← Back to branch summary

~ocsinventory-server/ocsinventory-server/stable-1.03

« back to all changes in this revision

Viewing changes to ocsreports/admins.php

  • Committer: serpent
  • Date: 2009-09-03 09:32:02 UTC
  • Revision ID: serpent@snakebase2-20090903093202-1ryusexrrvs9zqow
Removed ocsreports from ocsinventory-server project

Show diffs side-by-side

added added

removed removed

Lines of Context:
ocsreports/admins.php
1
 
<?php
2
 
require_once('require/function_search.php');
3
 
 
4
 
 if( $_SESSION["lvluser"] != SADMIN )
5
 
        die("FORBIDDEN");
6
 
if ($_POST['onglet'] == "" or !isset($_POST['onglet']))
7
 
$_POST['onglet']=3;
8
 
 //d�finition des onglets
9
 
$data_on[1]=$l->g(242);
10
 
$data_on[2]=$l->g(243);
11
 
$data_on[3]=$l->g(619);
12
 
$data_on[4]=$l->g(244);
13
 
 
14
 
//liste des profils
15
 
$list_profil[1]=$l->g(242);
16
 
$list_profil[2]=$l->g(243);
17
 
$list_profil[3]=$l->g(619);
18
 
 
19
 
$form_name = "admins";
20
 
echo "<form name='".$form_name."' id='".$form_name."' method='POST' action=''>";
21
 
onglet($data_on,$form_name,"onglet",4);
22
 
$table_name="TAB_ACCESSLVL".$_POST['onglet'];   
23
 
if (isset($_POST['VALID_MODIF'])){
24
 
        if ($_POST['CHANGE'] != ""){
25
 
                $sql_update="update operators set ACCESSLVL = '".$_POST['CHANGE']."' where ID='".$_POST['MODIF_ON']."'";
26
 
                mysql_query($sql_update, $_SESSION["writeServer"]) or die(mysql_error($_SESSION["writeServer"]));               
27
 
        $tab_options['CACHE']='RESET';
28
 
        }else
29
 
        echo "<div  align=center><font color=red size=4><b>".$l->g(909)."</b></font></div>";
30
 
        
31
 
}
32
 
//suppression d'une liste de users
33
 
if (isset($_POST['del_check']) and $_POST['del_check'] != ''){
34
 
        $list = "'".implode("','", explode(",",$_POST['del_check']))."'";
35
 
        $sql_delete="delete from tags where login in (".$list.")";
36
 
        mysql_query($sql_delete, $_SESSION["writeServer"]) or die(mysql_error($_SESSION["writeServer"]));       
37
 
        $sql_delete="delete from operators where id in (".$list.")";
38
 
        mysql_query($sql_delete, $_SESSION["writeServer"]) or die(mysql_error($_SESSION["writeServer"]));       
39
 
        $tab_options['CACHE']='RESET';  
40
 
}
41
 
 
42
 
 
43
 
//suppression d'un user
44
 
if (isset($_POST['SUP_PROF']) and $_POST['SUP_PROF'] != ''){
45
 
        $sql_delete="delete from tags where login='".$_POST['SUP_PROF']."'";
46
 
        mysql_query($sql_delete, $_SESSION["writeServer"]) or die(mysql_error($_SESSION["writeServer"]));       
47
 
        $sql_delete="delete from operators where id= '".$_POST['SUP_PROF']."'";
48
 
        mysql_query($sql_delete, $_SESSION["writeServer"]) or die(mysql_error($_SESSION["writeServer"]));       
49
 
        $tab_options['CACHE']='RESET';
50
 
}
51
 
//ajout d'un user
52
 
if (isset($_POST['Valid_modif_x'])){
53
 
        if (trim($_POST['ID']) == "")
54
 
                $ERROR=$l->g(997);
55
 
        if (!array_key_exists($_POST['ACCESSLVL'], $list_profil))
56
 
                $ERROR=$l->g(998);
57
 
        if (!isset($ERROR)){
58
 
                $sql="select id from operators where id= '".$_POST['ID']."'";
59
 
                $res=mysql_query($sql, $_SESSION["readServer"]) or die(mysql_error($_SESSION["readServer"]));
60
 
                $row=mysql_fetch_object($res);
61
 
                if (isset($row->id)){
62
 
                        $ERROR=$l->g(999);
63
 
                        echo "<script>alert('".$ERROR."')</script>";
64
 
                }else{
65
 
                
66
 
                        $sql=" insert into operators (id,firstname,lastname,accesslvl,comments";
67
 
                        if (isset($_POST['PASSWORD']))
68
 
                                $sql.=",passwd";
69
 
                        $sql.=") value ('".$_POST['ID']."',
70
 
                                                        '".$_POST['FIRSTNAME']."',
71
 
                                                        '".$_POST['LASTNAME']."',
72
 
                                                        '".$_POST['ACCESSLVL']."',
73
 
                                                        '".$_POST['COMMENTS']."'";
74
 
                        if (isset($_POST['PASSWORD']))
75
 
                                $sql.=",'".md5($_POST['PASSWORD'])."'";
76
 
                        $sql.=")";
77
 
                        //echo $sql;
78
 
                        mysql_query($sql, $_SESSION["writeServer"]);
79
 
                        unset($_SESSION['DATA_CACHE'],$_POST['ID'],$_POST['FIRSTNAME'],$_POST['LASTNAME'],
80
 
                                        $_POST['ACCESSLVL'],$_POST['COMMENTS'],$_POST['PASSWORD']);
81
 
                        $msg=$l->g(373);
82
 
                }               
83
 
        }else
84
 
        echo "<script>alert('".$ERROR."')</script>";
85
 
 
86
 
        }
87
 
 
88
 
echo "<table cellspacing='5' width='80%' BORDER='0' ALIGN = 'Center' BGCOLOR='#C7D9F5' BORDERCOLOR='#9894B5'>";
89
 
//echo "<tr><td align=center><b>CREATION / SUPPRESSION DES ".$data_on[$_POST['onglet']]."</b></td></tr>";
90
 
 
91
 
 
92
 
//add user
93
 
if ($_POST['onglet'] == 4){     
94
 
 
95
 
        $tab_typ_champ[0]['DEFAULT_VALUE']=$_POST['ID'];
96
 
        $tab_typ_champ[0]['INPUT_NAME']="ID";
97
 
        $tab_typ_champ[0]['CONFIG']['SIZE']=60;
98
 
        $tab_typ_champ[0]['CONFIG']['MAXLENGTH']=255;
99
 
        $tab_typ_champ[0]['INPUT_TYPE']=0;
100
 
        $tab_name[0]=$l->g(995).": ";
101
 
        
102
 
        $tab_typ_champ[1]['DEFAULT_VALUE']=$_POST['FIRSTNAME'];
103
 
        $tab_typ_champ[1]['INPUT_NAME']="FIRSTNAME";
104
 
        $tab_typ_champ[1]['CONFIG']['SIZE']=60;
105
 
        $tab_typ_champ[1]['CONFIG']['MAXLENGTH']=255;
106
 
        $tab_typ_champ[1]['INPUT_TYPE']=0;
107
 
        $tab_name[1]=$l->g(49).": ";
108
 
        
109
 
        $tab_typ_champ[2]['DEFAULT_VALUE']=$_POST['LASTNAME'];
110
 
        $tab_typ_champ[2]['INPUT_NAME']="LASTNAME";
111
 
        $tab_typ_champ[2]['CONFIG']['SIZE']=60;
112
 
        $tab_typ_champ[2]['CONFIG']['MAXLENGTH']=255;
113
 
        $tab_typ_champ[2]['INPUT_TYPE']=0;
114
 
        $tab_name[2]=$l->g(996).": ";
115
 
        
116
 
        $tab_typ_champ[3]['DEFAULT_VALUE']=$_POST['COMMENTS'];
117
 
        $tab_typ_champ[3]['INPUT_NAME']="COMMENTS";
118
 
        $tab_typ_champ[3]['CONFIG']['SIZE']=60;
119
 
        $tab_typ_champ[3]['CONFIG']['MAXLENGTH']=255;
120
 
        $tab_typ_champ[3]['INPUT_TYPE']=0;
121
 
        $tab_name[3]=$l->g(51).": ";
122
 
                
123
 
        $tab_typ_champ[4]['DEFAULT_VALUE']=$list_profil;
124
 
        $tab_typ_champ[4]['INPUT_NAME']="ACCESSLVL";
125
 
        $tab_typ_champ[4]['INPUT_TYPE']=2;
126
 
        $tab_name[4]=$l->g(66).":";
127
 
        if ($_SESSION['cnx_origine'] == "LOCAL"){
128
 
                //rajouter le password si authentification locale
129
 
                $tab_typ_champ[5]['DEFAULT_VALUE']=$_POST['PASSWORD'];
130
 
                $tab_typ_champ[5]['INPUT_NAME']="PASSWORD";
131
 
                $tab_typ_champ[5]['CONFIG']['SIZE']=30;
132
 
                $tab_typ_champ[5]['INPUT_TYPE']=0;
133
 
                $tab_name[5]=$l->g(217).":";
134
 
        }
135
 
        if (isset($msg))
136
 
        echo "<font color=green>".$msg."</font>";
137
 
        tab_modif_values($tab_name,$tab_typ_champ,$tab_hidden,$l->g(244),$comment="");
138
 
}else{
139
 
        echo "<tr><td align=center>";
140
 
        //affichage
141
 
        $list_fields= array('ID'=>'ID',
142
 
                                                'FIRSTNAME'=>'FIRSTNAME',
143
 
                                                'LASTNAME'=>'LASTNAME',
144
 
                                                'ACCESSLVL'=>'ACCESSLVL',
145
 
                                                'COMMENTS'=>'COMMENTS',
146
 
                                                'SUP'=>'ID',
147
 
                                                'MODIF'=>'ID',
148
 
                                                'CHECK'=>'ID');
149
 
        $list_col_cant_del=array('ID'=>'ID','SUP'=>'SUP','MODIF'=>'MODIF','CHECK'=>'CHECK');
150
 
        $default_fields=$list_fields; 
151
 
        $queryDetails = 'SELECT ';
152
 
        foreach ($list_fields as $key=>$value){
153
 
                if($key != 'SUP' and $key != 'MODIF' and $key != 'CHECK')
154
 
                $queryDetails .= $key.',';              
155
 
        } 
156
 
        $queryDetails=substr($queryDetails,0,-1);
157
 
        $queryDetails .= " FROM operators where ACCESSLVL=".$_POST['onglet'];
158
 
        $tab_options['FILTRE']=array('LASTNAME'=>'LASTNAME','ID'=>'ID');
159
 
        if ($_POST['onglet'] == ADMIN){
160
 
                $tab_options['LIEN_LBL']['ID']='admin_perim.php?id=';
161
 
                $tab_options['LIEN_CHAMP']['ID']='ID';
162
 
                $tab_options['LIEN_TYPE']['ID']='POPUP';
163
 
                $tab_options['POPUP_SIZE']['ID']="width=550,height=650";
164
 
        }
165
 
        tab_req($table_name,$list_fields,$default_fields,$list_col_cant_del,$queryDetails,$form_name,100,$tab_options);
166
 
                //traitement par lot
167
 
        $img['image/sup_search.png']=$l->g(162);
168
 
        del_selection($form_name);
169
 
}
170
 
 
171
 
echo "</td></tr></table>";
172
 
if ($_POST['MODIF'] != ''){
173
 
        $choix=show_modif(array(1=>$data_on[1],2=>$data_on[2],3=>$data_on[3]),'CHANGE',2);
174
 
        echo "<tr><td align=center><b>".$l->g(911)."<font color=red> ".$_POST['MODIF']." </font></b>".$choix." <input type='submit' name='VALID_MODIF' value='".$l->g(910)."'></td></tr>";
175
 
        echo "<input type='hidden' name='MODIF_ON' value='".$_POST['MODIF']."'>";
176
 
}
177
 
echo "</table>";
178
 
echo "</form>";
179
 
?>