* */ /** * Class users: Contains all the functions and forms to manage users * * @author Claire Figueras * @license GPL * @package Maarch LetterBox 2.3 * @version 2.2 */ require_once("class_letterbox.php"); require_once("class_extensions.php"); class users extends dbquery { private $xml_config_path; /** * XML Config PATH * @access private * @var string */ private $sqlorderby; /** * @access private * @var integer */ private $the_start; /** * SQL argument orderby name * @access private * @var string */ private $orderby; /** * SQL argument orderby * @access private * @var string */ /** * Redefinition of the user object constructor : configure the SQL argument order by */ function __construct($xml_config_path="xml") { $this->xml_config_path = $xml_config_path; // configure the sql argument order by if(isset($_GET['start'])) { $this->the_start = strip_tags($_GET['start']); } else { $this->the_start = 0; } if(isset($_GET['order'])) { $this->orderby = strip_tags($_GET['order']); } else { $this->orderby = "nameasc"; } $this->sqlorderby = ""; if($this->orderby == "nameasc") { $this->sqlorderby = "order by LastName asc"; } if($this->orderby == "namedesc") { $this->sqlorderby = "order by LastName desc"; } if($this->orderby == "userasc") { $this->sqlorderby = "order by User_Id asc"; } if($this->orderby == "userdesc") { $this->sqlorderby = "order by User_Id desc"; } if($this->orderby == "statusasc") { $this->sqlorderby = "order by Status asc"; } if($this->orderby == "statusdesc") { $this->sqlorderby = "order by Status desc"; } if($this->orderby == "mailasc") { $this->sqlorderby = "order by Mail asc"; } if($this->orderby == "maildesc") { $this->sqlorderby = "order by Mail desc"; } } /** * Loads data related to the user groups (group name, role, primary group or not) in session variables * */ public function load_groups($user_id) { $groups = array(); $primary_group = ''; $primary_group_gdd = ''; $this->connect(); $this->query("select uc.GROUP_ID, uc.PRIMARY_GROUP, uc.ROLE, u.CONSULT_GROUP, uc.PRIMARY_GROUP_GDD from ".$_SESSION['tablename']['usergroup_content']." uc , ".$_SESSION['tablename']['usergroups']." u where uc.USER_ID ='".$user_id."' and u.GROUP_ID = uc.GROUP_ID and u.ENABLED= 'Y'"); if($this->nb_result() < 1) { $_SESSION['error'] = _USER_NO_GROUP.'. '._MORE_INFOS." ".$_SESSION['config']['adminname'].""; header("location: index.php"); exit; } else { $i =0; while($line = $this->fetch_object()) { $groups[$i]['GROUP_ID'] = $line->GROUP_ID; if($line->PRIMARY_GROUP == 'Y') { $primary_group = $line->GROUP_ID; } $groups[$i]['ROLE'] = $line->ROLE; $groups[$i]['CONSULT_GROUP'] = $line->CONSULT_GROUP; if($line->PRIMARY_GROUP_GDD == 'Y') { $primary_group_gdd = $line->GROUP_ID; } $i++; } } return array($primary_group, $groups, $primary_group_gdd); } /** * Loads in session variables, the security parameters corresponding to the user groups. * */ public function load_security($user_id) { $arr = array(); $this->connect(); $this->query("SELECT s.GROUP_ID, s.RES_TABLE, s.WHERE_CLAUSE , s.CAN_INSERT, s.CAN_UPDATE FROM ".$_SESSION['tablename']['security']." s, ".$_SESSION['tablename']['usergroup_content']." ugc , ".$_SESSION['tablename']['usergroups']." u WHERE ugc.user_id='".$user_id."' and ugc.group_id = s.group_id and ugc.group_id = u.group_id and u.enabled = 'Y'"); /*$_SESSION['user']['tables'] =array(); $_SESSION['user']['security'] = array(); $_SESSION['user']['can_index'] = false; $_SESSION['user']['can_postindex'] = false;*/ $arr['tables'] =array(); $arr['security'] = array(); $arr['can_index'] = false; $arr['can_postindex'] = false; $i =0; $can_index = false; $can_postindex = false; while($line = $this->fetch_object()) { if( ! in_array($line->RES_TABLE, $arr['tables'] ) ) { $arr['security'][$i]['table'] = $line->RES_TABLE; if($line->WHERE_CLAUSE <> "") { $where = "( ".$line->WHERE_CLAUSE." )"; } else { $where = "( 1=- 1 )"; } $arr['security'][$i]['where'] = $where; $arr['security'][$i]['can_insert'] = $line->CAN_INSERT; if ($line->CAN_INSERT == 'Y') { $can_index = true; } if ($line->CAN_UPDATE == 'Y') { $can_postindex = true; } $arr['security'][$i]['can_update'] = $line->CAN_UPDATE; array_push($arr['tables'] , $line->RES_TABLE); $i++; } else { $key = -1; for($j=0; $jRES_TABLE) { $key = $j; break; } } if($line->WHERE_CLAUSE == "") { $where = "( 1=-1 )"; } else { $where = "( ".$line->WHERE_CLAUSE." )"; } if($key > -1) { //$arr['security'][$key]['where'] .= " or ".$where; $arr['security'][$key]['where'] .= " or ".$where; } if($line->CAN_INSERT == 'Y') { $arr['security'][$key]['can_insert'] = $line->CAN_INSERT; $can_index = true; } if($line->CAN_UPDATE == 'Y') { $arr['security'][$key]['can_update'] = $line->CAN_UPDATE; $can_postindex = true; } } } $arr['can_index'] = $can_index; $arr['can_postindex'] = $can_postindex; return $arr; } /** * To log a user * * @param string $s_login user login * @param string $pass user password */ public function login($s_login,$pass) { // To log a user $this->connect(); if ($_SESSION['config']['ldap'] == "true") { $this->query("select * from ".$_SESSION['tablename']['users']." where User_Id = '".$s_login."' and STATUS <> 'DEL' "); } else { $this->query("select * from ".$_SESSION['tablename']['users']." where User_Id = '".$s_login."' and password = '".$pass."' and STATUS <> 'DEL' "); } if($this->nb_result() > 0) { $line = $this->fetch_object(); if($line->ENABLED == "Y") { $_SESSION['user']['change_pass'] = $line->CHANGE_PASSWORD; $_SESSION['user']['UserId'] = $line->USER_ID; $_SESSION['user']['Password'] = $line->PASSWORD; $_SESSION['user']['FirstName'] = $line->FIRSTNAME; $_SESSION['user']['LastName'] = $line->LASTNAME; $_SESSION['user']['Phone'] = $line->PHONE; $_SESSION['user']['Mail'] = $line->MAIL; $_SESSION['user']['department'] = $line->DEPARTMENT; $_SESSION['user']['Fonction'] = $line->FONCTION; $_SESSION['user']['bitnotification'] = $line->NOTIFICATION; $_SESSION['error'] = ""; setcookie("maarch", "",time()-3600000); $key = md5(time()."%".$_SESSION['user']['FirstName']."%".$_SESSION['user']['UserId']."%".$_SESSION['user']['UserId']."%".date("dmYHmi")."%"); $this->query("update ".$_SESSION['tablename']['users']." set cookie_key = '".$key."', cookie_date = '".date("Y-m-d")." ".date("H:m:i")."' where User_Id = '".$_SESSION['user']['UserId']."' and Mail = '".$_SESSION['user']['Mail']."'"); setcookie("maarch", "UserId=".$_SESSION['user']['UserId']."&key=".$key,$_SESSION['session_expire']); $this->query("select SERVICE from ".$_SESSION['tablename']['services']." where ID = '".$_SESSION['user']['department']."'"); $res = $this->fetch_object(); $_SESSION['user']['department_label'] = $res->SERVICE; $tmp = $this->load_groups($_SESSION['user']['UserId']); $_SESSION['user']['primarygroup']= $tmp[0]; $_SESSION['user']['groups'] = $tmp[1]; $_SESSION['user']['primarygroup_gdd']= $tmp[2]; $this->query("SELECT u.ADMINISTRATOR FROM ".$_SESSION['tablename']['usergroup_content']." ugc, ".$_SESSION['tablename']['usergroups']." u where ugc.user_id = '".$_SESSION['user']['UserId']."' and ugc.group_id = u.group_id and u.enabled ='Y' and u.ADMINISTRATOR ='Y' "); $_SESSION['user']['admin'] = false; if($this->nb_result() > 0) { $_SESSION['user']['admin'] = true; } $this->query("SELECT u.EXPORT FROM ".$_SESSION['tablename']['usergroup_content']." ugc, ".$_SESSION['tablename']['usergroups']." u where ugc.user_id = '".$_SESSION['user']['UserId']."' and ugc.group_id = u.group_id and u.enabled ='Y' and u.EXPORT ='Y' "); $_SESSION['user']['export'] = false; if($this->nb_result() > 0) { $_SESSION['user']['export'] = true; } $this->query("SELECT u.VIEW_RELANCE FROM ".$_SESSION['tablename']['usergroup_content']." ugc, ".$_SESSION['tablename']['usergroups']." u where ugc.user_id = '".$_SESSION['user']['UserId']."' and ugc.group_id = u.group_id and u.enabled ='Y' and u.VIEW_RELANCE='Y' "); $_SESSION['user']['view_relance'] = false; if($this->nb_result() > 0) { $_SESSION['user']['view_relance'] = true; } $this->query("SELECT u.VIEW_STATS FROM ".$_SESSION['tablename']['usergroup_content']." ugc, ".$_SESSION['tablename']['usergroups']." u where ugc.user_id = '".$_SESSION['user']['UserId']."' and ugc.group_id = u.group_id and u.enabled ='Y' and u.VIEW_STATS='Y' "); $_SESSION['user']['view_stats'] = false; if($this->nb_result() > 0) { $_SESSION['user']['view_stats'] = true; } $this->query("SELECT u.MODIF_RIGHTS FROM ".$_SESSION['tablename']['usergroup_content']." ugc, ".$_SESSION['tablename']['usergroups']." u where ugc.user_id = '".$_SESSION['user']['UserId']."' and ugc.group_id = u.group_id and u.enabled ='Y' and u.MODIF_RIGHTS='Y' "); $_SESSION['user']['modif_rights'] = false; if($this->nb_result() > 0) { $_SESSION['user']['modif_rights'] = true; } $this->query("SELECT u.DELETE_RIGHTS FROM ".$_SESSION['tablename']['usergroup_content']." ugc, ".$_SESSION['tablename']['usergroups']." u where ugc.user_id = '".$_SESSION['user']['UserId']."' and ugc.group_id = u.group_id and u.enabled ='Y' and u.DELETE_RIGHTS='Y' "); $_SESSION['user']['delete_rights'] = false; if($this->nb_result() > 0) { $_SESSION['user']['delete_rights'] = true; } $this->query("SELECT u.PRINT_RIGHTS FROM ".$_SESSION['tablename']['usergroup_content']." ugc, ".$_SESSION['tablename']['usergroups']." u where ugc.user_id = '".$_SESSION['user']['UserId']."' and ugc.group_id = u.group_id and u.enabled ='Y' and u.PRINT_RIGHTS='Y' "); $_SESSION['user']['print_rights'] = false; if($this->nb_result() > 0) { $_SESSION['user']['print_rights'] = true; } $this->query("SELECT u.PRINT_SEP_RIGHTS FROM ".$_SESSION['tablename']['usergroup_content']." ugc, ".$_SESSION['tablename']['usergroups']." u where ugc.user_id = '".$_SESSION['user']['UserId']."' and ugc.group_id = u.group_id and u.enabled ='Y' and u.PRINT_SEP_RIGHTS='Y' "); $_SESSION['user']['print_sep_rights'] = false; if($this->nb_result() > 0) { $_SESSION['user']['print_sep_rights'] = true; } $this->query("SELECT u.ATTACHMENT_RIGHTS FROM ".$_SESSION['tablename']['usergroup_content']." ugc, ".$_SESSION['tablename']['usergroups']." u where ugc.user_id = '".$_SESSION['user']['UserId']."' and ugc.group_id = u.group_id and u.enabled ='Y' and u.ATTACHMENT_RIGHTS='Y' "); $_SESSION['user']['attachment_rights'] = false; if($this->nb_result() > 0) { $_SESSION['user']['attachment_rights'] = true; } $this->query("SELECT u.CLOSE_RIGHTS FROM ".$_SESSION['tablename']['usergroup_content']." ugc, ".$_SESSION['tablename']['usergroups']." u where ugc.user_id = '".$_SESSION['user']['UserId']."' and ugc.group_id = u.group_id and u.enabled ='Y' and u.CLOSE_RIGHTS='Y' "); $_SESSION['user']['close_rights'] = false; if($this->nb_result() > 0) { $_SESSION['user']['close_rights'] = true; } $this->query("SELECT u.MAIL_RIGHTS FROM ".$_SESSION['tablename']['usergroup_content']." ugc, ".$_SESSION['tablename']['usergroups']." u where ugc.user_id = '".$_SESSION['user']['UserId']."' and ugc.group_id = u.group_id and u.enabled ='Y' and u.MAIL_RIGHTS='Y' "); $_SESSION['user']['mail_rights'] = false; if($this->nb_result() > 0) { $_SESSION['user']['mail_rights'] = true; } $this->query("SELECT u.REJECT_RIGHTS FROM ".$_SESSION['tablename']['usergroup_content']." ugc, ".$_SESSION['tablename']['usergroups']." u where ugc.user_id = '".$_SESSION['user']['UserId']."' and ugc.group_id = u.group_id and u.enabled ='Y' and u.REJECT_RIGHTS='Y' "); $_SESSION['user']['reject_rights'] = false; if($this->nb_result() > 0) { $_SESSION['user']['reject_rights'] = true; } $this->query("SELECT u.DEF_REJECT_RIGHTS FROM ".$_SESSION['tablename']['usergroup_content']." ugc, ".$_SESSION['tablename']['usergroups']." u where ugc.user_id = '".$_SESSION['user']['UserId']."' and ugc.group_id = u.group_id and u.enabled ='Y' and u.DEF_REJECT_RIGHTS='Y' "); $_SESSION['user']['def_reject_rights'] = false; if($this->nb_result() > 0) { $_SESSION['user']['def_reject_rights'] = true; } $this->query("SELECT u.VALIDATE_RIGHTS FROM ".$_SESSION['tablename']['usergroup_content']." ugc, ".$_SESSION['tablename']['usergroups']." u where ugc.user_id = '".$_SESSION['user']['UserId']."' and ugc.group_id = u.group_id and u.enabled ='Y' and u.VALIDATE_RIGHTS='Y' "); $_SESSION['user']['validate_rights'] = false; if($this->nb_result() > 0) { $_SESSION['user']['validate_rights'] = true; } $this->query("SELECT u.DELETE_COPY_RIGHTS FROM ".$_SESSION['tablename']['usergroup_content']." ugc, ".$_SESSION['tablename']['usergroups']." u where ugc.user_id = '".$_SESSION['user']['UserId']."' and ugc.group_id = u.group_id and u.enabled ='Y' and u.DELETE_COPY_RIGHTS='Y' "); $_SESSION['user']['delete_copy_rights'] = false; if($this->nb_result() > 0) { $_SESSION['user']['delete_copy_rights'] = true; } $this->query("SELECT u.DELETE_MAIL_ACTIONS_RIGHTS FROM ".$_SESSION['tablename']['usergroup_content']." ugc, ".$_SESSION['tablename']['usergroups']." u where ugc.user_id = '".$_SESSION['user']['UserId']."' and ugc.group_id = u.group_id and u.enabled ='Y' and u.DELETE_MAIL_ACTIONS_RIGHTS='Y' "); $_SESSION['user']['delete_mail_actions_rights'] = false; if($this->nb_result() > 0) { $_SESSION['user']['delete_mail_actions_rights'] = true; } $this->query("SELECT u.FOLDER_RIGHTS FROM ".$_SESSION['tablename']['usergroup_content']." ugc, ".$_SESSION['tablename']['usergroups']." u where ugc.user_id = '".$_SESSION['user']['UserId']."' and ugc.group_id = u.group_id and u.enabled ='Y' and u.FOLDER_RIGHTS='Y' "); $_SESSION['user']['folder_rights'] = false; if($this->nb_result() > 0) { $_SESSION['user']['folder_rights'] = true; } $this->query("SELECT u.GDD_CREATION FROM ".$_SESSION['tablename']['usergroup_content']." ugc, ".$_SESSION['tablename']['usergroups']." u where ugc.user_id = '".$_SESSION['user']['UserId']."' and ugc.group_id = u.group_id and u.enabled ='Y' and u.GDD_CREATION='Y' "); $_SESSION['user']['gdd_creation'] = false; if($this->nb_result() > 0) { $_SESSION['user']['gdd_creation'] = true; } $this->query("SELECT u.GDD_AFFICHAGE FROM ".$_SESSION['tablename']['usergroup_content']." ugc, ".$_SESSION['tablename']['usergroups']." u where ugc.user_id = '".$_SESSION['user']['UserId']."' and ugc.group_id = u.group_id and u.enabled ='Y' and u.GDD_AFFICHAGE='Y' "); $_SESSION['user']['gdd_affichage'] = false; if($this->nb_result() > 0) { $_SESSION['user']['gdd_affichage'] = true; } $arr_sec = $this->load_security($_SESSION['user']['UserId']); $_SESSION['user']['tables'] = $arr_sec['tables']; $_SESSION['user']['security'] = $arr_sec['security']; $_SESSION['user']['can_index'] = $arr_sec['can_index']; $_SESSION['user']['can_postindex'] = $arr_sec['can_postindex']; require_once("class_basket.php"); $bask = new basket(); $bask->load_activity_user(); $_SESSION['user']['services'] = $bask->load_services($_SESSION['user']['UserId']); if($_SESSION['user']['admin']) { $bask->get_baskets_pages(); } $bask->load_basket(); //$this->show_array($_SESSION['user']['baskets']); $bask->load_basket_abs(); //$this->show_array($_SESSION['user']['baskets']); $bask->load_basket_gdd(); //$this->show_array($_SESSION['user']['baskets_gdd']); $bask->load_other_link(); //$this->show_array($_SESSION['user']['other_link']); //exit(); if ($_SESSION['config']['collectivities'] =="true") { include_once($_SESSION['config']['includedir']."/addon_collectivities.php"); load_entity_for_user($this); } /****************************/ /*$ip = $_SERVER['REMOTE_ADDR']; $navigateur = addslashes($_SERVER['HTTP_USER_AGENT']); $host = gethostbyaddr($_SERVER['REMOTE_ADDR']); $this->query("INSERT into connexion_history (IP, BROWSER, HOST, DATE) VALUES ('".$ip."', '".$navigateur."', '".$host."', now())");*/ /***************************/ if($_SESSION['user']['change_pass'] == 'Y') { header("location: change_pass.php"); exit; } if($_SESSION['req_type'] == "scan" ) { if ($_SESSION['user']['can_index'] == true) { header("location: index_scansnap.php"); } else { $_SESSION['error'] = _NO_INDEX_RIGHT; header("location: index.php?page=".$_SESSION["config"]["defaultPage"].".php"); } exit; } elseif($_SESSION['req_type'] == "files") { header("location: file_index.php"); exit; } //elseif($_SESSION['req_type'] == "view") //{ // header("location: view.php?id=".$_SESSION['req_id']); // exit; //} else { header("location: index.php?page=".$_SESSION["config"]["defaultPage"].".php"); exit; } } else { $_SESSION['error'] = _SUSPENDED_ACCOUNT.'. '._MORE_INFOS." ".$_SESSION['config']['adminname'].""; header("location: login.php"); exit; } } else { $_SESSION['error'] = _BAD_LOGIN_OR_PSW."..."; header("location: login.php"); exit; } } /** * To log a user with gdi module * * @param string $s_login user login * @param string $pass user password */ public function login_gdi($s_login,$pass, $gdi_id) { // To log a user $this->connect(); $this->query("select * from ".$_SESSION['tablename']['users']." where User_Id = '".$s_login."' and password = '".$pass."' and STATUS <> 'DEL'"); //echo "test"; exit(); if($this->nb_result() > 0) { $line = $this->fetch_object(); if($line->ENABLED == "Y") { $_SESSION['user']['change_pass'] = $line->CHANGE_PASSWORD; $_SESSION['user']['UserId'] = $line->USER_ID; $_SESSION['user']['FirstName'] = $line->FIRSTNAME; $_SESSION['user']['LastName'] = $line->LASTNAME; $_SESSION['user']['Phone'] = $line->PHONE; $_SESSION['user']['Mail'] = $line->MAIL; $_SESSION['user']['department'] = $line->DEPARTMENT; $_SESSION['user']['Fonction'] = $line->FONCTION; $_SESSION['error'] = ""; setcookie("maarch", "",time()-3600000); $key = md5(time()."%".$_SESSION['user']['FirstName']."%".$_SESSION['user']['UserId']."%".$_SESSION['user']['UserId']."%".date("dmYHmi")."%"); $this->query("update ".$_SESSION['tablename']['users']." set cookie_key = '".$key."', cookie_date = '".date("Y-m-d")." ".date("H:m:i")."' where User_Id = '".$_SESSION['user']['UserId']."' and Mail = '".$_SESSION['user']['Mail']."'"); setcookie("maarch", "UserId=".$_SESSION['user']['UserId']."&key=".$key,$_SESSION['session_expire']); $this->query("select SERVICE from ".$_SESSION['tablename']['services']." where ID = '".$_SESSION['user']['department']."'"); $res = $this->fetch_object(); $_SESSION['user']['department_label'] = $res->SERVICE; $tmp = $this->load_groups($_SESSION['user']['UserId']); $_SESSION['user']['primarygroup']= $tmp[0]; $_SESSION['user']['groups'] = $tmp[1]; $_SESSION['user']['primarygroup_gdd']= $tmp[2]; $this->query("SELECT u.ADMINISTRATOR FROM ".$_SESSION['tablename']['usergroup_content']." ugc, ".$_SESSION['tablename']['usergroups']." u where ugc.user_id = '".$_SESSION['user']['UserId']."' and ugc.group_id = u.group_id and u.enabled ='Y' and u.ADMINISTRATOR ='Y' "); $_SESSION['user']['admin'] = false; if($this->nb_result() > 0) { $_SESSION['user']['admin'] = true; } $this->query("SELECT u.EXPORT FROM ".$_SESSION['tablename']['usergroup_content']." ugc, ".$_SESSION['tablename']['usergroups']." u where ugc.user_id = '".$_SESSION['user']['UserId']."' and ugc.group_id = u.group_id and u.enabled ='Y' and u.EXPORT ='Y' "); $_SESSION['user']['export'] = false; if($this->nb_result() > 0) { $_SESSION['user']['export'] = true; } $this->query("SELECT u.VIEW_RELANCE FROM ".$_SESSION['tablename']['usergroup_content']." ugc, ".$_SESSION['tablename']['usergroups']." u where ugc.user_id = '".$_SESSION['user']['UserId']."' and ugc.group_id = u.group_id and u.enabled ='Y' and u.VIEW_RELANCE='Y' "); $_SESSION['user']['view_relance'] = false; if($this->nb_result() > 0) { $_SESSION['user']['view_relance'] = true; } $this->query("SELECT u.VIEW_STATS FROM ".$_SESSION['tablename']['usergroup_content']." ugc, ".$_SESSION['tablename']['usergroups']." u where ugc.user_id = '".$_SESSION['user']['UserId']."' and ugc.group_id = u.group_id and u.enabled ='Y' and u.VIEW_STATS='Y' "); $_SESSION['user']['view_stats'] = false; if($this->nb_result() > 0) { $_SESSION['user']['view_stats'] = true; } $this->query("SELECT u.MODIF_RIGHTS FROM ".$_SESSION['tablename']['usergroup_content']." ugc, ".$_SESSION['tablename']['usergroups']." u where ugc.user_id = '".$_SESSION['user']['UserId']."' and ugc.group_id = u.group_id and u.enabled ='Y' and u.MODIF_RIGHTS='Y' "); $_SESSION['user']['modif_rights'] = false; if($this->nb_result() > 0) { $_SESSION['user']['modif_rights'] = true; } $arr_sec = $this->load_security($_SESSION['user']['UserId']); $_SESSION['user']['tables'] = $arr_sec['tables']; $_SESSION['user']['security'] = $arr_sec['security']; $_SESSION['user']['can_index'] = $arr_sec['can_index']; $_SESSION['user']['can_postindex'] = $arr_sec['can_postindex']; require_once("class_basket.php"); $bask = new basket(); $bask->load_activity_user(); $_SESSION['user']['services'] = $bask->load_services($_SESSION['user']['UserId']); $bask->load_basket(); $bask->load_basket_abs(); $bask->load_basket_gdd(); $bask->load_other_link(); /****************************/ /* $ip = $_SERVER['REMOTE_ADDR']; $navigateur = addslashes($_SERVER['HTTP_USER_AGENT']); $host = gethostbyaddr($_SERVER['REMOTE_ADDR']); $this->query("INSERT into connexion_history (IP, BROWSER, HOST, DATE) VALUES ('".$ip."', '".$navigateur."', '".$host."', now())");*/ /***************************/ $this->query("SELECT * FROM res_x WHERE GID_ID = '".$gdi_id."' "); $res_gdi = $this->fetch_object(); header("location: view_gdi.php?id=".$res_gdi->RES_ID); exit; } else { $_SESSION['error'] = _SUSPENDED_ACCOUNT.'. '._MORE_INFOS." ".$_SESSION['config']['adminname'].""; header("location: login.php"); exit; } } else { $_SESSION['error'] = _BAD_LOGIN_OR_PSW."..."; header("location: login.php"); exit; } } /** * To reopen a session with the user's cookie * * @param string $s_UserId user identifier * @param string $s_key cookie key */ public function reopen($s_UserId,$s_key) { // to reopen a session with the user's cookie $this->connect(); $this->query("select * from ".$_SESSION['tablename']['users']." where User_Id = '".$s_UserId."' and cookie_key = '".$s_key."' and STATUS <> 'DEL'"); if($this->nb_result() > 0) { $line = $this->fetch_object(); if($line->ENABLED == "Y") { $_SESSION['user']['UserId'] = $line->USER_ID; $_SESSION['user']['Password'] = $line->PASSWORD; $_SESSION['user']['FirstName'] = $line->FIRSTNAME; $_SESSION['user']['LastName'] = $line->LASTNAME; $_SESSION['user']['Phone'] = $line->PHONE; $_SESSION['user']['Mail'] = $line->MAIL; $_SESSION['user']['department'] = $line->DEPARTMENT; $_SESSION['user']['Fonction'] = $line->FONCTION; $_SESSION['error'] = ""; setcookie("maarch", "",time()-3600000); $key = md5(time()."%".$_SESSION['user']['FirstName']."%".$_SESSION['user']['UserId']."%".$_SESSION['user']['UserId']."%".date("dmYHmi")."%"); $this->query("update ".$_SESSION['tablename']['users']." set cookie_key = '".$key."', cookie_date = '".date("Y-m-d")." ".date("H:m:i")."' where User_Id = '".$_SESSION['user']['UserId']."' and Mail = '".$_SESSION['user']['Mail']."'"); setcookie("maarch", "UserId=".$_SESSION['user']['UserId']."&key=".$key,$_SESSION['session_expire']); $this->query("select SERVICE from ".$_SESSION['tablename']['services']." where ID = '".$_SESSION['user']['department']."'"); $res = $this->fetch_object(); $_SESSION['user']['department_label'] = $res->SERVICE; $tmp = $this->load_groups($_SESSION['user']['UserId']); $_SESSION['user']['primarygroup']= $tmp[0]; $_SESSION['user']['groups'] = $tmp[1]; $_SESSION['user']['primarygroup_gdd']= $tmp[2]; $this->query("SELECT u.ADMINISTRATOR FROM ".$_SESSION['tablename']['usergroup_content']." ugc, ".$_SESSION['tablename']['usergroups']." u where ugc.user_id = '".$_SESSION['user']['UserId']."' and ugc.group_id = u.group_id and u.enabled ='Y' and u.ADMINISTRATOR ='Y' "); $_SESSION['user']['admin'] = false; if($this->nb_result() > 0) { $_SESSION['user']['admin'] = true; } $this->query("SELECT u.VIEW_RELANCE FROM ".$_SESSION['tablename']['usergroup_content']." ugc, ".$_SESSION['tablename']['usergroups']." u where ugc.user_id = '".$_SESSION['user']['UserId']."' and ugc.group_id = u.group_id and u.enabled ='Y' and u.VIEW_RELANCE='Y' "); $_SESSION['user']['view_relance'] = false; if($this->nb_result() > 0) { $_SESSION['user']['view_relance'] = true; } $this->query("SELECT u.VIEW_STATS FROM ".$_SESSION['tablename']['usergroup_content']." ugc, ".$_SESSION['tablename']['usergroups']." u where ugc.user_id = '".$_SESSION['user']['UserId']."' and ugc.group_id = u.group_id and u.enabled ='Y' and u.VIEW_STATS='Y' "); $_SESSION['user']['view_stats'] = false; if($this->nb_result() > 0) { $_SESSION['user']['view_stats'] = true; } $this->query("SELECT u.EXPORT FROM ".$_SESSION['tablename']['usergroup_content']." ugc, ".$_SESSION['tablename']['usergroups']." u where ugc.user_id = '".$_SESSION['user']['UserId']."' and ugc.group_id = u.group_id and u.enabled ='Y' and u.EXPORT ='Y' "); $_SESSION['user']['export'] = false; if($this->nb_result() > 0) { $_SESSION['user']['export'] = true; } $this->query("SELECT u.MODIF_RIGHTS FROM ".$_SESSION['tablename']['usergroup_content']." ugc, ".$_SESSION['tablename']['usergroups']." u where ugc.user_id = '".$_SESSION['user']['UserId']."' and ugc.group_id = u.group_id and u.enabled ='Y' and u.MODIF_RIGHTS='Y' "); $_SESSION['user']['modif_rights'] = false; if($this->nb_result() > 0) { $_SESSION['user']['modif_rights'] = true; } $this->query("SELECT u.DELETE_RIGHTS FROM ".$_SESSION['tablename']['usergroup_content']." ugc, ".$_SESSION['tablename']['usergroups']." u where ugc.user_id = '".$_SESSION['user']['UserId']."' and ugc.group_id = u.group_id and u.enabled ='Y' and u.DELETE_RIGHTS='Y' "); $_SESSION['user']['delete_rights'] = false; if($this->nb_result() > 0) { $_SESSION['user']['delete_rights'] = true; } $this->query("SELECT u.PRINT_RIGHTS FROM ".$_SESSION['tablename']['usergroup_content']." ugc, ".$_SESSION['tablename']['usergroups']." u where ugc.user_id = '".$_SESSION['user']['UserId']."' and ugc.group_id = u.group_id and u.enabled ='Y' and u.PRINT_RIGHTS='Y' "); $_SESSION['user']['print_rights'] = false; if($this->nb_result() > 0) { $_SESSION['user']['print_rights'] = true; } $this->query("SELECT u.PRINT_SEP_RIGHTS FROM ".$_SESSION['tablename']['usergroup_content']." ugc, ".$_SESSION['tablename']['usergroups']." u where ugc.user_id = '".$_SESSION['user']['UserId']."' and ugc.group_id = u.group_id and u.enabled ='Y' and u.PRINT_SEP_RIGHTS='Y' "); $_SESSION['user']['print_sep_rights'] = false; if($this->nb_result() > 0) { $_SESSION['user']['print_sep_rights'] = true; } $this->query("SELECT u.ATTACHMENT_RIGHTS FROM ".$_SESSION['tablename']['usergroup_content']." ugc, ".$_SESSION['tablename']['usergroups']." u where ugc.user_id = '".$_SESSION['user']['UserId']."' and ugc.group_id = u.group_id and u.enabled ='Y' and u.ATTACHMENT_RIGHTS='Y' "); $_SESSION['user']['attachment_rights'] = false; if($this->nb_result() > 0) { $_SESSION['user']['attachment_rights'] = true; } $this->query("SELECT u.CLOSE_RIGHTS FROM ".$_SESSION['tablename']['usergroup_content']." ugc, ".$_SESSION['tablename']['usergroups']." u where ugc.user_id = '".$_SESSION['user']['UserId']."' and ugc.group_id = u.group_id and u.enabled ='Y' and u.CLOSE_RIGHTS='Y' "); $_SESSION['user']['close_rights'] = false; if($this->nb_result() > 0) { $_SESSION['user']['close_rights'] = true; } $this->query("SELECT u.MAIL_RIGHTS FROM ".$_SESSION['tablename']['usergroup_content']." ugc, ".$_SESSION['tablename']['usergroups']." u where ugc.user_id = '".$_SESSION['user']['UserId']."' and ugc.group_id = u.group_id and u.enabled ='Y' and u.MAIL_RIGHTS='Y' "); $_SESSION['user']['mail_rights'] = false; if($this->nb_result() > 0) { $_SESSION['user']['mail_rights'] = true; } $this->query("SELECT u.REJECT_RIGHTS FROM ".$_SESSION['tablename']['usergroup_content']." ugc, ".$_SESSION['tablename']['usergroups']." u where ugc.user_id = '".$_SESSION['user']['UserId']."' and ugc.group_id = u.group_id and u.enabled ='Y' and u.REJECT_RIGHTS='Y' "); $_SESSION['user']['reject_rights'] = false; if($this->nb_result() > 0) { $_SESSION['user']['reject_rights'] = true; } $this->query("SELECT u.DEF_REJECT_RIGHTS FROM ".$_SESSION['tablename']['usergroup_content']." ugc, ".$_SESSION['tablename']['usergroups']." u where ugc.user_id = '".$_SESSION['user']['UserId']."' and ugc.group_id = u.group_id and u.enabled ='Y' and u.DEF_REJECT_RIGHTS='Y' "); $_SESSION['user']['def_reject_rights'] = false; if($this->nb_result() > 0) { $_SESSION['user']['def_reject_rights'] = true; } $this->query("SELECT u.VALIDATE_RIGHTS FROM ".$_SESSION['tablename']['usergroup_content']." ugc, ".$_SESSION['tablename']['usergroups']." u where ugc.user_id = '".$_SESSION['user']['UserId']."' and ugc.group_id = u.group_id and u.enabled ='Y' and u.VALIDATE_RIGHTS='Y' "); $_SESSION['user']['validate_rights'] = false; if($this->nb_result() > 0) { $_SESSION['user']['validate_rights'] = true; } $this->query("SELECT u.DELETE_COPY_RIGHTS FROM ".$_SESSION['tablename']['usergroup_content']." ugc, ".$_SESSION['tablename']['usergroups']." u where ugc.user_id = '".$_SESSION['user']['UserId']."' and ugc.group_id = u.group_id and u.enabled ='Y' and u.DELETE_COPY_RIGHTS='Y' "); $_SESSION['user']['delete_copy_rights'] = false; if($this->nb_result() > 0) { $_SESSION['user']['delete_copy_rights'] = true; } $_SESSION['user']['delete_mail_actions_rights'] = false; if($this->nb_result() > 0) { $_SESSION['user']['delete_mail_actions_rights'] = true; } $this->query("SELECT u.FOLDER_RIGHTS FROM ".$_SESSION['tablename']['usergroup_content']." ugc, ".$_SESSION['tablename']['usergroups']." u where ugc.user_id = '".$_SESSION['user']['UserId']."' and ugc.group_id = u.group_id and u.enabled ='Y' and u.FOLDER_RIGHTS='Y' "); $_SESSION['user']['folder_rights'] = false; if($this->nb_result() > 0) { $_SESSION['user']['folder_rights'] = true; } $this->query("SELECT u.GDD_CREATION FROM ".$_SESSION['tablename']['usergroup_content']." ugc, ".$_SESSION['tablename']['usergroups']." u where ugc.user_id = '".$_SESSION['user']['UserId']."' and ugc.group_id = u.group_id and u.enabled ='Y' and u.GDD_CREATION='Y' "); $_SESSION['user']['gdd_creation'] = false; if($this->nb_result() > 0) { $_SESSION['user']['gdd_creation'] = true; } $this->query("SELECT u.GDD_AFFICHAGE FROM ".$_SESSION['tablename']['usergroup_content']." ugc, ".$_SESSION['tablename']['usergroups']." u where ugc.user_id = '".$_SESSION['user']['UserId']."' and ugc.group_id = u.group_id and u.enabled ='Y' and u.GDD_AFFICHAGE='Y' "); $_SESSION['user']['gdd_affichage'] = false; if($this->nb_result() > 0) { $_SESSION['user']['gdd_affichage'] = true; } $arr_sec = $this->load_security($_SESSION['user']['UserId']); $_SESSION['user']['tables'] = $arr_sec['tables']; $_SESSION['user']['security'] = $arr_sec['security']; $_SESSION['user']['can_index'] = $arr_sec['can_index']; $_SESSION['user']['can_postindex'] = $arr_sec['can_postindex']; require_once("class_basket.php"); $bask = new basket(); $bask->load_activity_user(); $_SESSION['user']['services'] = $bask->load_services($_SESSION['user']['UserId']); if($_SESSION['user']['admin']) { $bask->get_baskets_pages(); } $bask->load_basket(); $bask->load_basket_abs(); $bask->load_basket_gdd(); $bask->load_other_link(); /****************************/ /* $ip = $_SERVER['REMOTE_ADDR']; $navigateur = addslashes($_SERVER['HTTP_USER_AGENT']); $host = gethostbyaddr($_SERVER['REMOTE_ADDR']); $this->query("INSERT into connexion_history (IP, BROWSER, HOST, DATE) VALUES ('".$ip."', '".$navigateur."', '".$host."', now())");*/ /***************************/ if($_SESSION['user']['change_pass'] == 'Y') { header("location: change_pass.php"); exit; } if($_SESSION['req_type'] == "scan") { header("location: index_scansnap.php"); exit; } elseif($_SESSION['req_type'] == "files") { header("location: file_index.php"); exit; } else { header("location: index.php?page=".$_SESSION["config"]["defaultPage"].".php"); exit; } } else { $_SESSION['error'] = _SUSPENDED_ACCOUNT.'. '._MORE_INFOS." ".$_SESSION['config']['adminname'].""; header("location: login.php"); exit; } } else { header("location: login.php"); exit; } } /** * Build Maarch features into sessions vars with an xml features file */ public function build_features() { //Define defaut all features at 'false' $_SESSION['config']['corporate'] = "false"; $_SESSION['config']['replace_subject_by_society'] = "false"; $_SESSION['config']['redirect_list'] = "false"; $_SESSION['config']['gdi_index'] = "false"; $_SESSION['config']['mail_for_answer_by_index_file'] = "false"; $_SESSION['config']['show_welcome_graph'] = "false"; $_SESSION['config']['search_max_size'] = "false"; $_SESSION['config']['printsep'] = "false"; $_SESSION['config']['modifycopylist'] = "false"; $_SESSION['config']['enable_topics'] = "false"; $_SESSION['config']['update_limit_date'] = "false"; $_SESSION['config']['tag100_for_copy'] = "false"; $_SESSION['config']['collectivities'] = "false"; $_SESSION['config']['action_waitingdoc'] = "false"; $_SESSION['config']['enablechangenotif'] = "false"; $_SESSION['config']['mail_for_new_note'] = "false"; $_SESSION['config']['before_waiting_doc'] = "false"; $_SESSION['config']['mail_count'] = "false"; $_SESSION['config']['private_notes'] = "false"; $_SESSION['config']['borough'] = "false"; $_SESSION['config']['workflow'] = "false"; $_SESSION['config']['show_only_elu_in_mailing_list'] = "false"; $_SESSION['config']['redirect_to_user_on_treatment'] = "true"; $_SESSION['config']['enablefolder'] = "false"; $_SESSION['config']['contact_manage'] = "false"; $_SESSION['config']['hide_addtional_info'] = "false"; $_SESSION['config']['check_validation_change'] = "false"; $_SESSION['config']['delete_copy_for_service'] = "false"; $_SESSION['config']['restricted_diffusion_access'] = "true"; $_SESSION['config']['show_users_in_diffusion'] = "true"; $_SESSION['config']['show_services_in_diffusion'] = "true"; $_SESSION['config']['agent_in_signing_list'] = "false"; $_SESSION['config']['elu_in_signing_list'] = "false"; $_SESSION['config']['hide_letter_service_redirect'] = "false"; $_SESSION['config']['free_diffusion_list'] = "false"; $_SESSION['config']['webdav'] = "false"; $_SESSION['config']['search_in_response'] = "false"; $_SESSION['config']['view_only_response'] = "false"; $_SESSION['config']['clean_on_index'] = "false"; $_SESSION['config']['details_on_index'] = "true"; $_SESSION['config']['view_on_process'] = "false"; //*** GDD ***// $_SESSION['config']['gdd'] = "false"; $_SESSION['config']['gdd_auto_mail'] = "false"; $_SESSION['config']['gtb'] = "false"; $_SESSION['config']['other_link'] = "false"; //*** AUTRES ***// $_SESSION['config']['basket_all_group'] = "false"; //*************// $xmlfeatures = simplexml_load_file("$this->xml_config_path/features.xml"); if ($xmlfeatures) { foreach($xmlfeatures->FEATURES as $FEATURES) { $_SESSION['config']['corporate'] = utf8_decode((string) $FEATURES->corporate); $_SESSION['config']['replace_subject_by_society'] = utf8_decode((string) $FEATURES->replace_subject_by_society); $_SESSION['config']['enablechangenotif'] = utf8_decode((string) $FEATURES->enablechangenotif); $_SESSION['config']['redirect_list'] = utf8_decode((string) $FEATURES->redirect_list); $_SESSION['config']['gdi_index'] = utf8_decode((string) $FEATURES->gdi_index); $_SESSION['config']['mail_for_answer_by_index_file'] = utf8_decode((string) $FEATURES->mail_for_answer_by_index_file); $_SESSION['config']['show_welcome_graph'] = utf8_decode((string) $FEATURES->show_welcome_graph); $_SESSION['config']['search_max_size'] = utf8_decode((string) $FEATURES->search_max_size); $_SESSION['config']['printsep'] = utf8_decode((string) $FEATURES->printsep); $_SESSION['config']['modifycopylist'] = utf8_decode((string) $FEATURES->modifycopylist); $_SESSION['config']['enable_topics'] = utf8_decode((string) $FEATURES->enable_topics); $_SESSION['config']['update_limit_date'] = utf8_decode((string) $FEATURES->update_limit_date); $_SESSION['config']['tag100_for_copy'] = utf8_decode((string) $FEATURES->tag100_for_copy); $_SESSION['config']['collectivities'] = utf8_decode((string) $FEATURES->collectivities); $_SESSION['config']['action_waitingdoc'] = utf8_decode((string) $FEATURES->action_waitingdoc); $_SESSION['config']['mail_for_new_note'] = utf8_decode((string) $FEATURES->mail_for_new_note); $_SESSION['config']['before_waiting_doc'] = utf8_decode((string) $FEATURES->before_waiting_doc); $_SESSION['config']['mail_count'] = utf8_decode((string) $FEATURES->mail_count); $_SESSION['config']['private_notes'] = utf8_decode((string) $FEATURES->private_notes); $_SESSION['config']['borough'] = utf8_decode((string) $FEATURES->borough); $_SESSION['config']['workflow'] = utf8_decode((string) $FEATURES->workflow); $_SESSION['config']['show_only_elu_in_mailing_list'] = utf8_decode((string) $FEATURES->show_only_elu_in_mailing_list); $_SESSION['config']['redirect_to_user_on_treatment'] = utf8_decode((string) $FEATURES->redirect_to_user_on_treatment); $_SESSION['config']['enablefolder'] = utf8_decode((string) $FEATURES->enablefolder); $_SESSION['config']['contact_manage'] = utf8_decode((string) $FEATURES->contact_manage); $_SESSION['config']['check_validation_change'] = utf8_decode((string) $FEATURES->check_validation_change); $_SESSION['config']['hide_addtional_info'] = utf8_decode((string) $FEATURES->hide_addtional_info); $_SESSION['config']['delete_copy_for_service'] = utf8_decode((string) $FEATURES->delete_copy_for_service); $_SESSION['config']['restricted_diffusion_access'] = utf8_decode((string) $FEATURES->restricted_diffusion_access); $_SESSION['config']['show_users_in_diffusion'] = utf8_decode((string) $FEATURES->show_users_in_diffusion); $_SESSION['config']['show_services_in_diffusion'] = utf8_decode((string) $FEATURES->show_services_in_diffusion); $_SESSION['config']['agent_in_signing_list'] = utf8_decode((string) $FEATURES->agent_in_signing_list); $_SESSION['config']['elu_in_signing_list'] = utf8_decode((string) $FEATURES->elu_in_signing_list); $_SESSION['config']['hide_letter_service_redirect'] = utf8_decode((string) $FEATURES->hide_letter_service_redirect); $_SESSION['config']['free_diffusion_list'] = utf8_decode((string) $FEATURES->free_diffusion_list); $_SESSION['config']['webdav'] = utf8_decode((string) $FEATURES->webdav); $_SESSION['config']['oo_generate'] = utf8_decode((string) $FEATURES->oo_generate); $_SESSION['config']['search_in_response'] = utf8_decode((string) $FEATURES->search_in_response); $_SESSION['config']['view_only_response'] = utf8_decode((string) $FEATURES->view_only_response); $_SESSION['config']['clean_on_index'] = utf8_decode((string) $FEATURES->clean_on_index); $_SESSION['config']['details_on_index'] = utf8_decode((string) $FEATURES->details_on_index); $_SESSION['config']['view_on_process'] = utf8_decode((string) $FEATURES->view_on_process); //*** GDD ***// $_SESSION['config']['gdd'] = utf8_decode((string) $FEATURES->gdd); $_SESSION['config']['gdd_auto_mail'] = utf8_decode((string) $FEATURES->gdd); $_SESSION['config']['gtb'] = utf8_decode((string) $FEATURES->gtb); $_SESSION['config']['other_link'] = utf8_decode((string) $FEATURES->other_link); //*** AUTRES ***// $_SESSION['config']['basket_all_group'] = utf8_decode((string) $FEATURES->basket_all_group); //************// } } } /** * Build Maarch features into sessions vars with an xml features file */ public function build_history_config() { //Define defaut all features at 'false' $_SESSION['history']['usersdel'] = "false"; $_SESSION['history']['usersban'] = "false"; $_SESSION['history']['usersadd'] = "false"; $_SESSION['history']['usersup'] = "false"; $_SESSION['history']['usersval'] = "false"; $_SESSION['history']['doctypesdel'] = "false"; $_SESSION['history']['doctypesadd'] = "false"; $_SESSION['history']['doctypesup'] = "false"; $_SESSION['history']['doctypesval'] = "false"; $_SESSION['history']['doctypesprop'] = "false"; $_SESSION['history']['resadd'] = "false"; $_SESSION['history']['resup'] = "false"; $_SESSION['history']['resdel'] = "false"; $_SESSION['history']['usergroupsdel'] = "false"; $_SESSION['history']['usergroupsban'] = "false"; $_SESSION['history']['usergroupsadd'] = "false"; $_SESSION['history']['usergroupsup'] = "false"; $_SESSION['history']['usergroupsval'] = "false"; $_SESSION['history']['diffusion'] = "false"; $_SESSION['history']['redirection'] = "false"; $_SESSION['history']['userabs'] = "false"; $_SESSION['history']['modelsadd'] = "false"; $_SESSION['history']['modelsup'] = "false"; $_SESSION['history']['modelsdel'] = "false"; $_SESSION['history']['notesadd'] = "false"; $_SESSION['history']['notesup'] = "false"; $_SESSION['history']['notesdel'] = "false"; $_SESSION['history']['notesattach'] = "false"; $_SESSION['history']['ticketadd'] = "false"; $_SESSION['history']['ticketup'] = "false"; $_SESSION['history']['ticketdel'] = "false"; $_SESSION['history']['mailadd'] = "false"; $_SESSION['history']['mailup'] = "false"; $_SESSION['history']['maildel'] = "false"; $xmlhistory = @simplexml_load_file("$this->xml_config_path/history.xml"); if ($xmlhistory) { foreach($xmlhistory->HISTORY as $HISTORY) { $_SESSION['history']['usersdel'] = utf8_decode((string) $HISTORY->usersdel); $_SESSION['history']['usersban'] = utf8_decode((string) $HISTORY->usersban); $_SESSION['history']['usersadd'] = utf8_decode((string) $HISTORY->usersadd); $_SESSION['history']['usersup'] = utf8_decode((string) $HISTORY->usersup); $_SESSION['history']['usersval'] = utf8_decode((string) $HISTORY->usersval); $_SESSION['history']['doctypesdel'] = utf8_decode((string) $HISTORY->doctypesdel); $_SESSION['history']['doctypesadd'] = utf8_decode((string) $HISTORY->doctypesadd); $_SESSION['history']['doctypesup'] = utf8_decode((string) $HISTORY->doctypesup); $_SESSION['history']['doctypesval'] = utf8_decode((string) $HISTORY->doctypesval); $_SESSION['history']['doctypesprop'] = utf8_decode((string) $HISTORY->doctypesprop); $_SESSION['history']['resadd'] = utf8_decode((string) $HISTORY->resadd); $_SESSION['history']['resup'] = utf8_decode((string) $HISTORY->resup); $_SESSION['history']['resdel'] = utf8_decode((string) $HISTORY->resdel); $_SESSION['history']['usergroupsdel'] = utf8_decode((string) $HISTORY->usergroupsdel); $_SESSION['history']['usergroupsban'] = utf8_decode((string) $HISTORY->usergroupsban); $_SESSION['history']['usergroupsadd'] = utf8_decode((string) $HISTORY->usergroupsadd); $_SESSION['history']['usergroupsup'] = utf8_decode((string) $HISTORY->usergroupsup); $_SESSION['history']['usergroupsval'] = utf8_decode((string) $HISTORY->usergroupsval); $_SESSION['history']['diffusion'] = utf8_decode((string) $HISTORY->diffusion); $_SESSION['history']['redirection'] = utf8_decode((string) $HISTORY->redirection); $_SESSION['history']['userabs'] = utf8_decode((string) $HISTORY->userabs); $_SESSION['history']['modelsadd'] = utf8_decode((string) $HISTORY->modelsadd); $_SESSION['history']['modelsup'] = utf8_decode((string) $HISTORY->modelsup); $_SESSION['history']['modelsdel'] = utf8_decode((string) $HISTORY->modelsdel); $_SESSION['history']['notesadd'] = utf8_decode((string) $HISTORY->notesadd); $_SESSION['history']['notesup'] = utf8_decode((string) $HISTORY->notesup); $_SESSION['history']['notesdel'] = utf8_decode((string) $HISTORY->notesdel); $_SESSION['history']['notesattach'] = utf8_decode((string) $HISTORY->notesattach); $_SESSION['history']['ticketadd'] = utf8_decode((string) $HISTORY->ticketadd); $_SESSION['history']['ticketup'] = utf8_decode((string) $HISTORY->ticketup); $_SESSION['history']['ticketdel'] = utf8_decode((string) $HISTORY->ticketdel); $_SESSION['history']['mailadd'] = utf8_decode((string) $HISTORY->mailadd); $_SESSION['history']['mailup'] = utf8_decode((string) $HISTORY->mailup); $_SESSION['history']['maildel'] = utf8_decode((string) $HISTORY->maildel); $_SESSION['history']['folderadd'] = utf8_decode((string) $HISTORY->folderadd); $_SESSION['history']['folderup'] = utf8_decode((string) $HISTORY->folderup); $_SESSION['history']['folderdel'] = utf8_decode((string) $HISTORY->folderdel); $_SESSION['history']['foldermove'] = utf8_decode((string) $HISTORY->foldermove); $_SESSION['history']['folderput'] = utf8_decode((string) $HISTORY->folderput); $_SESSION['history']['folderoutput'] = utf8_decode((string) $HISTORY->folderoutput); } } } /** * Build Maarch tablenames into sessions vars with an xml tablename file */ public function build_tablename_config() { //Define defaut all features at 'false' $xmltablename = @simplexml_load_file("$this->xml_config_path/tablename.xml"); if ($xmltablename) { foreach($xmltablename->TABLENAME as $TABLENAME) { $_SESSION['tablename']['arboxes'] = utf8_decode((string) $TABLENAME->arboxes); $_SESSION['tablename']['arcontainers'] = utf8_decode((string) $TABLENAME->arcontainers); $_SESSION['tablename']['authors'] = utf8_decode((string) $TABLENAME->authors); $_SESSION['tablename']['baskets'] = utf8_decode((string) $TABLENAME->baskets); $_SESSION['tablename']['docservers'] = utf8_decode((string) $TABLENAME->docservers); $_SESSION['tablename']['doctypes'] = utf8_decode((string) $TABLENAME->doctypes); $_SESSION['tablename']['domains'] = utf8_decode((string) $TABLENAME->domains); $_SESSION['tablename']['domain_service'] = utf8_decode((string) $TABLENAME->domain_service); $_SESSION['tablename']['ext_docserver'] = utf8_decode((string) $TABLENAME->extdocserver); $_SESSION['tablename']['fulltext'] = utf8_decode((string) $TABLENAME->fulltext); $_SESSION['tablename']['groupbasket'] = utf8_decode((string) $TABLENAME->groupbaskets); $_SESSION['tablename']['groupsecurity'] = utf8_decode((string) $TABLENAME->groupsecurity); $_SESSION['tablename']['history'] = utf8_decode((string) $TABLENAME->history); $_SESSION['tablename']['listinstance'] = utf8_decode((string) $TABLENAME->listinstance); $_SESSION['tablename']['listmodel'] = utf8_decode((string) $TABLENAME->listmodel); $_SESSION['tablename']['listmodel_assoc'] = utf8_decode((string) $TABLENAME->listmodel_assoc); $_SESSION['tablename']['models'] = utf8_decode((string) $TABLENAME->models); $_SESSION['tablename']['model_service'] = utf8_decode((string) $TABLENAME->model_service); $_SESSION['tablename']['param'] = utf8_decode((string) $TABLENAME->param); $_SESSION['tablename']['resgroups'] = utf8_decode((string) $TABLENAME->resgroups); $_SESSION['tablename']['resgroup_content'] = utf8_decode((string) $TABLENAME->resgroup_content); $_SESSION['tablename']['security'] = utf8_decode((string) $TABLENAME->security); $_SESSION['tablename']['usergroups'] = utf8_decode((string) $TABLENAME->usergroups); $_SESSION['tablename']['usergroup_content'] = utf8_decode((string) $TABLENAME->usergroupcontent); $_SESSION['tablename']['users'] = utf8_decode((string) $TABLENAME->users); $_SESSION['tablename']['services'] = utf8_decode((string) $TABLENAME->services); $_SESSION['tablename']['missing_user'] = utf8_decode((string) $TABLENAME->missing_user); $_SESSION['tablename']['senders'] = utf8_decode((string) $TABLENAME->sender); $_SESSION['tablename']['notes'] = utf8_decode((string) $TABLENAME->notes); $_SESSION['tablename']['saved_queries'] = utf8_decode((string) $TABLENAME->saved_queries); $_SESSION['tablename']['coll_serv'] = utf8_decode((string) $TABLENAME->coll_serv); $_SESSION['tablename']['borough'] = utf8_decode((string) $TABLENAME->borough); $_SESSION['tablename']['cantons'] = utf8_decode((string) $TABLENAME->cantons); $_SESSION['tablename']['epci'] = utf8_decode((string) $TABLENAME->epci); $_SESSION['tablename']['communes'] = utf8_decode((string) $TABLENAME->communes); $_SESSION['tablename']['tickets'] = utf8_decode((string) $TABLENAME->tickets); $_SESSION['tablename']['tickets_amounts'] = utf8_decode((string) $TABLENAME->tickets_amounts); $_SESSION['tablename']['fileplans'] = utf8_decode((string) $TABLENAME->fileplans); $_SESSION['tablename']['folderres'] = utf8_decode((string) $TABLENAME->folderres); $_SESSION['tablename']['folders'] = utf8_decode((string) $TABLENAME->folders); $_SESSION['tablename']['folderscope'] = utf8_decode((string) $TABLENAME->folderscope); $_SESSION['tablename']['ext_applications'] = utf8_decode((string) $TABLENAME->ext_applications); $_SESSION['tablename']['assoc_street_quarter_communes'] = utf8_decode((string) $TABLENAME->assoc_street_quarter_communes); $_SESSION['tablename']['quarter'] = utf8_decode((string) $TABLENAME->quarter); $_SESSION['tablename']['street'] = utf8_decode((string) $TABLENAME->street); } } } /** * Build Maarch configuration into sessions vars with an xml configuration file */ public function build_config() { // build Maarch configuration into sessions vars $xmlconfig = simplexml_load_file("$this->xml_config_path/config.xml"); $initLB= new LetterBox("$this->xml_config_path"); $initLB->xmltosessionletterbox(); foreach($xmlconfig->CONFIG as $CONFIG) { $_SESSION['config']['databaseserver'] = utf8_decode((string) $CONFIG->databaseserver); $_SESSION['config']['databasename'] = utf8_decode((string) $CONFIG->databasename); $_SESSION['config']['databaseuser'] = utf8_decode((string) $CONFIG->databaseuser); $_SESSION['config']['databasepassword'] = utf8_decode((string) $CONFIG->databasepassword); $_SESSION['config']['tmpdir'] = utf8_decode((string) $CONFIG->tmpdir); $_SESSION['config']['includedir'] = utf8_decode((string) $CONFIG->includedir); $_SESSION['config']['nblinetoshow'] = utf8_decode((string) $CONFIG->nblinetoshow); $_SESSION['config']['limitcharsearch'] = utf8_decode((string) $CONFIG->limitcharsearch); $_SESSION['config']['lang'] = utf8_decode((string) $CONFIG->lang); $_SESSION['config']['adminmail'] = utf8_decode((string) $CONFIG->adminmail); $_SESSION['config']['adminname'] = utf8_decode((string) $CONFIG->adminname); $_SESSION['config']['enabledadvsearch'] = utf8_decode((string) $CONFIG->enabledadvsearch); $_SESSION['config']['enabledindexfile'] = utf8_decode((string) $CONFIG->enabledindexfile); $_SESSION['config']['enabledvalidation'] = utf8_decode((string) $CONFIG->enabledvalidation); $_SESSION['config']['enabledprocess'] = utf8_decode((string) $CONFIG->enabledprocess); $_SESSION['config']['enablestats'] = utf8_decode((string) $CONFIG->enablestats); $_SESSION['config']['shortcut'] = utf8_decode((string) $CONFIG->shortcut); $_SESSION['config']['xmlpath'] = utf8_decode((string) $CONFIG->xmlpath); $_SESSION['config']['debug'] = utf8_decode((string) $CONFIG->debug); $_SESSION['config']['applicationname'] = utf8_decode((string) $CONFIG->applicationname); $_SESSION['config']['css'] = utf8_decode((string) $CONFIG->css); $_SESSION['config']['css_IE'] = utf8_decode((string) $CONFIG->css_ie); $_SESSION['config']['css_IE7'] = utf8_decode((string) $CONFIG->css_ie7); $_SESSION['config']['img'] = utf8_decode((string) $CONFIG->img); $_SESSION['config']['MaarchURL'] = utf8_decode((string) $CONFIG->MaarchURL); $_SESSION['config']['defaultPage'] = utf8_decode((string) $CONFIG->defaultPage); $_SESSION['config']['exportlist'] = utf8_decode((string) $CONFIG->exportlist); $_SESSION['config']['cookietime'] = utf8_decode((string) $CONFIG->CookieTime); $_SESSION['config']['force_client_utf8'] = utf8_decode((string) $CONFIG->force_client_utf8); $_SESSION['config']['ldap'] = utf8_decode((string) $CONFIG->ldap); $_SESSION['config']['ldap_config_path'] = utf8_decode((string) $CONFIG->ldap_config_path); $_SESSION['config']['ldap_directory'] = utf8_decode((string) $CONFIG->ldap_directory); $_SESSION['config']['path_to_lucene_index'] = utf8_decode((string) $CONFIG->path_to_lucene_index); $_SESSION['config']['ez_components_path'] = utf8_decode((string) $CONFIG->ez_components_path); $_SESSION['config']['webdav_content'] = utf8_decode((string) $CONFIG->webdav_content); $_SESSION['config']['webdav_url'] = utf8_decode((string) $CONFIG->webdav_url); $_SESSION['config']['webdav_reserved_time'] = utf8_decode((string) $CONFIG->webdav_reserved_time); $_SESSION['config']['path_to_php_mailer'] = utf8_decode((string) $CONFIG->path_to_php_mailer); $_SESSION['config']['mail_is_smtp'] = utf8_decode((string) $CONFIG->mail_is_smtp); $_SESSION['config']['mail_host'] = utf8_decode((string) $CONFIG->mail_host); $_SESSION['config']['mail_smtp_auth'] = utf8_decode((string) $CONFIG->mail_smtp_auth); $_SESSION['config']['mail_user'] = utf8_decode((string) $CONFIG->mail_user); $_SESSION['config']['mail_password'] = utf8_decode((string) $CONFIG->mail_password); $_SESSION['config']['navigationbuffer'] = utf8_decode((string) $CONFIG->navigationbuffer); } //Load enabled features $this->build_features(); //Load history config $this->build_history_config(); //Load history config $this->build_tablename_config(); $i=0; foreach($xmlconfig->RESOURCES as $RESOURCES) { $_SESSION['ressources'][$i] = array("tablename" => utf8_decode((string) $RESOURCES->tablename), "comment" => utf8_decode((string) $RESOURCES->comment)); $i++; } //MAILER foreach($xmlconfig->MAILER as $MAILER) { foreach( $MAILER->children() as $m_node ) $_SESSION['mailer'][$m_node->getName()] = utf8_decode((string) $m_node); } } /** * Build the alphabetic list of users letters */ public function userslistletters() { // build the alphabetic list of users letters ?>

: A B C D E F G H I J K L M N O P Q R S T U V W X Y Z -

: A B C D E F G H I J K L M N O P Q R S T U V W X Y Z -

: A B C D E F G H I J K L M N O P Q R S T U V W X Y Z -

: A B C D E F G H I J K L M N O P Q R S T U V W X Y Z -

connect(); $db_abs->query("select distinct USER_ABS from ".$_SESSION['tablename']['missing_user']); //$db_abs->show(); $j=0; while($line = $db_abs->fetch_object()) { $user_abs[$j] = $line->USER_ABS; $j++; } */ $this->connect(); $this->query("select count(*) as total from ".$table_name." where STATUS <> 'DEL'"); $nb_total_1 = $this->fetch_object(); $nb_total = $nb_total_1->total; // define the defaults values $nb_pages = ceil($nb_total/$nb_show); $link = "index.php?page=".$page_name."&start=".$this->the_start."&order=".$this->orderby.$what; if($nb_pages > 1) { $next_start = 0; $page_list1 = '

'; $lastpage = 0; for($i = 0;$i <> $nb_pages; $i++) { $page_name = $i + 1; $the_line = $i + 1; if($this->the_start == $next_start) { $page_list1 .= ""; $page_list2 .= ""; } else { $page_list1 .= ""; $page_list2 .= ""; } $next_start = $next_start + $nb_show; $lastpage = $next_start; } $lastpage = $lastpage - $nb_show; $previous = ""; $next = ""; if($this->the_start > 0) { $start_prev = $this->the_start - $nb_show; $previous = ''; } if($this->the_start <> $lastpage) { $start_next = $this->the_start + $nb_show; $next = ''; } $page_list1 = $page_list1.""; $page_list2 = $page_list2.""; if($previous <> '' || $next <> '') { if(empty($previous)) { $previous = " "; } if(empty($next)) { $next = " "; } $page_list1 .= $previous." ".$next.'

'; $page_list2 .= $previous." ".$next.'

'; } } $this->query("select * from ".$table_name." where STATUS <> 'DEL' ".$where." ".$this->sqlorderby." limit ".$this->the_start.",".$nb_show); echo '

'.$title.'

'; $this->userslistletters(); echo $page_list1; $db = new dbquery(); $db->connect(); ?> fetch_object()) { if($color == ' class="col"') { $color = ''; } else { $color = ' class="col"'; } ?> >
USER_ID.""; $is_abs = false; if($line->STATUS == 'ABS') { $is_abs = true; } /*for ($n=0; $n<=count($user_abs); $n++) { if ($line->USER_ID == $user_abs[$n]) { $is_abs = true; } }*/ if ($is_abs==true) { echo "("._MISSING.")"; } ?> show($line->LASTNAME); ?> show($line->FIRSTNAME); ?> ENABLED == "N") { ?> <?php echo _NOT_ENABLED;?> ENABLED == "Y") { ?> <?php echo _ENABLED; ?> query("select SERVICE from ".$_SESSION['tablename']['services']. " where ID = '".$line->DEPARTMENT."'"); $res = $db->fetch_object(); echo str_replace('\\', '',$res->SERVICE); ?> ENABLED == "Y") { echo ''._MODIFY.''; } ?> ENABLED == "N" ) { echo ''._AUTHORIZE.''; } else { echo ''._SUSPEND.''; } ?> USER_ID.'" class="delete" onclick="return(confirm(\''._REALLY_DELETE.' '.$line->FIRSTNAME.' '.$line->LASTNAME.' ?\n'._DEFINITIVE_ACTION.'\'));">'._DELETE.''; ?>
clearuserinfos(); } /** * Draw the users list * * @param string $where sorting of the list (empty by default) * @param string $what first letter of the name (empty by default) */ public function userscontactlist($where = "",$what = "", $redirect, $selected = array()) { // draw the users list $func = new functions(); /* Configuration */ /* Just edit this part */ $title = _USERS_LIST; $table_name = $_SESSION['tablename']['users']; $nb_show = $_SESSION['config']['nblinetoshow']; if(!empty($what)){ $what = "&what=".$what; } $this->connect(); $this->query("select count(*) as total from ".$table_name." where STATUS <> 'DEL'"); $nb_total_1 = $this->fetch_object(); $nb_total = $nb_total_1->total; // define the defaults values $nb_pages = ceil($nb_total/$nb_show); $link = "liste_user_diffusion.php?".$redirect."&tab=user&start=".$this->the_start."&order=".$this->orderby.$what; /* if($nb_pages > 1){ $next_start = 0; $page_list1 = '

'; $lastpage = 0; for($i = 0;$i <> $nb_pages; $i++){ $the_line = $i + 1; if($this->the_start == $next_start){ $page_list1 .= ""; $page_list2 .= ""; } else{ $page_list1 .= ""; $page_list2 .= ""; } $next_start = $next_start + $nb_show; $lastpage = $next_start; } $lastpage = $lastpage - $nb_show; $previous = ""; $next = ""; if($this->the_start > 0){ $start_prev = $this->the_start - $nb_show; $previous = ''; } if($this->the_start <> $lastpage){ $start_next = $this->the_start + $nb_show; $next = ''; } $page_list1 = $page_list1.""; $page_list2 = $page_list2.""; if($previous <> '' || $next <> ''){ if(empty($previous)) { $previous = " "; } if(empty($next)) { $next = " "; } $page_list1 .= $previous." ".$next.'

'; $page_list2 .= $previous." ".$next.'

'; } } */ //$this->query("select * from ".$table_name." where STATUS <> 'DEL' ".$where." ".$this->sqlorderby." limit ".$this->the_start.",".$nb_show); $this->query("select * from ".$table_name." where STATUS <> 'DEL' ".$where." ".$this->sqlorderby); $db = new dbquery(); $db->connect(); ?>

fetch_object()){ if($color == ' class="col"'){ $color = ''; } else{ $color = ' class="col"'; } $email = $func->show($line->MAIL); ?> >
name="lstUser[]" value="" /> show($line->LASTNAME); ?> show($line->FIRSTNAME); ?> query("select SERVICE from ".$_SESSION['tablename']['services']. " where ID = '".$line->DEPARTMENT."'"); $res = $db->fetch_object(); echo str_replace('\\', '',$res->SERVICE); ?>
connect(); $this->query("select count(*) as total from ".$table_name." WHERE TOCONTACT = '' OR TOCONTACT IS NULL "); $nb_total_1 = $this->fetch_object(); $nb_total = $nb_total_1->total; // define the defaults values $nb_pages = ceil($nb_total/$nb_show); $link = "liste_user_diffusion.php?".$redirect."&tab=sder&start=".$this->the_start."&order=".$this->orderby.$what; /* if($nb_pages > 1){ $next_start = 0; $page_list1 = '

'; $lastpage = 0; for($i = 0;$i <> $nb_pages; $i++){ $the_line = $i + 1; if($this->the_start == $next_start){ $page_list1 .= ""; $page_list2 .= ""; } else{ $page_list1 .= ""; $page_list2 .= ""; } $next_start = $next_start + $nb_show; $lastpage = $next_start; } $lastpage = $lastpage - $nb_show; $previous = ""; $next = ""; if($this->the_start > 0){ $start_prev = $this->the_start - $nb_show; $previous = ''; } if($this->the_start <> $lastpage){ $start_next = $this->the_start + $nb_show; $next = ''; } $page_list1 = $page_list1.""; $page_list2 = $page_list2.""; if($previous <> '' || $next <> ''){ if(empty($previous)) { $previous = " "; } if(empty($next)) { $next = " "; } $page_list1 .= $previous." ".$next.'

'; $page_list2 .= $previous." ".$next.'

'; } } */ //$this->query("select * from ".$table_name." WHERE (TOCONTACT = '' OR TOCONTACT IS NULL) ".$where." ".$this->sqlorderby." limit ".$this->the_start.",".$nb_show); $this->query("select * from ".$table_name." WHERE (TOCONTACT = '' OR TOCONTACT IS NULL) ".$where." ".$this->sqlorderby); $db = new dbquery(); $db->connect(); ?>

fetch_object()){ if($color == ' class="col"'){ $color = ''; } else{ $color = ' class="col"'; } $email = $func->show($line->MAIL); ?> >
name="lstEmet[]" value="" /> show($line->LASTNAME); ?> show($line->FIRSTNAME); ?> show($line->SOCIETY); ?>
connect(); $this->query("select count(*) as total from ".$table_name." WHERE TOCONTACT = '".$_SESSION['user']['UserId']."' "); $nb_total_1 = $this->fetch_object(); $nb_total = $nb_total_1->total; // define the defaults values $nb_pages = ceil($nb_total/$nb_show); $link = "liste_user_diffusion.php?".$redirect."&tab=cont&start=".$this->the_start."&order=".$this->orderby.$what; /* if($nb_pages > 1){ $next_start = 0; $page_list1 = '

'; $lastpage = 0; for($i = 0;$i <> $nb_pages; $i++){ $the_line = $i + 1; if($this->the_start == $next_start){ $page_list1 .= ""; $page_list2 .= ""; } else{ $page_list1 .= ""; $page_list2 .= ""; } $next_start = $next_start + $nb_show; $lastpage = $next_start; } $lastpage = $lastpage - $nb_show; $previous = ""; $next = ""; if($this->the_start > 0){ $start_prev = $this->the_start - $nb_show; $previous = ''; } if($this->the_start <> $lastpage){ $start_next = $this->the_start + $nb_show; $next = ''; } $page_list1 = $page_list1.""; $page_list2 = $page_list2.""; if($previous <> '' || $next <> ''){ if(empty($previous)) { $previous = " "; } if(empty($next)) { $next = " "; } $page_list1 .= $previous." ".$next.'

'; $page_list2 .= $previous." ".$next.'

'; } } */ //$this->query("select * from ".$table_name." WHERE TOCONTACT = '".$_SESSION['user']['UserId']."' ".$where." ".$this->sqlorderby." limit ".$this->the_start.",".$nb_show); $this->query("select * from ".$table_name." WHERE TOCONTACT = '".$_SESSION['user']['UserId']."' ".$where." ".$this->sqlorderby); $db = new dbquery(); $db->connect(); ?>

fetch_object()){ if($color == ' class="col"'){ $color = ''; } else{ $color = ' class="col"'; } $email = $func->show($line->MAIL); ?> >
name="lstContact[]" value="" /> show($line->LASTNAME); ?> show($line->FIRSTNAME); ?> show($line->SOCIETY); ?>
connect(); $this->query("select USER_ID, FirstName, LastName from ".$_SESSION['tablename']['users']." where user_id = '".$id."'"); if($this->nb_result() == 0) { $_SESSION['error'] = _USER.' '._UNKNOWN; header("location: index.php?page=users"); exit; } else { $info = $this->fetch_object(); $theuser = $info->LastName." ".$info->FirstName; if($mode == "allow") { $this->query("Update ".$_SESSION['tablename']['users']." set enabled = 'Y' where user_id = '".$id."'"); if($_SESSION['history']['usersval'] == "true") { require_once("class_history.php"); $users = new history(); $users->add($_SESSION['tablename']['users'], $id,"VAL",_USER_AUTORIZATION." ".$theuser); } $_SESSION['error'] = _AUTORIZED_USER; } elseif($mode == "ban") { $this->query("Update ".$_SESSION['tablename']['users']." set enabled = 'N' where user_id = '".$id."'"); if($_SESSION['history']['usersban'] == "true") { require_once("class_history.php"); $users = new history(); $users->add($_SESSION['tablename']['users'], $id,"BAN",_USER_SUSPENSION." : ".$theuser); } $_SESSION['error'] = _SUSPENDED_USER; } elseif($mode == "del" ) { $this->query("update ".$_SESSION['tablename']['users']." set STATUS = 'DEL' where user_id = '".$id."'"); $this->query("delete from ".$_SESSION['tablename']['usergroup_content']." where user_id = '".$id."'"); $this->query("select ID from ".$_SESSION['tablename']['listmodel']." where user_id = '".$id."'"); $db = new dbquery(); $db->connect(); $db2 = new dbquery(); $db2->connect(); while($res = $this->fetch_object()) { $service_id = $res->ID; $decal = false; $db->query("select * from ".$_SESSION['tablename']['listmodel']." where ID = '".$service_id."' order by SEQUENCE"); while($res2 = $db->fetch_object()) { $user = $res2->USER_ID; if($decal) { $db2->query("update ".$_SESSION['tablename']['listmodel']." set SEQUENCE = SEQUENCE -1 where USER_ID = '".$user."' and ID = '".$service_id."'"); } if($user == $id) { $decal = true; $db2->query("delete from ".$_SESSION['tablename']['listmodel']." where ID = '".$service_id."' and USER_ID = '".$id."'"); } } } if($_SESSION['history']['usersdel']) { require_once("class_history.php"); $users = new history(); $users->add($_SESSION['tablename']['users'], $id,"DEL",_USER_DELETION." : ".$theuser); } $_SESSION['error'] = _DELETED_USER; } header("location: index.php?page=users"); exit; } } } /** * Treats the information returned by the form of (). * */ public function user_modif() { require_once("class_functions.php"); $func = new functions(); $_SESSION['user']['FirstName'] = $func->wash($_POST['FirstName'], "no", _FIRSTNAME); $_SESSION['user']['FirstName'] = stripslashes($_SESSION['user']['FirstName']); $_SESSION['user']['LastName'] = $func->wash($_POST['LastName'], "no", _LASTNAME); $_SESSION['user']['LastName'] = stripslashes($_SESSION['user']['LastName']); $_SESSION['user']['pass1'] = $func->wash($_POST['pass1'], "no", _FIRST_PSW); $_SESSION['user']['pass2'] = $func->wash($_POST['pass2'], "no", _SECOND_PSW); if($_SESSION['user']['pass1'] <> $_SESSION['user']['pass2']) { $func->add_error(_WRONG_SECOND_PSW, ''); } if(isset($_POST['Phone']) && !empty($_POST['Phone'])) { $_SESSION['user']['Phone'] = $_POST['Phone']; } if(isset($_POST['Fonction']) && !empty($_POST['Fonction'])) { $_SESSION['user']['Fonction'] = $_POST['Fonction']; $_SESSION['user']['Fonction'] = stripslashes($_SESSION['user']['Fonction'] ); } if(isset($_POST['Mail']) && !empty($_POST['Mail'])) { $_SESSION['user']['Mail'] = $_POST['Mail']; } if(empty($_SESSION['error'])) { $this->connect(); $this->query("update `".$_SESSION['tablename']['users']."` set PASSWORD = '".md5($_SESSION['user']['pass1'])."', `FirstName` = '".$_SESSION['user']['FirstName']."', `LastName` = '".$_SESSION['user']['LastName']."', `Phone` = '".$_SESSION['user']['Phone']."', `Mail` = '".$_SESSION['user']['Mail']."' , `Department` = '".$_SESSION['user']['department']."' , `FONCTION` = '".$_SESSION['user']['Fonction']."' where user_id = '".$_SESSION['user']['UserId']."'"); if($_SESSION['history']['usersup'] == "true") { require_once("class_history.php"); $users = new history(); $users->add($_SESSION['tablename']['users'], $_SESSION['user']['UserId'],"UP",_USER_UPDATE." ".$_SESSION['user']['LastName']." : ".$_SESSION['user']['FirstName']); } $_SESSION['error'] = _USER_UPDATED; header("location: index.php"); exit; } else { header("location: index.php?page=modify_user"); exit; } } /** * Form for the management of the current user. * */ public function change_info_user() { $this->connect(); $this->query("select ID, SERVICE from ".$_SESSION['tablename']["services"]." where ENABLED = 'Y' order by SERVICE asc"); $services = array(); while($res = $this->fetch_object()) { array_push($services, array('ID' => $res->ID, 'LABEL' => $res->SERVICE)); } ?>

query("select count(*) as DATE_TRAIT from ".$_SESSION['ressources'][0]['tablename']." WHERE date(CUSTOM_D3)='".date("Y")."-".date("m")."-".date("d")."' AND DEST_USER='".$_SESSION['user']['UserId']."'"); //$this->show(); $line01 = $this->fetch_object(); $this->query("select count(*) as INDEX_TRAIT from ".$_SESSION['ressources'][0]['tablename']." WHERE date(CREATION_DATE)='".date("Y")."-".date("m")."-".date("d")."' AND TYPIST='".$_SESSION['user']['UserId']."'"); //$this->show(); $line02 = $this->fetch_object(); $this->query("select count(*) as REP_TRAIT from ".$_SESSION['tablename']['history']." WHERE date(EVENT_DATE)='".date("Y")."-".date("m")."-".date("d")."' AND USER_ID='".$_SESSION['user']['UserId']."' AND EVENT_TYPE='RED'"); //$this->show(); $line03 = $this->fetch_object(); ?>

:

    ".str_replace('\\', '',$_SESSION['user']['services'][$i]['LABEL'])." "; } ?>

:

  • : DATE_TRAIT; ?>
  • : INDEX_TRAIT; ?>
  • : REP_TRAIT; ?>

value="" />

value="" />

value="" />

value="" />

value="" readonly="readonly" class="readonly" />

value="" />

value="" />

show_array($_SESSION['user']['baskets']); require_once('class_basket.php'); $bask = new basket(); $modal_content = $bask->redirect_my_baskets_list($_SESSION['user']['baskets'], count($_SESSION['user']['baskets']), $_SESSION['user']['UserId']); echo "
"; ?>

"; ?>

connect(); $this->query("select ID, SERVICE from ".$_SESSION['tablename']["services"]." where ENABLED = 'Y' order by SERVICE asc"); $services = array(); while($res = $this->fetch_object()) { array_push($services, array('ID' => $res->ID, 'LABEL' => $res->SERVICE)); } if(empty($_SESSION['error'])) { $this->connect(); $this->query("select count(*) as total from ".$_SESSION['tablename']['usergroups']." where enabled ='Y'"); $nb_total_1 = $this->fetch_object(); $_SESSION['m_admin']['nbgroups'] = $nb_total_1->total; $this->query("select * from ".$_SESSION['tablename']['services']); } if($mode == "up") { $_SESSION['m_admin']['mode'] = "up"; if(empty($_SESSION['error'])) { $this->connect(); $this->query("select * from ".$_SESSION['tablename']['users']." where user_id = '".$id."'"); if($this->nb_result() == 0) { $_SESSION['error'] = _USER.' '._UNKNOWN; $state = false; } else { $line = $this->fetch_object(); $_SESSION['m_admin']['users']['UserId'] = $line->USER_ID; $_SESSION['m_admin']['users']['FirstName'] = $line->FIRSTNAME; $_SESSION['m_admin']['users']['LastName'] = $line->LASTNAME; $_SESSION['m_admin']['users']['Phone'] = $line->PHONE; $_SESSION['m_admin']['users']['Mail'] = $line->MAIL; $_SESSION['m_admin']['users']['Department'] = $line->DEPARTMENT; $_SESSION['m_admin']['users']['Enabled'] = $line->ENABLED; $_SESSION['m_admin']['users']['Status'] = $line->STATUS; $_SESSION['m_admin']['users']['Elu'] = $line->ELU; $_SESSION['m_admin']['users']['Fonction'] = $line->FONCTION; $_SESSION['m_admin']['users']['notification'] = $line->NOTIFICATION; } for($i=0;$i < count($_SESSION['m_admin']['users']['groups']); $i++) { if($_SESSION['m_admin']['users']['groups'][$i]['USER_ID'] <> $_SESSION['m_admin']['users']['UserId']) { $_SESSION['m_admin']['load_group'] = true; break; } } if ($_SESSION['m_admin']['load_group'] == true || ! isset($_SESSION['m_admin']['load_group'] )) { $ugc->load_group_session($_SESSION['m_admin']['users']['UserId']); } } } elseif($mode == "add" ) { $_SESSION['m_admin']['mode'] = "add"; if ($_SESSION['m_admin']['init']== true || !isset($_SESSION['m_admin']['init'] )) { $ugc->init_session(); } } if($mode == "add") { echo '

'._USER_ADDITION.'

'; } elseif($mode == "up") { echo '

'._USER_MODIFICATION.'

'; } ?>




"._USER.' '._UNKNOWN."



"; } else { ?>
" class="forms addforms">

show($_SESSION['m_admin']['users']['UserId']); } ?>hiddentext" id="UserId" value="show($_SESSION['m_admin']['users']['UserId']); ?>" />*

*

*

*

*



/>

/>


get_baskets($_SESSION['m_admin']['users']['UserId']); //print_r($arr_baskets); $modal_content = $bask->redirect_my_baskets_list($arr_baskets, count($arr_baskets), $_SESSION['m_admin']['users']['UserId']); echo "
"; ?>

wash($_POST['UserId'], "nick", _USER_ID); $_SESSION['m_admin']['users']['pass'] = md5("maarch"); } if($mode == "up") { $_SESSION['m_admin']['users']['UserId'] = $func->wash($_POST['id'], "nick", _USER_ID); } if(!isset($_SESSION['m_admin']['users']['notification']) || empty($_SESSION['m_admin']['users']['notification'])) { $_SESSION['m_admin']['users']['notification'] = 0; } $_SESSION['m_admin']['users']['FirstName'] = $func->wash($_POST['FirstName'], "no", _FIRSTNAME); $_SESSION['m_admin']['users']['FirstName'] = stripslashes($_SESSION['m_admin']['users']['FirstName']); $_SESSION['m_admin']['users']['LastName'] = $func->wash($_POST['LastName'], "no", _LASTNAME); $_SESSION['m_admin']['users']['LastName'] = stripslashes($_SESSION['m_admin']['users']['LastName']); $_SESSION['m_admin']['users']['Department'] = $func->wash($_POST['Department'], "no", _DEPARTMENT); if(isset($_POST['Phone']) && !empty($_POST['Phone'])) { $_SESSION['m_admin']['users']['Phone'] = $_POST['Phone']; } $_SESSION['m_admin']['users']['Mail'] = $func->wash($_POST['Mail'], "mail", _MAIL); if(isset($_POST['Fonction']) && !empty($_POST['Fonction'])) { $_SESSION['m_admin']['users']['Fonction'] = $_POST['Fonction']; $_SESSION['m_admin']['users']['Fonction'] = stripslashes($_SESSION['m_admin']['users']['Fonction'] ); } $_SESSION['m_admin']['users']['Elu'] = $_POST['elu']; $ugc = new usergroup_content(); $primary_set = false; for($i=0; $i < count($_SESSION['m_admin']['users']['groups']);$i++) { if($_SESSION['m_admin']['users']['groups'][$i]['PRIMARY'] == 'Y') { $primary_set = true; break; } } if ($primary_set == false) { $ugc->add_error(_NO_PRIMARY_GROUP, ""); } } /** * Add ou modify users in the database * * @param string $mode up or add */ public function addupusers($mode) { // add ou modify users in the database $this->usersinfo($mode); if(!empty($_SESSION['error'])) { if($mode == "up") { if(!empty($_SESSION['m_admin']['users']['UserId'])) { header("location: index.php?page=users_up&id=".$_SESSION['m_admin']['users']['UserId']); exit; } else { header("location: index.php?page=users"); exit; } } elseif($mode == "add") { $_SESSION['m_admin']['load_group'] = false; header("location: index.php?page=users_add"); exit; } } else { $this->connect(); if($mode == "add") { $this->query("select USER_ID, STATUS from ".$_SESSION['tablename']['users']." where User_Id = '".$_SESSION['m_admin']['users']['UserId']."'"); $res = $this->fetch_object(); if($this->nb_result() > 0) { if($res->STATUS == 'OK') { $_SESSION['error'] = _THE_USER." ".$_SESSION['m_admin']['users']['UserId']." "._ALREADY_EXISTS."
"; header("location: index.php?page=users_add"); exit; } else { $this->query("DELETE from ".$_SESSION['tablename']['users']." where USER_ID = '".$_SESSION['m_admin']['users']['UserId']."'"); } } $this->query("INSERT INTO `".$_SESSION['tablename']['users']."` ( `USER_ID` , `PASSWORD` , `FIRSTNAME` , `LASTNAME` , `PHONE` , `MAIL` , `DEPARTMENT` , `FONCTION` ,`COOKIE_KEY` , `COOKIE_DATE` , `ELU` , `ENABLED` , `NOTIFICATION`) VALUES ( '".$_SESSION['m_admin']['users']['UserId']."', '".$_SESSION['m_admin']['users']['pass']."', '".addslashes($_SESSION['m_admin']['users']['FirstName'])."', '".addslashes($_SESSION['m_admin']['users']['LastName'])."', '".$_SESSION['m_admin']['users']['Phone']."', '".$_SESSION['m_admin']['users']['Mail']."', '".$_SESSION['m_admin']['users']['Department']."', '".addslashes($_SESSION['m_admin']['users']['Fonction'])."','', '0000-00-00 00:00:00', '".$_SESSION['m_admin']['users']['Elu']."', 'Y', ".$_SESSION['m_admin']['users']['notification'].")"); require_once("class_usergroup_content.php"); $ugc=new usergroup_content(); $ugc->load_db(); if($_SESSION['history']['usersadd'] == "true") { require_once("class_history.php"); $users = new history(); $users->add($_SESSION['tablename']['users'], $_SESSION['m_admin']['users']['UserId'],"ADD",_USER_ADDED." : ".$_SESSION['m_admin']['users']['LastName']." ".$_SESSION['m_admin']['users']['FirstName']); } $this->clearuserinfos(); $_SESSION['error'] = _USER_ADDED; header("location: index.php?page=users"); exit; } elseif($mode == "up") { $this->query("update `".$_SESSION['tablename']['users']."` set `FIRSTNAME` = '".addslashes($_SESSION['m_admin']['users']['FirstName'])."', `LASTNAME` = '".addslashes($_SESSION['m_admin']['users']['LastName'])."', `PHONE` = '".$_SESSION['m_admin']['users']['Phone']."', `MAIL` = '".$_SESSION['m_admin']['users']['Mail']."' , `DEPARTMENT` = '".$_SESSION['m_admin']['users']['Department']."', `FONCTION` = '".addslashes($_SESSION['m_admin']['users']['Fonction'])."', `ELU` = '".$_SESSION['m_admin']['users']['Elu']."', `NOTIFICATION` = ".$_SESSION['m_admin']['users']['notification']." where USER_ID = '".$_SESSION['m_admin']['users']['UserId']."'"); //$this->show(); die; require_once("class_usergroup_content.php"); $ugc=new usergroup_content(); $ugc->load_db(); if($_SESSION['history']['usersup'] == "true") { require_once("class_history.php"); $users = new history(); $users->add($_SESSION['tablename']['users'], $_SESSION['m_admin']['users']['UserId'],"UP",_USER_UPDATE." : ".$_SESSION['m_admin']['users']['LastName']." ".$_SESSION['m_admin']['users']['FirstName']." (".$_SESSION['m_admin']['users']['UserId'].")"); } if( $_SESSION['m_admin']['users']['UserId'] == $_SESSION['user']['UserId'] ) { $_SESSION['user']['groups'] = array(); $_SESSION['user']['security'] = array(); $tmp = $this->load_groups($_SESSION['user']['UserId']); $_SESSION['user']['primarygroup']= $tmp[0]; $_SESSION['user']['groups'] = $tmp[1]; $_SESSION['user']['primarygroup_gdd']= $tmp[2]; $arr_sec = $this->load_security($_SESSION['user']['UserId']); $_SESSION['user']['tables'] = $arr_sec['tables']; $_SESSION['user']['security'] = $arr_sec['security']; $_SESSION['user']['can_index'] = $arr_sec['can_index']; $_SESSION['user']['can_postindex'] = $arr_sec['can_postindex']; } $this->clearuserinfos(); $_SESSION['error'] = _USER_UPDATED; header("location: index.php?page=users"); exit; } } } /** * Clear the users add or modification vars */ private function clearuserinfos() { // clear the users add or modification vars $_SESSION['m_admin']['users'] = array(); $_SESSION['m_admin']['users']['UserId'] = ""; $_SESSION['m_admin']['users']['pass'] = ""; $_SESSION['m_admin']['users']['FirstName'] = ""; $_SESSION['m_admin']['users']['LastName'] = ""; $_SESSION['m_admin']['users']['Phone'] = ""; $_SESSION['m_admin']['users']['Mail'] = ""; $_SESSION['m_admin']['users']['Department'] =""; $_SESSION['m_admin']['users']['Status'] = ""; $_SESSION['m_admin']['users']['Enabled'] = "Y"; $_SESSION['m_admin']['users']['Elu'] = ""; $_SESSION['m_admin']['users']['Fonction'] = ""; $_SESSION['m_admin']['users']['groups'] = array(); $_SESSION['m_admin']['users']['nbbelonginggroups'] = 0; $_SESSION['m_admin']['users']['notification'] = 0; } /****** EVOLUTION 2.7 *******/ /** * Get the notifications * * */ public function get_notification() { $xmlNotification = simplexml_load_file("$this->xml_config_path/notification.xml"); $tabNotif = array(); foreach($xmlNotification->NOTIFICATION as $notif) { $tabNotif[(int) $notif->ID]['label'] = (string) $notif->LABEL; } return $tabNotif; } } ?>