* */ /** * Class users: Contains all the functions and forms to manage users * * @author Claire Figueras * @license GPL * @package Maarch LetterBox 2.3 * @version 2.2 */ require_once("class_letterbox.php"); class users extends dbquery { /** * @access private * @var integer */ private $the_start; /** * SQL argument orderby name * @access private * @var string */ private $orderby; /** * SQL argument orderby * @access private * @var string */ private $sqlorderby; /** * Redefinition of the user object constructor : configure the SQL argument order by */ function __construct() { // configure the sql argument order by if(isset($_GET['start'])) { $this->the_start = strip_tags($_GET['start']); } else { $this->the_start = 0; } if(isset($_GET['order'])) { $this->orderby = strip_tags($_GET['order']); } else { $this->orderby = "nameasc"; } $this->sqlorderby = ""; if($this->orderby == "nameasc") { $this->sqlorderby = "order by LastName asc"; } if($this->orderby == "namedesc") { $this->sqlorderby = "order by LastName desc"; } if($this->orderby == "userasc") { $this->sqlorderby = "order by User_Id asc"; } if($this->orderby == "userdesc") { $this->sqlorderby = "order by User_Id desc"; } if($this->orderby == "statusasc") { $this->sqlorderby = "order by Status asc"; } if($this->orderby == "statusdesc") { $this->sqlorderby = "order by Status desc"; } if($this->orderby == "mailasc") { $this->sqlorderby = "order by Mail asc"; } if($this->orderby == "maildesc") { $this->sqlorderby = "order by Mail desc"; } } /** * Loads data related to the user groups (group name, role, primary group or not) in session variables * */ public function load_groups($user_id) { $groups = array(); $primary_group = ''; $this->connect(); $this->query("select uc.GROUP_ID, uc.PRIMARY_GROUP, uc.ROLE, u.CONSULT_GROUP from ".$_SESSION['tablename']['usergroup_content']." uc , ".$_SESSION['tablename']['usergroups']." u where uc.USER_ID ='".$user_id."' and u.GROUP_ID = uc.GROUP_ID and u.ENABLED= 'Y'"); if($this->nb_result() < 1) { $_SESSION['error'] = _USER_NO_GROUP.'. '._MORE_INFOS." ".$_SESSION['config']['adminname'].""; header("location: index.php"); exit; } else { $i =0; while($line = $this->fetch_object()) { $groups[$i]['GROUP_ID'] = $line->GROUP_ID; if($line->PRIMARY_GROUP == 'Y') { $primary_group = $line->GROUP_ID; } $groups[$i]['ROLE'] = $line->ROLE; $groups[$i]['CONSULT_GROUP'] = $line->CONSULT_GROUP; $i++; } } return array($primary_group, $groups); } /** * Loads in session variables, the security parameters corresponding to the user groups. * */ public function load_security($user_id) { $arr = array(); $this->connect(); $this->query("SELECT s.GROUP_ID, s.RES_TABLE, s.WHERE_CLAUSE , s.CAN_INSERT, s.CAN_UPDATE FROM ".$_SESSION['tablename']['security']." s, ".$_SESSION['tablename']['usergroup_content']." ugc , ".$_SESSION['tablename']['usergroups']." u WHERE ugc.user_id='".$user_id."' and ugc.group_id = s.group_id and ugc.group_id = u.group_id and u.enabled = 'Y'"); /*$_SESSION['user']['tables'] =array(); $_SESSION['user']['security'] = array(); $_SESSION['user']['can_index'] = false; $_SESSION['user']['can_postindex'] = false;*/ $arr['tables'] =array(); $arr['security'] = array(); $arr['can_index'] = false; $arr['can_postindex'] = false; $i =0; $can_index = false; $can_postindex = false; while($line = $this->fetch_object()) { if( ! in_array($line->RES_TABLE, $arr['tables'] ) ) { $arr['security'][$i]['table'] = $line->RES_TABLE; if($line->WHERE_CLAUSE <> "") { $where = "( ".$line->WHERE_CLAUSE." )"; } else { $where = "( 1=1 )"; } $arr['security'][$i]['where'] = $where; $arr['security'][$i]['can_insert'] = $line->CAN_INSERT; if ($line->CAN_INSERT == 'Y') { $can_index = true; } if ($line->CAN_UPDATE == 'Y') { $can_postindex = true; } $arr['security'][$i]['can_update'] = $line->CAN_UPDATE; array_push($arr['tables'] , $line->RES_TABLE); $i++; } else { $key = -1; for($j=0; $jRES_TABLE) { $key = $j; break; } } if($line->WHERE_CLAUSE == "") { $where = "( 1=1 )"; } else { $where = "( ".$line->WHERE_CLAUSE." )"; } if($key > -1) { $arr['security'][$key]['where'] .= " or ".$where; } if($line->CAN_INSERT == 'Y') { $arr['security'][$key]['can_insert'] = $line->CAN_INSERT; $can_index = true; } if($line->CAN_UPDATE == 'Y') { $arr['security'][$key]['can_update'] = $line->CAN_UPDATE; $can_postindex = true; } } } $arr['can_index'] = $can_index; $arr['can_postindex'] = $can_postindex; return $arr; } /** * To log a user * * @param string $s_login user login * @param string $pass user password */ public function login($s_login,$pass) { // To log a user $this->connect(); $this->query("select * from ".$_SESSION['tablename']['users']." where User_Id = '".$s_login."' and password = '".$pass."' and STATUS <> 'DEL' "); if($this->nb_result() > 0) { $line = $this->fetch_object(); if($line->ENABLED == "Y") { $_SESSION['user']['change_pass'] = $line->CHANGE_PASSWORD; $_SESSION['user']['UserId'] = $line->USER_ID; $_SESSION['user']['FirstName'] = $line->FIRSTNAME; $_SESSION['user']['LastName'] = $line->LASTNAME; $_SESSION['user']['Phone'] = $line->PHONE; $_SESSION['user']['Mail'] = $line->MAIL; $_SESSION['user']['department'] = $line->DEPARTMENT; $_SESSION['user']['Fonction'] = $line->FONCTION; $_SESSION['error'] = ""; setcookie("maarch", "UserId=".$_SESSION['user']['UserId']."&key=".$line->COOKIE_KEY,time()-3600000); $key = md5(time()."%".$_SESSION['user']['FirstName']."%".$_SESSION['user']['UserId']."%".$_SESSION['user']['UserId']."%".date("dmYHmi")."%"); $this->query("update ".$_SESSION['tablename']['users']." set cookie_key = '".$key."', cookie_date = '".date("Y-m-d")." ".date("H:m:i")."' where User_Id = '".$_SESSION['user']['UserId']."' and Mail = '".$_SESSION['user']['Mail']."'"); setcookie("maarch", "UserId=".$_SESSION['user']['UserId']."&key=".$key,time()+3600000); $this->query("select SERVICE from ".$_SESSION['tablename']['services']." where ID = '".$_SESSION['user']['department']."'"); $res = $this->fetch_object(); $_SESSION['user']['department_label'] = $res->SERVICE; $tmp = $this->load_groups($_SESSION['user']['UserId']); $_SESSION['user']['primarygroup']= $tmp[0]; $_SESSION['user']['groups'] = $tmp[1]; $this->query("SELECT u.ADMINISTRATOR FROM ".$_SESSION['tablename']['usergroup_content']." ugc, ".$_SESSION['tablename']['usergroups']." u where ugc.user_id = '".$_SESSION['user']['UserId']."' and ugc.group_id = u.group_id and u.enabled ='Y' and u.ADMINISTRATOR ='Y' "); $_SESSION['user']['admin'] = false; if($this->nb_result() > 0) { $_SESSION['user']['admin'] = true; } $this->query("SELECT u.EXPORT FROM ".$_SESSION['tablename']['usergroup_content']." ugc, ".$_SESSION['tablename']['usergroups']." u where ugc.user_id = '".$_SESSION['user']['UserId']."' and ugc.group_id = u.group_id and u.enabled ='Y' and u.EXPORT ='Y' "); $_SESSION['user']['export'] = false; if($this->nb_result() > 0) { $_SESSION['user']['export'] = true; } $this->query("SELECT u.VIEW_RELANCE FROM ".$_SESSION['tablename']['usergroup_content']." ugc, ".$_SESSION['tablename']['usergroups']." u where ugc.user_id = '".$_SESSION['user']['UserId']."' and ugc.group_id = u.group_id and u.enabled ='Y' and u.VIEW_RELANCE='Y' "); $_SESSION['user']['view_relance'] = false; if($this->nb_result() > 0) { $_SESSION['user']['view_relance'] = true; } $this->query("SELECT u.VIEW_STATS FROM ".$_SESSION['tablename']['usergroup_content']." ugc, ".$_SESSION['tablename']['usergroups']." u where ugc.user_id = '".$_SESSION['user']['UserId']."' and ugc.group_id = u.group_id and u.enabled ='Y' and u.VIEW_STATS='Y' "); $_SESSION['user']['view_stats'] = false; if($this->nb_result() > 0) { $_SESSION['user']['view_stats'] = true; } $this->query("SELECT u.MODIF_RIGHTS FROM ".$_SESSION['tablename']['usergroup_content']." ugc, ".$_SESSION['tablename']['usergroups']." u where ugc.user_id = '".$_SESSION['user']['UserId']."' and ugc.group_id = u.group_id and u.enabled ='Y' and u.MODIF_RIGHTS='Y' "); $_SESSION['user']['modif_rights'] = false; if($this->nb_result() > 0) { $_SESSION['user']['modif_rights'] = true; } $this->query("SELECT u.DELETE_RIGHTS FROM ".$_SESSION['tablename']['usergroup_content']." ugc, ".$_SESSION['tablename']['usergroups']." u where ugc.user_id = '".$_SESSION['user']['UserId']."' and ugc.group_id = u.group_id and u.enabled ='Y' and u.DELETE_RIGHTS='Y' "); $_SESSION['user']['delete_rights'] = false; if($this->nb_result() > 0) { $_SESSION['user']['delete_rights'] = true; } $this->query("SELECT u.PRINT_RIGHTS FROM ".$_SESSION['tablename']['usergroup_content']." ugc, ".$_SESSION['tablename']['usergroups']." u where ugc.user_id = '".$_SESSION['user']['UserId']."' and ugc.group_id = u.group_id and u.enabled ='Y' and u.PRINT_RIGHTS='Y' "); $_SESSION['user']['print_rights'] = false; if($this->nb_result() > 0) { $_SESSION['user']['print_rights'] = true; } $arr_sec = $this->load_security($_SESSION['user']['UserId']); $_SESSION['user']['tables'] = $arr_sec['tables']; $_SESSION['user']['security'] = $arr_sec['security']; $_SESSION['user']['can_index'] = $arr_sec['can_index']; $_SESSION['user']['can_postindex'] = $arr_sec['can_postindex']; require_once("class_basket.php"); $bask = new basket(); $bask->load_activity_user(); $_SESSION['user']['services'] = $bask->load_services($_SESSION['user']['UserId']); if($_SESSION['user']['admin']) { $bask->get_baskets_pages(); } $bask->load_basket(); //$this->show_array($_SESSION['user']['baskets']); $bask->load_basket_abs(); //$this->show_array($_SESSION['user']['baskets']); $this->load_emet(); // exit(); $this->load_sender(); /****************************/ /* $ip = $_SERVER['REMOTE_ADDR']; $navigateur = addslashes($_SERVER['HTTP_USER_AGENT']); $host = gethostbyaddr($_SERVER['REMOTE_ADDR']); $this->query("INSERT into connexion_history (IP, BROWSER, HOST, DATE) VALUES ('".$ip."', '".$navigateur."', '".$host."', now())");*/ /***************************/ if($_SESSION['user']['change_pass'] == 'Y') { header("location: change_pass.php"); exit; } if($_SESSION['req_type'] == "scan") { header("location: index_scansnap.php"); exit; } elseif($_SESSION['req_type'] == "files") { header("location: file_index.php"); exit; } else { header("location: index.php?page=".$_SESSION["config"]["defaultPage"].".php"); exit; } } else { $_SESSION['error'] = _SUSPENDED_ACCOUNT.'. '._MORE_INFOS." ".$_SESSION['config']['adminname'].""; header("location: login.php"); exit; } } else { $_SESSION['error'] = _BAD_LOGIN_OR_PSW."..."; header("location: login.php"); exit; } } /** * Load the shipper in session * */ public function load_emet() { $db = new dbquery(); $db->connect(); $db->query("SELECT * FROM ".$_SESSION['tablename']['senders']." WHERE (TOCONTACT <> 'EXT' or TOCONTACT is null or TOCONTACT = '') order by LASTNAME"); $_SESSION['emetteur'] = array(); while ($emet_res = $db->fetch_object()) { array_push($_SESSION['emetteur'], array('NOM' => $emet_res->LASTNAME, 'PRENOM' =>$emet_res->FIRSTNAME, 'SOCIETE' => $emet_res->SOCIETY) ); } } /** * To log a user with gdi module * * @param string $s_login user login * @param string $pass user password */ public function login_gdi($s_login,$pass, $gdi_id) { // To log a user $this->connect(); $this->query("select * from ".$_SESSION['tablename']['users']." where User_Id = '".$s_login."' and password = '".$pass."' and STATUS <> 'DEL'"); //echo "test"; exit(); if($this->nb_result() > 0) { $line = $this->fetch_object(); if($line->ENABLED == "Y") { $_SESSION['user']['change_pass'] = $line->CHANGE_PASSWORD; $_SESSION['user']['UserId'] = $line->USER_ID; $_SESSION['user']['FirstName'] = $line->FIRSTNAME; $_SESSION['user']['LastName'] = $line->LASTNAME; $_SESSION['user']['Phone'] = $line->PHONE; $_SESSION['user']['Mail'] = $line->MAIL; $_SESSION['user']['department'] = $line->DEPARTMENT; $_SESSION['user']['Fonction'] = $line->FONCTION; $_SESSION['error'] = ""; setcookie("maarch", "UserId=".$_SESSION['user']['UserId']."&key=".$line->COOKIE_KEY,time()-3600000); $key = md5(time()."%".$_SESSION['user']['FirstName']."%".$_SESSION['user']['UserId']."%".$_SESSION['user']['UserId']."%".date("dmYHmi")."%"); $this->query("update ".$_SESSION['tablename']['users']." set cookie_key = '".$key."', cookie_date = '".date("Y-m-d")." ".date("H:m:i")."' where User_Id = '".$_SESSION['user']['UserId']."' and Mail = '".$_SESSION['user']['Mail']."'"); setcookie("maarch", "UserId=".$_SESSION['user']['UserId']."&key=".$key,time()+3600000); $this->query("select SERVICE from ".$_SESSION['tablename']['services']." where ID = '".$_SESSION['user']['department']."'"); $res = $this->fetch_object(); $_SESSION['user']['department_label'] = $res->SERVICE; $tmp = $this->load_groups($_SESSION['user']['UserId']); $_SESSION['user']['primarygroup']= $tmp[0]; $_SESSION['user']['groups'] = $tmp[1]; $this->query("SELECT u.ADMINISTRATOR FROM ".$_SESSION['tablename']['usergroup_content']." ugc, ".$_SESSION['tablename']['usergroups']." u where ugc.user_id = '".$_SESSION['user']['UserId']."' and ugc.group_id = u.group_id and u.enabled ='Y' and u.ADMINISTRATOR ='Y' "); $_SESSION['user']['admin'] = false; if($this->nb_result() > 0) { $_SESSION['user']['admin'] = true; } $this->query("SELECT u.EXPORT FROM ".$_SESSION['tablename']['usergroup_content']." ugc, ".$_SESSION['tablename']['usergroups']." u where ugc.user_id = '".$_SESSION['user']['UserId']."' and ugc.group_id = u.group_id and u.enabled ='Y' and u.EXPORT ='Y' "); $_SESSION['user']['export'] = false; if($this->nb_result() > 0) { $_SESSION['user']['export'] = true; } $this->query("SELECT u.VIEW_RELANCE FROM ".$_SESSION['tablename']['usergroup_content']." ugc, ".$_SESSION['tablename']['usergroups']." u where ugc.user_id = '".$_SESSION['user']['UserId']."' and ugc.group_id = u.group_id and u.enabled ='Y' and u.VIEW_RELANCE='Y' "); $_SESSION['user']['view_relance'] = false; if($this->nb_result() > 0) { $_SESSION['user']['view_relance'] = true; } $this->query("SELECT u.VIEW_STATS FROM ".$_SESSION['tablename']['usergroup_content']." ugc, ".$_SESSION['tablename']['usergroups']." u where ugc.user_id = '".$_SESSION['user']['UserId']."' and ugc.group_id = u.group_id and u.enabled ='Y' and u.VIEW_STATS='Y' "); $_SESSION['user']['view_stats'] = false; if($this->nb_result() > 0) { $_SESSION['user']['view_stats'] = true; } $this->query("SELECT u.MODIF_RIGHTS FROM ".$_SESSION['tablename']['usergroup_content']." ugc, ".$_SESSION['tablename']['usergroups']." u where ugc.user_id = '".$_SESSION['user']['UserId']."' and ugc.group_id = u.group_id and u.enabled ='Y' and u.MODIF_RIGHTS='Y' "); $_SESSION['user']['modif_rights'] = false; if($this->nb_result() > 0) { $_SESSION['user']['modif_rights'] = true; } $arr_sec = $this->load_security($_SESSION['user']['UserId']); $_SESSION['user']['tables'] = $arr_sec['tables']; $_SESSION['user']['security'] = $arr_sec['security']; $_SESSION['user']['can_index'] = $arr_sec['can_index']; $_SESSION['user']['can_postindex'] = $arr_sec['can_postindex']; require_once("class_basket.php"); $bask = new basket(); $bask->load_activity_user(); $_SESSION['user']['services'] = $bask->load_services($_SESSION['user']['UserId']); $bask->load_basket(); $bask->load_basket_abs(); $this->load_emet(); /****************************/ /* $ip = $_SERVER['REMOTE_ADDR']; $navigateur = addslashes($_SERVER['HTTP_USER_AGENT']); $host = gethostbyaddr($_SERVER['REMOTE_ADDR']); $this->query("INSERT into connexion_history (IP, BROWSER, HOST, DATE) VALUES ('".$ip."', '".$navigateur."', '".$host."', now())");*/ /***************************/ $this->query("SELECT * FROM res_x WHERE GID_ID = '".$gdi_id."' "); $res_gdi = $this->fetch_object(); header("location: view_gdi.php?id=".$res_gdi->RES_ID); exit; } else { $_SESSION['error'] = _SUSPENDED_ACCOUNT.'. '._MORE_INFOS." ".$_SESSION['config']['adminname'].""; header("location: login.php"); exit; } } else { $_SESSION['error'] = _BAD_LOGIN_OR_PSW."..."; header("location: login.php"); exit; } } /** * Load the sender in session * */ public function load_sender() { $db = new dbquery(); $db->connect(); $db->query("SELECT * FROM ".$_SESSION['tablename']['senders']." WHERE TOCONTACT = 'EXT' order by LASTNAME"); $_SESSION['sender'] = array(); while ($emet_res = $db->fetch_object()) { array_push($_SESSION['sender'], array('NOM' => $emet_res->LASTNAME, 'PRENOM' =>$emet_res->FIRSTNAME, 'SOCIETE' => $emet_res->SOCIETY, 'ID' => $emet_res->ID) ); } } /** * To reopen a session with the user's cookie * * @param string $s_UserId user identifier * @param string $s_key cookie key */ public function reopen($s_UserId,$s_key) { // to reopen a session with the user's cookie $this->connect(); $this->query("select * from ".$_SESSION['tablename']['users']." where User_Id = '".$s_UserId."' and cookie_key = '".$s_key."' and STATUS <> 'DEL'"); if($this->nb_result() > 0) { $line = $this->fetch_object(); if($line->ENABLED == "Y") { $_SESSION['user']['UserId'] = $line->USER_ID; $_SESSION['user']['FirstName'] = $line->FIRSTNAME; $_SESSION['user']['LastName'] = $line->LASTNAME; $_SESSION['user']['Phone'] = $line->PHONE; $_SESSION['user']['Mail'] = $line->MAIL; $_SESSION['user']['department'] = $line->DEPARTMENT; $_SESSION['user']['Fonction'] = $line->FONCTION; $_SESSION['error'] = ""; setcookie("maarch", "UserId=".$_SESSION['user']['UserId']."&key=".$line->COOKIE_KEY,time()-3600000); $key = md5(time()."%".$_SESSION['user']['FirstName']."%".$_SESSION['user']['UserId']."%".$_SESSION['user']['UserId']."%".date("dmYHmi")."%"); $this->query("update ".$_SESSION['tablename']['users']." set cookie_key = '".$key."', cookie_date = '".date("Y-m-d")." ".date("H:m:i")."' where User_Id = '".$_SESSION['user']['UserId']."' and Mail = '".$_SESSION['user']['Mail']."'"); setcookie("maarch", "UserId=".$_SESSION['user']['UserId']."&key=".$key,time()+3600000); $this->query("select SERVICE from ".$_SESSION['tablename']['services']." where ID = '".$_SESSION['user']['department']."'"); $res = $this->fetch_object(); $_SESSION['user']['department_label'] = $res->SERVICE; $tmp = $this->load_groups($_SESSION['user']['UserId']); $_SESSION['user']['primarygroup']= $tmp[0]; $_SESSION['user']['groups'] = $tmp[1]; $this->query("SELECT u.ADMINISTRATOR FROM ".$_SESSION['tablename']['usergroup_content']." ugc, ".$_SESSION['tablename']['usergroups']." u where ugc.user_id = '".$_SESSION['user']['UserId']."' and ugc.group_id = u.group_id and u.enabled ='Y' and u.ADMINISTRATOR ='Y' "); $_SESSION['user']['admin'] = false; if($this->nb_result() > 0) { $_SESSION['user']['admin'] = true; } $this->query("SELECT u.VIEW_RELANCE FROM ".$_SESSION['tablename']['usergroup_content']." ugc, ".$_SESSION['tablename']['usergroups']." u where ugc.user_id = '".$_SESSION['user']['UserId']."' and ugc.group_id = u.group_id and u.enabled ='Y' and u.VIEW_RELANCE='Y' "); $_SESSION['user']['view_relance'] = false; if($this->nb_result() > 0) { $_SESSION['user']['view_relance'] = true; } $this->query("SELECT u.VIEW_STATS FROM ".$_SESSION['tablename']['usergroup_content']." ugc, ".$_SESSION['tablename']['usergroups']." u where ugc.user_id = '".$_SESSION['user']['UserId']."' and ugc.group_id = u.group_id and u.enabled ='Y' and u.VIEW_STATS='Y' "); $_SESSION['user']['view_stats'] = false; if($this->nb_result() > 0) { $_SESSION['user']['view_stats'] = true; } $this->query("SELECT u.EXPORT FROM ".$_SESSION['tablename']['usergroup_content']." ugc, ".$_SESSION['tablename']['usergroups']." u where ugc.user_id = '".$_SESSION['user']['UserId']."' and ugc.group_id = u.group_id and u.enabled ='Y' and u.EXPORT ='Y' "); $_SESSION['user']['export'] = false; if($this->nb_result() > 0) { $_SESSION['user']['export'] = true; } $this->query("SELECT u.MODIF_RIGHTS FROM ".$_SESSION['tablename']['usergroup_content']." ugc, ".$_SESSION['tablename']['usergroups']." u where ugc.user_id = '".$_SESSION['user']['UserId']."' and ugc.group_id = u.group_id and u.enabled ='Y' and u.MODIF_RIGHTS='Y' "); $_SESSION['user']['modif_rights'] = false; if($this->nb_result() > 0) { $_SESSION['user']['modif_rights'] = true; } $this->query("SELECT u.DELETE_RIGHTS FROM ".$_SESSION['tablename']['usergroup_content']." ugc, ".$_SESSION['tablename']['usergroups']." u where ugc.user_id = '".$_SESSION['user']['UserId']."' and ugc.group_id = u.group_id and u.enabled ='Y' and u.DELETE_RIGHTS='Y' "); $_SESSION['user']['delete_rights'] = false; if($this->nb_result() > 0) { $_SESSION['user']['delete_rights'] = true; } $this->query("SELECT u.PRINT_RIGHTS FROM ".$_SESSION['tablename']['usergroup_content']." ugc, ".$_SESSION['tablename']['usergroups']." u where ugc.user_id = '".$_SESSION['user']['UserId']."' and ugc.group_id = u.group_id and u.enabled ='Y' and u.PRINT_RIGHTS='Y' "); $_SESSION['user']['print_rights'] = false; if($this->nb_result() > 0) { $_SESSION['user']['print_rights'] = true; } $arr_sec = $this->load_security($_SESSION['user']['UserId']); $_SESSION['user']['tables'] = $arr_sec['tables']; $_SESSION['user']['security'] = $arr_sec['security']; $_SESSION['user']['can_index'] = $arr_sec['can_index']; $_SESSION['user']['can_postindex'] = $arr_sec['can_postindex']; require_once("class_basket.php"); $bask = new basket(); $bask->load_activity_user(); $_SESSION['user']['services'] = $bask->load_services($_SESSION['user']['UserId']); if($_SESSION['user']['admin']) { $bask->get_baskets_pages(); } $bask->load_basket(); $bask->load_basket_abs(); $this->load_emet(); $this->load_sender(); /****************************/ /* $ip = $_SERVER['REMOTE_ADDR']; $navigateur = addslashes($_SERVER['HTTP_USER_AGENT']); $host = gethostbyaddr($_SERVER['REMOTE_ADDR']); $this->query("INSERT into connexion_history (IP, BROWSER, HOST, DATE) VALUES ('".$ip."', '".$navigateur."', '".$host."', now())");*/ /***************************/ if($_SESSION['user']['change_pass'] == 'Y') { header("location: change_pass.php"); exit; } if($_SESSION['req_type'] == "scan") { header("location: index_scansnap.php"); exit; } elseif($_SESSION['req_type'] == "files") { header("location: file_index.php"); exit; } else { header("location: index.php?page=".$_SESSION["config"]["defaultPage"].".php"); exit; } } else { $_SESSION['error'] = _SUSPENDED_ACCOUNT.'. '._MORE_INFOS." ".$_SESSION['config']['adminname'].""; header("location: login.php"); exit; } } else { header("location: login.php"); exit; } } /** * Build Maarch configuration into sessions vars with an xml configuration file */ public function build_config() { // build Maarch configuration into sessions vars $xmlconfig = simplexml_load_file('xml/config.xml'); $initLB= new LetterBox(); $initLB->xmltosessionletterbox(); foreach($xmlconfig->CONFIG as $CONFIG) { $_SESSION['config']['databaseserver'] = utf8_decode((string) $CONFIG->databaseserver); $_SESSION['config']['databasename'] = utf8_decode((string) $CONFIG->databasename); $_SESSION['config']['databaseuser'] = utf8_decode((string) $CONFIG->databaseuser); $_SESSION['config']['databasepassword'] = utf8_decode((string) $CONFIG->databasepassword); $_SESSION['config']['tmpdir'] = utf8_decode((string) $CONFIG->tmpdir); $_SESSION['config']['nblinetoshow'] = utf8_decode((string) $CONFIG->nblinetoshow); $_SESSION['config']['limitcharsearch'] = utf8_decode((string) $CONFIG->limitcharsearch); $_SESSION['config']['lang'] = utf8_decode((string) $CONFIG->lang); $_SESSION['config']['adminmail'] = utf8_decode((string) $CONFIG->adminmail); $_SESSION['config']['adminname'] = utf8_decode((string) $CONFIG->adminname); $_SESSION['config']['enabledadvsearch'] = utf8_decode((string) $CONFIG->enabledadvsearch); $_SESSION['config']['enabledindexfile'] = utf8_decode((string) $CONFIG->enabledindexfile); $_SESSION['config']['enabledvalidation'] = utf8_decode((string) $CONFIG->enabledvalidation); $_SESSION['config']['enabledprocess'] = utf8_decode((string) $CONFIG->enabledprocess); $_SESSION['config']['enablestats'] = utf8_decode((string) $CONFIG->enablestats); $_SESSION['config']['enablechangenotif'] = utf8_decode((string) $CONFIG->enablechangenotif); $_SESSION['config']['shortcut'] = utf8_decode((string) $CONFIG->shortcut); $_SESSION['config']['xmlpath'] = utf8_decode((string) $CONFIG->xmlpath); $_SESSION['config']['debug'] = utf8_decode((string) $CONFIG->debug); $_SESSION['config']['applicationname'] = utf8_decode((string) $CONFIG->applicationname); $_SESSION['config']['css'] = utf8_decode((string) $CONFIG->css); $_SESSION['config']['css_IE'] = utf8_decode((string) $CONFIG->css_ie); $_SESSION['config']['css_IE7'] = utf8_decode((string) $CONFIG->css_ie7); $_SESSION['config']['img'] = utf8_decode((string) $CONFIG->img); $_SESSION['config']['MaarchURL'] = utf8_decode((string) $CONFIG->MaarchURL); $_SESSION['config']['defaultPage'] = utf8_decode((string) $CONFIG->defaultPage); $_SESSION['config']['exportlist'] = utf8_decode((string) $CONFIG->exportlist); $_SESSION['config']['corporate'] = utf8_decode((string) $CONFIG->corporate); $_SESSION['config']['cookietime'] = utf8_decode((string) $CONFIG->CookieTime); $_SESSION['config']['redirect_list'] = utf8_decode((string) $CONFIG->redirect_list); $_SESSION['config']['gdi_index'] = utf8_decode((string) $CONFIG->gdi_index); $_SESSION['config']['mail_for_answer_by_index_file'] = utf8_decode((string) $CONFIG->mail_for_answer_by_index_file); $_SESSION['config']['force_client_utf8'] = utf8_decode((string) $CONFIG->force_client_utf8); $_SESSION['config']['show_welcome_graph'] = utf8_decode((string) $CONFIG->show_welcome_graph); $_SESSION['config']['search_max_size'] = utf8_decode((string) $CONFIG->search_max_size); $_SESSION['config']['printsep'] = utf8_decode((string) $CONFIG->printsep); $_SESSION['config']['modifycopylist'] = utf8_decode((string) $CONFIG->modifycopylist); $_SESSION['config']['enable_topics'] = utf8_decode((string) $CONFIG->enable_topics); } foreach($xmlconfig->TABLENAME as $TABLENAME) { $_SESSION['tablename']['arboxes'] = utf8_decode((string) $TABLENAME->arboxes); $_SESSION['tablename']['arcontainers'] = utf8_decode((string) $TABLENAME->arcontainers); $_SESSION['tablename']['authors'] = utf8_decode((string) $TABLENAME->authors); $_SESSION['tablename']['baskets'] = utf8_decode((string) $TABLENAME->baskets); $_SESSION['tablename']['docservers'] = utf8_decode((string) $TABLENAME->docservers); $_SESSION['tablename']['doctypes'] = utf8_decode((string) $TABLENAME->doctypes); $_SESSION['tablename']['domains'] = utf8_decode((string) $TABLENAME->domains); $_SESSION['tablename']['domain_service'] = utf8_decode((string) $TABLENAME->domain_service); $_SESSION['tablename']['ext_docserver'] = utf8_decode((string) $TABLENAME->extdocserver); $_SESSION['tablename']['fulltext'] = utf8_decode((string) $TABLENAME->fulltext); $_SESSION['tablename']['groupbasket'] = utf8_decode((string) $TABLENAME->groupbaskets); $_SESSION['tablename']['groupsecurity'] = utf8_decode((string) $TABLENAME->groupsecurity); $_SESSION['tablename']['history'] = utf8_decode((string) $TABLENAME->history); $_SESSION['tablename']['listinstance'] = utf8_decode((string) $TABLENAME->listinstance); $_SESSION['tablename']['listmodel'] = utf8_decode((string) $TABLENAME->listmodel); $_SESSION['tablename']['models'] = utf8_decode((string) $TABLENAME->models); $_SESSION['tablename']['model_service'] = utf8_decode((string) $TABLENAME->model_service); $_SESSION['tablename']['param'] = utf8_decode((string) $TABLENAME->param); $_SESSION['tablename']['resgroups'] = utf8_decode((string) $TABLENAME->resgroups); $_SESSION['tablename']['resgroup_content'] = utf8_decode((string) $TABLENAME->resgroup_content); $_SESSION['tablename']['security'] = utf8_decode((string) $TABLENAME->security); $_SESSION['tablename']['usergroups'] = utf8_decode((string) $TABLENAME->usergroups); $_SESSION['tablename']['usergroup_content'] = utf8_decode((string) $TABLENAME->usergroupcontent); $_SESSION['tablename']['users'] = utf8_decode((string) $TABLENAME->users); $_SESSION['tablename']['services'] = utf8_decode((string) $TABLENAME->services); $_SESSION['tablename']['missing_user'] = utf8_decode((string) $TABLENAME->missing_user); $_SESSION['tablename']['senders'] = utf8_decode((string) $TABLENAME->sender); $_SESSION['tablename']['notes'] = utf8_decode((string) $TABLENAME->notes); $_SESSION['tablename']['saved_queries'] = utf8_decode((string) $TABLENAME->saved_queries); } $i=0; foreach($xmlconfig->RESOURCES as $RESOURCES) { $_SESSION['ressources'][$i] = array("tablename" => utf8_decode((string) $RESOURCES->tablename), "comment" => utf8_decode((string) $RESOURCES->comment)); $i++; } foreach($xmlconfig->HISTORY as $HISTORY) { $_SESSION['history']['usersdel'] = utf8_decode((string) $HISTORY->usersdel); $_SESSION['history']['usersban'] = utf8_decode((string) $HISTORY->usersban); $_SESSION['history']['usersadd'] = utf8_decode((string) $HISTORY->usersadd); $_SESSION['history']['usersup'] = utf8_decode((string) $HISTORY->usersup); $_SESSION['history']['usersval'] = utf8_decode((string) $HISTORY->usersval); $_SESSION['history']['doctypesdel'] = utf8_decode((string) $HISTORY->doctypesdel); $_SESSION['history']['doctypesadd'] = utf8_decode((string) $HISTORY->doctypesadd); $_SESSION['history']['doctypesup'] = utf8_decode((string) $HISTORY->doctypesup); $_SESSION['history']['doctypesval'] = utf8_decode((string) $HISTORY->doctypesval); $_SESSION['history']['doctypesprop'] = utf8_decode((string) $HISTORY->doctypesprop); $_SESSION['history']['resadd'] = utf8_decode((string) $HISTORY->resadd); $_SESSION['history']['resup'] = utf8_decode((string) $HISTORY->resup); $_SESSION['history']['resdel'] = utf8_decode((string) $HISTORY->resdel); $_SESSION['history']['usergroupsdel'] = utf8_decode((string) $HISTORY->usergroupsdel); $_SESSION['history']['usergroupsban'] = utf8_decode((string) $HISTORY->usergroupsban); $_SESSION['history']['usergroupsadd'] = utf8_decode((string) $HISTORY->usergroupsadd); $_SESSION['history']['usergroupsup'] = utf8_decode((string) $HISTORY->usergroupsup); $_SESSION['history']['usergroupsval'] = utf8_decode((string) $HISTORY->usergroupsval); $_SESSION['history']['diffusion'] = utf8_decode((string) $HISTORY->diffusion); $_SESSION['history']['redirection'] = utf8_decode((string) $HISTORY->redirection); $_SESSION['history']['userabs'] = utf8_decode((string) $HISTORY->userabs); $_SESSION['history']['modelsadd'] = utf8_decode((string) $HISTORY->modelsadd); $_SESSION['history']['modelsup'] = utf8_decode((string) $HISTORY->modelsup); $_SESSION['history']['modelsdel'] = utf8_decode((string) $HISTORY->modelsdel); $_SESSION['history']['notesadd'] = utf8_decode((string) $HISTORY->notesadd); $_SESSION['history']['notesup'] = utf8_decode((string) $HISTORY->notesup); $_SESSION['history']['notesdel'] = utf8_decode((string) $HISTORY->notesdel); } } /** * Build the alphabetic list of users letters */ public function userslistletters() { // build the alphabetic list of users letters ?> connect(); $db_abs->query("select distinct USER_ABS from ".$_SESSION['tablename']['missing_user']); //$db_abs->show(); $j=0; while($line = $db_abs->fetch_object()) { $user_abs[$j] = $line->USER_ABS; $j++; } */ $this->connect(); $this->query("select count(*) as total from ".$table_name." where STATUS <> 'DEL'"); $nb_total_1 = $this->fetch_object(); $nb_total = $nb_total_1->total; // define the defaults values $nb_pages = ceil($nb_total/$nb_show); $link = "index.php?page=".$page_name."&start=".$this->the_start."&order=".$this->orderby.$what; if($nb_pages > 1) { $next_start = 0; $page_list1 = '

'._GO_TO_PAGE.' '; $lastpage = 0; for($i = 0;$i <> $nb_pages; $i++) { $page_name = $i + 1; $the_line = $i + 1; if($this->the_start == $next_start) { $page_list1 .= ""; $page_list2 .= ""; } else { $page_list1 .= ""; $page_list2 .= ""; } $next_start = $next_start + $nb_show; $lastpage = $next_start; } $lastpage = $lastpage - $nb_show; $previous = ""; $next = ""; if($this->the_start > 0) { $start_prev = $this->the_start - $nb_show; $previous = ''._PREVIOUS.''; } if($this->the_start <> $lastpage) { $start_next = $this->the_start + $nb_show; $next = ''._NEXT.''; } $page_list1 = $page_list1.""; $page_list2 = $page_list2.""; if($previous <> '' || $next <> '') { if(empty($previous)) { $previous = " "; } if(empty($next)) { $next = " "; } $page_list1 .= $previous." ".$next.'

'; $page_list2 .= $previous." ".$next.'

'; } } $this->query("select * from ".$table_name." where STATUS <> 'DEL' ".$where." ".$this->sqlorderby." limit ".$this->the_start.",".$nb_show); echo '

'.$title.'

'; $this->userslistletters(); echo $page_list1; $db = new dbquery(); $db->connect(); ?> fetch_object()) { if($color == ' class="col"') { $color = ''; } else { $color = ' class="col"'; } ?> >



USER_ID.""; $is_abs = false; if($line->STATUS == 'ABS') { $is_abs = true; } /for ($n=0; $n<=count($user_abs); $n++) { if ($line->USER_ID == $user_abs[$n]) { $is_abs = true; } }/ if ($is_abs==true) { echo "("._MISSING.")"; } ?>	show($line->LASTNAME); ?>	show($line->FIRSTNAME); ?>	ENABLED == "N") { ?> ENABLED == "Y") { ?>	query("select SERVICE from ".$_SESSION['tablename']['services']. " where ID = '".$line->DEPARTMENT."'"); $res = $db->fetch_object(); echo str_replace('\\', '',$res->SERVICE); ?>	ENABLED == "Y") { echo ''._MODIFY.''; } ?>	ENABLED == "N" ) { echo ''._AUTHORIZE.''; } else { echo ''._SUSPEND.''; } ?>	USER_ID.'" class="delete" onclick="return(confirm(\''._REALLY_DELETE.' '.$line->FIRSTNAME.' '.$line->LASTNAME.' ?\n'._DEFINITIVE_ACTION.'\'));">'._DELETE.''; ?>

clearuserinfos(); } /** * To allow administrator to admin users * * @param integer $id user identifier * @param string $mode allow, ban or del */ public function adminuser($id,$mode) { // To allow administrator to admin users if(!empty($_SESSION['error'])) { header("location: index.php?page=users"); exit; } else { $this->connect(); $this->query("select USER_ID, FirstName, LastName from ".$_SESSION['tablename']['users']." where user_id = '".$id."'"); if($this->nb_result() == 0) { $_SESSION['error'] = _USER.' '._UNKNOWN; header("location: index.php?page=users"); exit; } else { $info = $this->fetch_object(); $theuser = $info->LastName." ".$info->FirstName; if($mode == "allow") { $this->query("Update ".$_SESSION['tablename']['users']." set enabled = 'Y' where user_id = '".$id."'"); if($_SESSION['history']['usersval'] == "true") { require("class_history.php"); $users = new history(); $users->add($_SESSION['tablename']['users'], $id,"VAL",_USER_AUTORIZATION." ".$theuser); } $_SESSION['error'] = _AUTORIZED_USER; } elseif($mode == "ban") { $this->query("Update ".$_SESSION['tablename']['users']." set enabled = 'N' where user_id = '".$id."'"); if($_SESSION['history']['usersban'] == "true") { require("class_history.php"); $users = new history(); $users->add($_SESSION['tablename']['users'], $id,"BAN",_USER_SUSPENSION." : ".$theuser); } $_SESSION['error'] = _SUSPENDED_USER; } elseif($mode == "del" ) { $this->query("update ".$_SESSION['tablename']['users']." set STATUS = 'DEL' where user_id = '".$id."'"); $this->query("delete from ".$_SESSION['tablename']['usergroup_content']." where user_id = '".$id."'"); $this->query("select ID from ".$_SESSION['tablename']['listmodel']." where user_id = '".$id."'"); $db = new dbquery(); $db->connect(); $db2 = new dbquery(); $db2->connect(); while($res = $this->fetch_object()) { $service_id = $res->ID; $decal = false; $db->query("select * from ".$_SESSION['tablename']['listmodel']." where ID = '".$service_id."' order by SEQUENCE"); while($res2 = $db->fetch_object()) { $user = $res2->USER_ID; if($decal) { $db2->query("update ".$_SESSION['tablename']['listmodel']." set SEQUENCE = SEQUENCE -1 where USER_ID = '".$user."' and ID = '".$service_id."'"); } if($user == $id) { $decal = true; $db2->query("delete from ".$_SESSION['tablename']['listmodel']." where ID = '".$service_id."' and USER_ID = '".$id."'"); } } } if($_SESSION['history']['usersdel']) { require("class_history.php"); $users = new history(); $users->add($_SESSION['tablename']['users'], $id,"DEL",_USER_DELETION." : ".$theuser); } $_SESSION['error'] = _DELETED_USER; } header("location: index.php?page=users"); exit; } } } /** * Treats the information returned by the form of (). * */ public function user_modif() { require_once("class_functions.php"); $func = new functions(); $_SESSION['user']['FirstName'] = $func->wash($_POST['FirstName'], "no", _FIRSTNAME); $_SESSION['user']['FirstName'] = stripslashes($_SESSION['user']['FirstName']); $_SESSION['user']['LastName'] = $func->wash($_POST['LastName'], "no", _LASTNAME); $_SESSION['user']['LastName'] = stripslashes($_SESSION['user']['LastName']); $_SESSION['user']['pass1'] = $func->wash($_POST['pass1'], "no", _FIRST_PSW); $_SESSION['user']['pass2'] = $func->wash($_POST['pass2'], "no", _SECOND_PSW); if($_SESSION['user']['pass1'] <> $_SESSION['user']['pass2']) { $func->add_error(_WRONG_SECOND_PSW, ''); } if(isset($_POST['Phone']) && !empty($_POST['Phone'])) { $_SESSION['user']['Phone'] = $_POST['Phone']; } if(isset($_POST['Fonction']) && !empty($_POST['Fonction'])) { $_SESSION['user']['Fonction'] = $_POST['Fonction']; $_SESSION['user']['Fonction'] = stripslashes($_SESSION['user']['Fonction'] ); } if(isset($_POST['Mail']) && !empty($_POST['Mail'])) { $_SESSION['user']['Mail'] = $_POST['Mail']; } if(empty($_SESSION['error'])) { $this->connect(); $this->query("update `".$_SESSION['tablename']['users']."` set PASSWORD = '".md5($_SESSION['user']['pass1'])."', `FirstName` = '".$_SESSION['user']['FirstName']."', `LastName` = '".$_SESSION['user']['LastName']."', `Phone` = '".$_SESSION['user']['Phone']."', `Mail` = '".$_SESSION['user']['Mail']."' , `Department` = '".$_SESSION['user']['department']."' , `FONCTION` = '".$_SESSION['user']['Fonction']."' where user_id = '".$_SESSION['user']['UserId']."'"); if($_SESSION['history']['usersup'] == "true") { require("class_history.php"); $users = new history(); $users->add($_SESSION['tablename']['users'], $_SESSION['user']['UserId'],"UP",_USER_UPDATE." ".$_SESSION['user']['LastName']." : ".$_SESSION['user']['FirstName']); } $_SESSION['error'] = _USER_UPDATED; header("location: index.php"); exit; } else { header("location: index.php?page=modify_user"); exit; } } /** * Form for the management of the current user. * */ public function change_info_user() { $this->connect(); $this->query("select ID, SERVICE from ".$_SESSION['tablename']["services"]." where ENABLED = 'Y' order by SERVICE asc"); $services = array(); while($res = $this->fetch_object()) { array_push($services, array('ID' => $res->ID, 'LABEL' => $res->SERVICE)); } ?>

query("select count(*) as DATE_TRAIT from ".$_SESSION['ressources'][0]['tablename']." WHERE date(CUSTOM_D3)='".date("Y")."-".date("m")."-".date("d")."'"); //$this->show(); $line01 = $this->fetch_object(); $this->query("select count(*) as INDEX_TRAIT from ".$_SESSION['ressources'][0]['tablename']." WHERE date(CREATION_DATE)='".date("Y")."-".date("m")."-".date("d")."' AND TYPIST='".$_SESSION['user']['UserId']."'"); //$this->show(); $line02 = $this->fetch_object(); $this->query("select count(*) as REP_TRAIT from ".$_SESSION['tablename']['history']." WHERE date(EVENT_DATE)='".date("Y")."-".date("m")."-".date("d")."' AND USER_ID='".$_SESSION['user']['UserId']."' AND EVENT_TYPE='RED'"); //$this->show(); $line03 = $this->fetch_object(); ?>

:

".str_replace('\\', '',$_SESSION['user']['services'][$i]['LABEL'])." "; } ?>

:

: DATE_TRAIT; ?>
: INDEX_TRAIT; ?>
: REP_TRAIT; ?>

show_array($_SESSION['user']['baskets']); require_once('class_basket.php'); $bask = new basket(); $modal_content = $bask->redirect_my_baskets_list($_SESSION['user']['baskets'], count($_SESSION['user']['baskets']), $_SESSION['user']['UserId']); echo "

"; ?>

connect(); $this->query("select ID, SERVICE from ".$_SESSION['tablename']["services"]." where ENABLED = 'Y' order by SERVICE asc"); $services = array(); while($res = $this->fetch_object()) { array_push($services, array('ID' => $res->ID, 'LABEL' => $res->SERVICE)); } if(empty($_SESSION['error'])) { $this->connect(); $this->query("select count(*) as total from ".$_SESSION['tablename']['usergroups']." where enabled ='Y'"); $nb_total_1 = $this->fetch_object(); $_SESSION['m_admin']['nbgroups'] = $nb_total_1->total; $this->query("select * from ".$_SESSION['tablename']['services']); } if($mode == "up") { $_SESSION['m_admin']['mode'] = "up"; if(empty($_SESSION['error'])) { $this->connect(); $this->query("select * from ".$_SESSION['tablename']['users']." where user_id = '".$id."'"); if($this->nb_result() == 0) { $_SESSION['error'] = _USER.' '._UNKNOWN; $state = false; } else { $line = $this->fetch_object(); $_SESSION['m_admin']['users']['UserId'] = $line->USER_ID; $_SESSION['m_admin']['users']['FirstName'] = $line->FIRSTNAME; $_SESSION['m_admin']['users']['LastName'] = $line->LASTNAME; $_SESSION['m_admin']['users']['Phone'] = $line->PHONE; $_SESSION['m_admin']['users']['Mail'] = $line->MAIL; $_SESSION['m_admin']['users']['Department'] = $line->DEPARTMENT; $_SESSION['m_admin']['users']['Enabled'] = $line->ENABLED; $_SESSION['m_admin']['users']['Status'] = $line->STATUS; $_SESSION['m_admin']['users']['Elu'] = $line->ELU; $_SESSION['m_admin']['users']['Fonction'] = $line->FONCTION; } for($i=0;$i < count($_SESSION['m_admin']['users']['groups']); $i++) { if($_SESSION['m_admin']['users']['groups'][$i]['USER_ID'] <> $_SESSION['m_admin']['users']['UserId']) { $_SESSION['m_admin']['load_group'] = true; break; } } if ($_SESSION['m_admin']['load_group'] == true || ! isset($_SESSION['m_admin']['load_group'] )) { $ugc->load_group_session($_SESSION['m_admin']['users']['UserId']); } } } elseif($mode == "add" ) { $_SESSION['m_admin']['mode'] = "add"; if ($_SESSION['m_admin']['init']== true || !isset($_SESSION['m_admin']['init'] )) { $ugc->init_session(); } } ?>

'._USER_ADDITION.''; } elseif($mode == "up") { echo '

'._USER_MODIFICATION.'

'; } ?>

"._USER.' '._UNKNOWN."

"; } else { ?>

query("SELECT count(USER_ABS) as TOTAL from ".$_SESSION['tablename']['missing_user']." WHERE USER_ABS='".$_GET['id']."'"); //$this->show(); $line = $this->fetch_object(); echo "

"; if ($line->TOTAL == 0) { ?>

query("SELECT NEW_USER from ".$_SESSION['tablename']['missing_user']." WHERE USER_ABS='".$_GET['id']."'"); $line2 = $this->fetch_object(); $this->query("SELECT FIRSTNAME, LASTNAME from ".$_SESSION['tablename']['users']." WHERE USER_ID ='".$line2->NEW_USER."'"); //$this->show(); $line3 = $this->fetch_object(); ?>

FIRSTNAME." ".$line3->LASTNAME; ?>

*/ if($_SESSION['m_admin']['users']['Status'] == 'ABS') { ?>

get_baskets($_SESSION['m_admin']['users']['UserId']); //print_r($arr_baskets); $modal_content = $bask->redirect_my_baskets_list($arr_baskets, count($arr_baskets), $_SESSION['m_admin']['users']['UserId']); echo "

"; ?>

wash($_POST['UserId'], "nick", _USER_ID); $_SESSION['m_admin']['users']['pass'] = md5("test"); } if($mode == "up") { $_SESSION['m_admin']['users']['UserId'] = $func->wash($_POST['id'], "nick", _USER_ID); } $_SESSION['m_admin']['users']['FirstName'] = $func->wash($_POST['FirstName'], "no", _FIRSTNAME); $_SESSION['m_admin']['users']['FirstName'] = stripslashes($_SESSION['m_admin']['users']['FirstName']); $_SESSION['m_admin']['users']['LastName'] = $func->wash($_POST['LastName'], "no", _LASTNAME); $_SESSION['m_admin']['users']['LastName'] = stripslashes($_SESSION['m_admin']['users']['LastName']); $_SESSION['m_admin']['users']['Department'] = $func->wash($_POST['Department'], "no", _DEPARTMENT); if(isset($_POST['Phone']) && !empty($_POST['Phone'])) { $_SESSION['m_admin']['users']['Phone'] = $_POST['Phone']; } $_SESSION['m_admin']['users']['Mail'] = $func->wash($_POST['Mail'], "mail", _MAIL); if(isset($_POST['Fonction']) && !empty($_POST['Fonction'])) { $_SESSION['m_admin']['users']['Fonction'] = $_POST['Fonction']; $_SESSION['m_admin']['users']['Fonction'] = stripslashes($_SESSION['m_admin']['users']['Fonction'] ); } $_SESSION['m_admin']['users']['Elu'] = $_POST['elu']; $ugc = new usergroup_content(); $primary_set = false; for($i=0; $i < count($_SESSION['m_admin']['users']['groups']);$i++) { if($_SESSION['m_admin']['users']['groups'][$i]['PRIMARY'] == 'Y') { $primary_set = true; break; } } if ($primary_set == false) { $ugc->add_error(_NO_PRIMARY_GROUP, ""); } } /** * Add ou modify users in the database * * @param string $mode up or add */ public function addupusers($mode) { // add ou modify users in the database $this->usersinfo($mode); if(!empty($_SESSION['error'])) { if($mode == "up") { if(!empty($_SESSION['m_admin']['users']['UserId'])) { header("location: index.php?page=users_up&id=".$_SESSION['m_admin']['users']['UserId']); exit; } else { header("location: index.php?page=users"); exit; } } elseif($mode == "add") { $_SESSION['m_admin']['load_group'] = false; header("location: index.php?page=users_add"); exit; } } else { $this->connect(); if($mode == "add") { $this->query("select USER_ID, STATUS from ".$_SESSION['tablename']['users']." where User_Id = '".$_SESSION['m_admin']['users']['UserId']."'"); $res = $this->fetch_object(); if($this->nb_result() > 0) { if($res->STATUS == 'OK') { $_SESSION['error'] = _THE_USER." ".$_SESSION['m_admin']['users']['UserId']." "._ALREADY_EXISTS."
"; header("location: index.php?page=users_add"); exit; } else { $this->query("DELETE from ".$_SESSION['tablename']['users']." where USER_ID = '".$_SESSION['m_admin']['users']['UserId']."'"); } } $this->query("INSERT INTO `".$_SESSION['tablename']['users']."` ( `USER_ID` , `PASSWORD` , `FIRSTNAME` , `LASTNAME` , `PHONE` , `MAIL` , `DEPARTMENT` , `FONCTION` ,`COOKIE_KEY` , `COOKIE_DATE` , `ELU` , `ENABLED` ) VALUES ( '".$_SESSION['m_admin']['users']['UserId']."', '".$_SESSION['m_admin']['users']['pass']."', '".addslashes($_SESSION['m_admin']['users']['FirstName'])."', '".addslashes($_SESSION['m_admin']['users']['LastName'])."', '".$_SESSION['m_admin']['users']['Phone']."', '".$_SESSION['m_admin']['users']['Mail']."', '".$_SESSION['m_admin']['users']['Department']."', '".addslashes($_SESSION['m_admin']['users']['Fonction'])."','', '0000-00-00 00:00:00', '".$_SESSION['m_admin']['users']['Elu']."', 'Y')"); require_once("class_usergroup_content.php"); $ugc=new usergroup_content(); $ugc->load_db(); if($_SESSION['history']['usersadd'] == "true") { require("class_history.php"); $users = new history(); $users->add($_SESSION['tablename']['users'], $_SESSION['m_admin']['users']['UserId'],"ADD",_USER_ADDED." : ".$_SESSION['m_admin']['users']['LastName']." ".$_SESSION['m_admin']['users']['FirstName']); } $this->clearuserinfos(); $_SESSION['error'] = _USER_ADDED; header("location: index.php?page=users"); exit; } elseif($mode == "up") { $this->query("update `".$_SESSION['tablename']['users']."` set `FIRSTNAME` = '".addslashes($_SESSION['m_admin']['users']['FirstName'])."', `LASTNAME` = '".addslashes($_SESSION['m_admin']['users']['LastName'])."', `PHONE` = '".$_SESSION['m_admin']['users']['Phone']."', `MAIL` = '".$_SESSION['m_admin']['users']['Mail']."' , `DEPARTMENT` = '".$_SESSION['m_admin']['users']['Department']."', `FONCTION` = '".addslashes($_SESSION['m_admin']['users']['Fonction'])."', `ELU` = '".$_SESSION['m_admin']['users']['Elu']."' where USER_ID = '".$_SESSION['m_admin']['users']['UserId']."'"); require_once("class_usergroup_content.php"); $ugc=new usergroup_content(); $ugc->load_db(); if($_SESSION['history']['usersup'] == "true") { require("class_history.php"); $users = new history(); $users->add($_SESSION['tablename']['users'], $_SESSION['m_admin']['users']['UserId'],"UP",_USER_UPDATE." : ".$_SESSION['m_admin']['users']['LastName']." ".$_SESSION['m_admin']['users']['FirstName']." (".$_SESSION['m_admin']['users']['UserId'].")"); } if( $_SESSION['m_admin']['users']['UserId'] == $_SESSION['user']['UserId'] ) { $_SESSION['user']['groups'] = array(); $_SESSION['user']['security'] = array(); $tmp = $this->load_groups($_SESSION['user']['UserId']); $_SESSION['user']['primarygroup']= $tmp[0]; $_SESSION['user']['groups'] = $tmp[1]; $arr_sec = $this->load_security($_SESSION['user']['UserId']); $_SESSION['user']['tables'] = $arr_sec['tables']; $_SESSION['user']['security'] = $arr_sec['security']; $_SESSION['user']['can_index'] = $arr_sec['can_index']; $_SESSION['user']['can_postindex'] = $arr_sec['can_postindex']; } $this->clearuserinfos(); $_SESSION['error'] = _USER_UPDATED; header("location: index.php?page=users"); exit; } } } /** * Clear the users add or modification vars */ private function clearuserinfos() { // clear the users add or modification vars $_SESSION['m_admin']['users'] = array(); $_SESSION['m_admin']['users']['UserId'] = ""; $_SESSION['m_admin']['users']['pass'] = ""; $_SESSION['m_admin']['users']['FirstName'] = ""; $_SESSION['m_admin']['users']['LastName'] = ""; $_SESSION['m_admin']['users']['Phone'] = ""; $_SESSION['m_admin']['users']['Mail'] = ""; $_SESSION['m_admin']['users']['Department'] =""; $_SESSION['m_admin']['users']['Status'] = ""; $_SESSION['m_admin']['users']['Enabled'] = "Y"; $_SESSION['m_admin']['users']['Elu'] = ""; $_SESSION['m_admin']['users']['Fonction'] = ""; $_SESSION['m_admin']['users']['groups'] = array(); $_SESSION['m_admin']['users']['nbbelonginggroups'] = 0; } } ?>