD>";
00162 printf('<INPUT type="RADIO" NAME="Actif" VALUE="1" %s> Actif', $ACT);
00163 echo "</TD><TD>";
00164 printf('<INPUT type="RADIO" NAME="Actif" VALUE="0" %s> Non Actif', $NACT);
00165 echo "</TD></TR>";
00166 ?>
00167     </TABLE>
00168 </TD>
00169 <TD>
00170     <TABLE>
00171 <?php
00172 if ($UserChange->admin == 1)
00173 {
00174     $ACT = "CHECKED";
00175     $NACT = "UNCHECKED";
00176 }
00177 else
00178 {
00179     $ACT = "UNCHECKED";
00180     $NACT = "CHECKED";
00181 }
00182 echo "<TR><TD>";
00183 printf('<INPUT type="RADIO" NAME="Admin" VALUE="1" %s> Administrateur global', $ACT);
00184 echo "</TD><TD>";
00185 printf('<INPUT type="RADIO" NAME="Admin" VALUE="0" %s> Pas administrateur global ', $NACT);
00186 echo "</TD></TR>";
00187 ?>
00188     </TABLE>
00189 </TD>
00190 </TR>
00191 <TR>
00192     <TD>
00193         <!-- Show all database and rights -->
00194         <H2 class="info"> Droit sur les dossiers pour les utilisateurs normaux </H2>
00195         <p class="notice">
00196             Les autres droits doivent être réglés dans les dossiers (paramètre->sécurité), le fait de changer un utilisateur d'administrateur à utilisateur
00197                         normal ne change pas le profil administrateur dans les dossiers.
00198                         Il faut aller dans CFGSECURITY pour diminuer ses privilèges.
00199         </p>
00200         <TABLE>
00201 <?php
00202 $array = array(
00203     array('value' => 'X', 'label' => 'Aucun Accès'),
00204     array('value' => 'R', 'label' => 'Utilisateur normal')
00205 );
00206 $repo = new Dossier(0);
00207 
00208 $Dossier = $repo->show_dossier('all', 1, 0);
00209 if (empty($Dossier))
00210 {
00211     echo hb('* Aucun Dossier *');
00212     echo '</div>';
00213     exit();
00214 }
00215 
00216 $mod_user = new User(new Database(), $uid);
00217 foreach ($Dossier as $rDossier)
00218 {
00219         if (defined ("MULTI") && MULTI==0)
00220         {
00221                         $priv = $mod_user->get_folder_access(MONO_DATABASE);
00222                         $priv=($priv=='L')?'R':$priv;
00223         }
00224                 else
00225                         $priv = $mod_user->get_folder_access($rDossier['dos_id']);
00226     printf("<TR><TD> Dossier : %s </TD>", h($rDossier['dos_name']));
00227 
00228     $select = new ISelect();
00229     $select->table = 1;
00230     $select->name = sprintf('PRIV%s', $rDossier['dos_id']);
00231     $select->value = $array;
00232     $select->selected = $priv;
00233     echo $select->input();
00234     echo "</TD></TR>";
00235 }
00236 ?>
00237         </TABLE>
00238 
00239 
00240 
00241 
00242 
00243         <input type="Submit" class="button" NAME="SAVE" VALUE="Sauver les changements" onclick="return confirm('Confirmer changement ?');">
00244 
00245         <input type="Submit"  class="button" NAME="DELETE" VALUE="Effacer" onclick="return confirm('Confirmer effacement ?');" >
00246 <?php echo HtmlInput::button_anchor('Retour', 'admin_repo.php?action=user_mgt'); ?>
00247 </FORM>
00248 
00249 </DIV>
00250 
00251 
00252 
00253 
00254 
00255 
00256 
00257 
00258 
00259 
00260 <?php
00261 html_page_stop();
00262 ?>
00263 
00264 
 All Data Structures Namespaces Files Functions Variables Enumerations