function getWritable($creator, $user)
{
global $auth;
// Always allowed to modify your own stuff
if (strcasecmp($creator, $user) == 0) {
return 1;
}
if (authGetUserLevel($user, $auth["admin"]) >= 2) {
return 1;
}
// Unathorised access
return 0;
}
* GRR is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with GRR; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
*/
include "include/admin.inc.php";
$grr_script_name = "admin_accueil.php";
$back = '';
if (isset($_SERVER['HTTP_REFERER'])) {
$back = htmlspecialchars($_SERVER['HTTP_REFERER']);
}
if (authGetUserLevel(getUserName(), -1, 'area') < 4 && authGetUserLevel(getUserName(), -1, 'user') != 1) {
showAccessDenied($back);
exit;
}
print_header("", "", "", $type = "with_session");
include "admin_col_gauche.php";
?>
<table>
<tr>
<td>
<img src="img_grr/totem_grr.png" alt="GRR !" class="image" />
</td>
<td align="center" >
<br /><br />
<p style="font-size:20pt">
<?php
default:
$type = 'string';
break;
}
$var = VAR_PREFIX . $field['name'];
${$var} = get_form_var($var, $type);
if ($type == 'int' && ${$var} === '') {
unset(${$var});
}
}
// Check the user is authorised for this page
checkAuthorised();
// Also need to know whether they have admin rights
$user = getUserName();
$required_level = isset($max_level) ? $max_level : 2;
$is_admin = authGetUserLevel($user) >= $required_level;
// Done changing area or room information?
if (isset($change_done)) {
if (!empty($room)) {
$area = mrbsGetRoomArea($room);
}
Header("Location: admin.php?day={$day}&month={$month}&year={$year}&area={$area}");
exit;
}
// Intialise the validation booleans
$valid_email = TRUE;
$valid_resolution = TRUE;
$enough_slots = TRUE;
$valid_area = TRUE;
$valid_room_name = TRUE;
// PHASE 2
// Tableau des ressources invisibles pour l'utilisateur
$sql = "SELECT distinct e.id, e.start_time, e.end_time, e.name, e.description, " . "e.type, e.beneficiaire, " . grr_sql_syntax_timestamp_to_unix("e.timestamp") . ", a.area_name, r.room_name, r.description, a.id, e.overload_desc" . " FROM " . TABLE_PREFIX . "_entry e, " . TABLE_PREFIX . "_area a, " . TABLE_PREFIX . "_room r, " . TABLE_PREFIX . "_type_area t";
// Si l'utilisateur n'est pas administrateur, seuls les domaines auxquels il a accès sont pris en compte
if (authGetUserLevel(getUserName(), -1) < 6) {
if ($test_grr_j_user_area != 0) {
$sql .= ", " . TABLE_PREFIX . "_j_user_area j ";
}
}
$sql .= " WHERE e.room_id = r.id AND r.area_id = a.id";
// on ne cherche pas parmi les ressources invisibles pour l'utilisateur
$tab_rooms_noaccess = verif_acces_ressource(getUserName(), 'all');
foreach ($tab_rooms_noaccess as $key) {
$sql .= " and r.id != {$key} ";
}
// Si l'utilisateur n'est pas administrateur, seuls les domaines auxquels il a accès sont pris en compte
if (authGetUserLevel(getUserName(), -1) < 6) {
if ($test_grr_j_user_area == 0) {
$sql .= " and a.access='a' ";
} else {
$sql .= " and ((j.login='******' and j.id_area=a.id and a.access='r') or (a.access='a')) ";
}
}
$sql .= " AND e.start_time < {$report_end} AND e.end_time > {$report_start}";
$k = 0;
if (isset($champ[0])) {
$sql .= " AND (";
while ($k < count($texte)) {
if ($champ[$k] == "area") {
$sql .= grr_sql_syntax_caseless_contains("a.area_name", $texte[$k], $type_recherche[$k]);
}
if ($champ[$k] == "room") {
$link_str = time_date_string($row['start_time']);
} else {
list(, $link_str) = period_date_string($row['start_time']);
}
echo "{$link_str}</a></td>";
// action buttons
echo "<td>\n";
display_buttons($row, FALSE);
echo "</td>\n";
echo "</tr>\n";
}
// Check the user is authorised for this page
checkAuthorised();
// Also need to know whether they have admin rights
$user = getUserName();
$is_admin = authGetUserLevel($user) >= 2;
print_header($day, $month, $year, $area, isset($room) ? $room : "");
echo "<h1>" . get_vocab("pending") . "</h1>\n";
// Get a list of all bookings awaiting approval
// We are only interested in areas where approval is required
$sql_approval_enabled = some_area_predicate('approval_enabled');
$sql = "SELECT E.id, E.name, E.room_id, E.start_time, E.create_by, " . sql_syntax_timestamp_to_unix("E.timestamp") . " AS last_updated,\n E.reminded, E.repeat_id,\n M.room_name, M.area_id, A.area_name, A.enable_periods,\n E.info_time AS entry_info_time, E.info_user AS entry_info_user,\n T.info_time AS repeat_info_time, T.info_user AS repeat_info_user\n FROM {$tbl_room} AS M, {$tbl_area} AS A, {$tbl_entry} AS E\n LEFT JOIN {$tbl_repeat} AS T ON E.repeat_id=T.id\n WHERE E.room_id = M.id\n AND M.area_id = A.id\n AND M.disabled = 0\n AND A.disabled = 0\n AND {$sql_approval_enabled}\n AND (E.status&" . STATUS_AWAITING_APPROVAL . " != 0)";
// Ordinary users can only see their own bookings
if (!$is_admin) {
$sql .= " AND E.create_by='" . sql_escape($user) . "'";
}
// We want entries for a series to appear together so that we can display
// them as a separate table below the main entry for the series.
$sql .= " ORDER BY repeat_id, start_time";
$res = sql_query($sql);
if (!$res) {
<?php
// $Id$
require "../defaultincludes.inc";
header("Content-type: application/x-javascript");
expires_header(60 * 30);
// 30 minute expiry
if ($use_strict) {
echo "'use strict';\n";
}
$user = getUserName();
$is_admin = authGetUserLevel($user) >= $max_level;
// function to reverse a collection of jQuery objects
?>
$.fn.reverse = [].reverse;
<?php
// Get the sides of the rectangle represented by the jQuery object jqObject
// We round down the size of the rectangle to avoid any spurious overlaps
// caused by rounding errors
?>
function getSides(jqObject)
{
var sides = {};
sides.n = Math.ceil(jqObject.offset().top);
sides.w = Math.ceil(jqObject.offset().left);
sides.s = Math.floor(sides.n + jqObject.outerHeight());
sides.e = Math.floor(sides.w + jqObject.outerWidth());
return sides;
}
// Ordre d'affichage du domaine
echo "<td>" . get_vocab("order_display") . get_vocab("deux_points") . "</td>\n";
echo "<td><input type=\"text\" name=\"area_order\" size=\"1\" value=\"" . htmlspecialchars($row["order_display"]) . "\" /></td>\n";
echo "</tr><tr>\n";
// Acces restreint ou non ?
echo "<td>" . get_vocab("access") . get_vocab("deux_points") . "</td>\n";
echo "<td><input type=\"checkbox\" name=\"access\"";
if ($row["access"] == 'r') {
echo "checked=\"checked\"";
}
echo " /></td>\n";
echo "</tr>";
// Site
if (Settings::get("module_multisite") == "Oui") {
// Affiche une liste deroulante des sites;
if (authGetUserLevel(getUserName(), -1, 'area') >= 6) {
$sql = "SELECT id,sitecode,sitename\n\t\t\tFROM " . TABLE_PREFIX . "_site\n\t\t\tORDER BY sitename ASC";
} else {
$sql = "SELECT id,sitecode,sitename\n\t\t\tFROM " . TABLE_PREFIX . "_site s, " . TABLE_PREFIX . "_j_useradmin_site u\n\t\t\tWHERE s.id=u.id_site and u.login='******'\n\t\t\tORDER BY s.sitename ASC";
}
$res = grr_sql_query($sql);
$nb_site = grr_sql_count($res);
echo "<tr><td>" . get_vocab('site') . get_vocab('deux_points') . "</td>\n";
if ($nb_site > 1) {
echo "<td><select class=\"form-control\" name=\"id_site\" >\n\n\t\t\t\t<option value=\"-1\">" . get_vocab('choose_a_site') . "</option>\n";
for ($enr = 0; $row1 = grr_sql_row($res, $enr); $enr++) {
echo "<option value=\"" . $row1[0] . "\"";
if ($id_site == $row1[0]) {
echo ' selected="selected"';
}
echo '>' . htmlspecialchars($row1[2]);
$to_year = date('Y', $date_);
}
if (Settings::get("authentification_obli") == 0 && getUserName() == '') {
$type_session = "no_session";
} else {
$type_session = "with_session";
}
$back = '';
if (isset($_SERVER['HTTP_REFERER'])) {
$back = htmlspecialchars($_SERVER['HTTP_REFERER']);
}
if (check_begin_end_bookings($day, $from_month, $from_year)) {
showNoBookings($day, $from_month, $from_year, $back);
exit;
}
if (authGetUserLevel(getUserName(), -1) < 1 && Settings::get("authentification_obli") == 1 || authUserAccesArea(getUserName(), $area) == 0) {
showAccessDenied($back);
exit;
}
// On vérifie une fois par jour si le délai de confirmation des réservations est dépassé
// Si oui, les réservations concernées sont supprimées et un mail automatique est envoyé.
// On vérifie une fois par jour que les ressources ont été rendue en fin de réservation
// Si non, une notification email est envoyée
if (Settings::get("verif_reservation_auto") == 0) {
verify_confirm_reservation();
verify_retard_reservation();
}
//print the page header
print_header($day, $from_month, $from_year, $type_session);
//Month view start time. This ignores morningstarts/eveningends because it
//doesn't make sense to not show all entries for the day, and it messes
} else {
echo 'Error occured while performing query on database:<br>' . chr(10), exit;
}
}
}
include "include/admin_middel.php";
$editor->printEditor();
//echo '* = '._('Password won\'t be changed unless you type in a new one.');
echo '* = Passordet blir bare endret hvis det blir skrevet inn ett nytt ett';
} else {
include "include/admin_middel.php";
echo '<script src="js/jquery-1.3.2.min.js" type="text/javascript"></script>' . chr(10);
echo '<script src="js/hide_unhide.js" type="text/javascript"></script>' . chr(10);
echo '<h1>' . _('Users') . '</h1>';
// Add
if (authGetUserLevel(getUserID()) >= $user_level) {
echo iconHTML('user_add') . ' <a href="' . $_SERVER['PHP_SELF'] . '?editor=1">' . _('New user') . '</a><br>' . chr(10);
}
echo iconHTML('phone') . ' <a href="telefonliste.php">Telefonliste</a><br><br>' . chr(10);
// List of users
echo '<h2>' . _('List of users') . '</h2>' . chr(10);
$Q_users = mysql_query("select user_id from `users` order by `user_name`");
if (!mysql_num_rows($Q_users)) {
echo _('No users found.');
} else {
echo '<a href="javascript:void();" class="showAll">Vis info på alle / Ikke vis info på alle</a>';
echo '<table class="prettytable">' . chr(10);
echo ' <tr>' . chr(10);
echo ' <th>ID</th>' . chr(10);
echo ' <th>Bruker</th>' . chr(10);
echo ' <th>Login</th>' . chr(10);
/* Arguments passés par la méthode GET :
$use_site : 'y' (fonctionnalité multisite activée) ou 'n' (fonctionnalité multisite désactivée)
$id_site : l'identifiant du site
$default_area : domaine par défaut
$default_room : ressource par défaut
$session_login : identifiant
$type : 'ressource'-> on actualise la liste des ressources
'domaine'-> on actualise la liste des domaines
$action : 1-> on actualise la liste des ressources
2-> on vide la liste des ressouces
*/
include "include/admin.inc.php";
if ((authGetUserLevel(getUserName(),-1) < 1))
{
showAccessDenied("","","","","");
exit();
}
/*
* Actualiser la liste des domaines
*/
if ($_GET['type']=="domaine") {
// Initialisation
if (isset($_GET["id_site"])) {
$id_site = $_GET["id_site"];
settype($id_site,"integer");
} else die();
if (isset($_GET["default_area"])) {
if ($area_access == 'r') {
echo " - " . get_vocab("access");
}
echo ")";
echo "</h3>";
if ($row['statut_room'] == "0") {
//
echo "<h2 style=\"text-align:center;\"><span class=\"avertissement\">" . get_vocab("ressource_temporairement_indisponible") . "</span></h2>";
}
// Description
if (authGetUserLevel($getUserName(), -1) >= Settings::get("visu_fiche_description")) {
echo "<h3>" . get_vocab("description") . "</h3>\n";
echo "<div>" . htmlspecialchars($row["description"]) . " </div>\n";
}
// Description complète
if (authGetUserLevel($getUserName(), -1) >= Settings::get("acces_fiche_reservation") && $row["comment_room"] != '') {
echo "<h3>" . get_vocab("match_descr") . "</h3>\n";
echo "<div>" . $row["comment_room"] . "</div>\n";
}
// Afficher capacité
if ($row["capacity"] != '0') {
echo "<h3>" . get_vocab("capacity_2") . "</h3>\n";
echo "<p>" . $row["capacity"] . "</p>\n";
}
if ($row["max_booking"] != "-1") {
echo "<p>" . get_vocab("msg_max_booking") . get_vocab("deux_points") . $row["max_booking"] . "</p>";
}
// Limitation par domaine
$max_booking_per_area = grr_sql_query1("SELECT max_booking FROM " . TABLE_PREFIX . "_area WHERE id = '" . protect_data_sql($id_area) . "'");
if ($max_booking_per_area >= 0) {
echo "<p>" . get_vocab("msg_max_booking_area") . get_vocab("deux_points") . $max_booking_per_area . "</p>";
$col[$i][5] = "Ext.";
}
echo "\n<tr><td class=\"" . $fond . "\">{$col[$i][1]}</td>\n";
// un gestionnaire d'utilisateurs ne peut pas modifier un administrateur général ou un gestionnaire d'utilisateurs
if (authGetUserLevel(getUserName(), -1, 'user') == 1 && ($user_statut == "gestionnaire_utilisateur" || $user_statut == "administrateur")) {
echo "<td class=\"" . $fond . "\">{$col[$i][2]}</td>\n";
} else {
echo "<td class=\"" . $fond . "\"><a href=\"admin_user_modify.php?user_login="******"&display={$display}\">{$col[$i][2]}</a></td>\n";
}
echo "<td class=\"" . $fond . "\">{$col[$i][3]}</td>\n";
echo "<td class=\"" . $fond . "\"><span class=\"" . $color[$i] . "\">{$col[$i][4]}</span></td>\n";
echo "<td class=\"" . $fond . "\">{$col[$i][5]}</td>\n";
// Affichage du lien 'supprimer'
// un gestionnaire d'utilisateurs ne peut pas supprimer un administrateur général ou un gestionnaire d'utilisateurs
// Un administrateur ne peut pas se supprimer lui-même
if (authGetUserLevel(getUserName(), -1, 'user') == 1 && ($user_statut == "gestionnaire_utilisateur" || $user_statut == "administrateur") || strtolower(getUserName()) == strtolower($user_login)) {
echo "<td class=\"" . $fond . "\"> </td>";
} else {
$themessage = get_vocab("confirm_del");
echo "<td class=\"" . $fond . "\"><a href='admin_user.php?user_del=" . urlencode($col[$i][1]) . "&action_del=yes&display={$display}' onclick='return confirmlink(this, \"{$user_login}\", \"{$themessage}\")'>" . get_vocab("delete") . "</a></td>";
}
// Fin de la ligne courante
echo "</tr>";
}
}
}
echo "</table>";
// fin de l'affichage de la colonne de droite
echo "</td></tr></table>";
// Affichage d'un pop-up
affiche_pop_up($msg, "admin");
// Session related functions
require_once "./include/session.inc.php";
// Resume session
include "include/resume_session.php";
// Paramètres langage
include "include/language.inc.php";
if (Settings::get("authentification_obli") == 0 && getUserName() == '') {
$type_session = "no_session";
} else {
$type_session = "with_session";
}
$area_id = isset($_GET["area_id"]) ? $_GET["area_id"] : NULL;
if (isset($area_id)) {
settype($area_id, "integer");
}
if (authGetUserLevel(getUserName(), $area_id, "area") < 4) {
showAccessDenied($back);
exit;
}
echo begin_page(Settings::get("company") . get_vocab("deux_points") . get_vocab("mrbs"));
$res = grr_sql_query("SELECT * FROM " . TABLE_PREFIX . "_area WHERE id='" . $area_id . "'");
if (!$res) {
fatal_error(0, get_vocab('error_room') . $id_room . get_vocab('not_found'));
}
$row = grr_sql_row_keyed($res, 0);
grr_sql_free($res);
echo '<h3 style="text-align:center;">';
echo get_vocab("match_area") . get_vocab("deux_points") . " " . htmlspecialchars($row["area_name"]);
$area_access = $row["access"];
if ($area_access == 'r') {
echo " (<span class=\"avertissement\">" . get_vocab("access") . "</span>)";
echo "<p>";
echo "<input type=\"radio\" name=\"moderate\" value=\"1\" checked=\"checked\" />" . get_vocab("accepter_resa");
echo "<br /><input type=\"radio\" name=\"moderate\" value=\"0\" />" . get_vocab("refuser_resa");
if ($repeat_id) {
echo "<br /><input type=\"radio\" name=\"moderate\" value=\"S1\" />" . get_vocab("accepter_resa_serie");
echo "<br /><input type=\"radio\" name=\"moderate\" value=\"S0\" />" . get_vocab("refuser_resa_serie");
}
echo "</p><p>";
echo "<label for=\"description\">" . get_vocab("justifier_decision_moderation") . get_vocab("deux_points") . "</label>\n";
echo "<textarea class=\"form-control\" name=\"description\" id=\"description\" cols=\"40\" rows=\"3\"></textarea>";
echo "</p>";
echo "<br /><div style=\"text-align:center;\"><input class=\"btn btn-primary\" type=\"submit\" name=\"commit\" value=\"" . get_vocab("save") . "\" /></div>\n";
echo "</fieldset></form>\n";
}
if ($active_ressource_empruntee == 'y') {
if (!$was_del && $moderate != 1 && getUserName() != '' && authGetUserLevel(getUserName(), $room_id) >= 3) {
echo "<form action=\"view_entry.php\" method=\"get\">";
echo "<fieldset><legend style=\"font-weight:bold\">" . get_vocab("reservation_en_cours") . "</legend>\n";
echo "<span class=\"larger\">" . get_vocab("signaler_reservation_en_cours") . "</span>" . get_vocab("deux_points");
echo "<br />" . get_vocab("explications_signaler_reservation_en_cours");
affiche_ressource_empruntee($room_id, "texte");
echo "<br /><input type=\"radio\" name=\"statut_id\" value=\"-\" ";
if ($statut_id == '-') {
if (!affiche_ressource_empruntee($room_id, "autre") == 'yes') {
echo " checked=\"checked\" ";
}
}
echo " />" . get_vocab("signaler_reservation_en_cours_option_0");
echo "<br /><br /><input type=\"radio\" name=\"statut_id\" value=\"y\" ";
if ($statut_id == 'y') {
echo " checked=\"checked\" ";
} else {
$type_session = "with_session";
}
$back = "";
if (isset($_SERVER['HTTP_REFERER'])) $back = grr_htmlSpecialChars($_SERVER['HTTP_REFERER']);
if ($type_session == "with_session") $_SESSION['type_month_all'] = "month_all";
$type_month_all='month_all';
if (check_begin_end_bookings($day, $month, $year))
{
showNoBookings($day, $month, $year, $area,$back,$type_session);
exit();
}
if((authGetUserLevel(getUserName(),-1) < 1) and (getSettingValue("authentification_obli")==1))
{
showAccessDenied($day, $month, $year, $area,$back);
exit();
}
if(authUserAccesArea(getUserName(), $area)==0)
{
showAccessDenied($day, $month, $year, $area,$back);
exit();
}
# 3-value compare: Returns result of compare as "< " "= " or "> ".
function cmp3($a, $b)
{
if ($a < $b) return "< ";
if ($a == $b) return "= ";
function verif_qui_peut_reserver_pour($_room_id, $user, $_beneficiaire)
{
if ($_beneficiaire == "") {
return true;
}
if (strtolower($user) == strtolower($_beneficiaire)) {
return true;
}
$qui_peut_reserver_pour = grr_sql_query1("SELECT qui_peut_reserver_pour FROM " . TABLE_PREFIX . "_room WHERE id='" . $_room_id . "'");
if (authGetUserLevel($user, $_room_id) >= $qui_peut_reserver_pour) {
return true;
}
return false;
}
<td style="text-align: center; width: 60%;"><input type="password" id="password" name="password" size="16" /></td>
</tr>
</table>
<input type="submit" name="submit" value="<?php echo get_vocab("submit"); ?>" style="font-variant: small-caps;" />
</fieldset>
</div>
</form>
</body>
</html>
<?php
die();
};
$back = '';
if (isset($_SERVER['HTTP_REFERER'])) $back = grr_htmlSpecialChars($_SERVER['HTTP_REFERER']);
if ((authGetUserLevel(getUserName(),-1) < 6) and ($valid != 'yes'))
{
$day = date("d");
$month = date("m");
$year = date("Y");
showAccessDenied($day, $month, $year, $area,$back);
exit();
}
if ($valid == 'no') {
# print the page header
print_header("","","","",$type="with_session", $page="admin");
// Affichage de la colonne de gauche
include "admin_col_gauche.php";
} else {
?>
echo tdcell($empty_color)."<img src=\"img_grr/stop.png\" alt=\"".get_vocab("reservation_impossible")."\" title=\"".get_vocab("reservation_impossible")."\" width=\"16\" height=\"16\" class=\"".$class_image."\" />";
else {
tdcell($d[$weekday][$slot-$decale_slot*$nb_case]["color"]);
// si la ressource est "occupée, on l'affiche
if ((isset($d[$weekday][$slot-$decale_slot*$nb_case]["statut"])) and ($d[$weekday][$slot-$decale_slot*$nb_case]["statut"]!='-')) echo " <img src=\"img_grr/buzy.png\" alt=\"".get_vocab("ressource actuellement empruntee")."\" title=\"".get_vocab("ressource actuellement empruntee")."\" width=\"20\" height=\"20\" class=\"image\" /> \n";
// si la réservation est à confirmer, on le signale
if (($this_delais_option_reservation > 0) and (isset($d[$weekday][$slot-$decale_slot*$nb_case]["option_reser"])) and ($d[$weekday][$slot-$decale_slot*$nb_case]["option_reser"]!=-1)) echo " <img src=\"img_grr/small_flag.png\" alt=\"".get_vocab("reservation_a_confirmer_au_plus_tard_le")."\" title=\"".get_vocab("reservation_a_confirmer_au_plus_tard_le")." ".time_date_string_jma($d[$weekday][$slot-$decale_slot*$nb_case]["option_reser"],$dformat)."\" width=\"20\" height=\"20\" class=\"image\" /> \n";
// si la réservation est à modérer, on le signale
if ((isset($d[$weekday][$slot-$decale_slot*$nb_case]["moderation"])) and ($d[$weekday][$slot-$decale_slot*$nb_case]["moderation"]=='1'))
echo " <img src=\"img_grr/flag_moderation.png\" alt=\"".get_vocab("en_attente_moderation")."\" title=\"".get_vocab("en_attente_moderation")."\" class=\"image\" /> \n";
if (!isset($d[$weekday][$slot-$decale_slot*$nb_case]["id"])) {
echo " \" ";
} else {
if (($this_statut_room == "1") or
(($this_statut_room == "0") and (authGetUserLevel(getUserName(),$room) > 2) ))
{
if ($acces_fiche_reservation)
echo " <a title=\"".grr_htmlSpecialChars($d[$weekday][$slot-$decale_slot*$nb_case]["who"])."\" href=\"view_entry.php?id=" . $d[$weekday][$slot-$decale_slot*$nb_case]["id"]
. "&day=$wday&month=$wmonth&year=$wyear&page=week\">"
. $d[$weekday][$slot-$decale_slot*$nb_case]["data"] . "</a>";
else
echo " ".$d[$weekday][$slot-$decale_slot*$nb_case]["data"];
} else {
echo $d[$weekday][$slot-$decale_slot*$nb_case]["data"];
}
if ($d[$weekday][$slot-$decale_slot*$nb_case]["description"]!= "")
echo "<br /><i>".$d[$weekday][$slot-$decale_slot*$nb_case]["description"]."</i>";
if ($row['4'] == 1) {
echo '<td class="empty_cell">'.PHP_EOL;
} else {
echo '<td class="avertissement">'.PHP_EOL;
}
} else {
echo '<div class="empty_cell">'.PHP_EOL;
}*/
$hour = date('H', $date_now);
$date_booking = mktime(24, 0, 0, $cmonth, $cday, $cyear);
if (est_hors_reservation(mktime(0, 0, 0, $cmonth, $cday, $cyear), $area)) {
$tplArray['rooms'][$incrementRoomAccessible]['jours'][$k]['horsReservation'] = true;
//echo '<img src="img_grr/stop.png" alt="',get_vocab('reservation_impossible'),'" title="',get_vocab('reservation_impossible'),'" width="16" height="16" class\"',$class_image,'" />',PHP_EOL;
} else {
$tplArray['rooms'][$incrementRoomAccessible]['jours'][$k]['horsReservation'] = false;
if (($authGetUserLevel > 1 || $auth_visiteur == 1) && $UserRoomMaxBooking != 0 && verif_booking_date(getUserName(), -1, $row['2'], $date_booking, $date_now, $enable_periods) && verif_delais_max_resa_room(getUserName(), $row['2'], $date_booking) && verif_delais_min_resa_room(getUserName(), $row['2'], $date_booking) && plages_libre_semaine_ressource($row['2'], $cmonth, $cday, $cyear) && ($row['4'] == '1' || $row['4'] == '0' && authGetUserLevel(getUserName(), $row['2']) > 2) && $_GET['pview'] != 1) {
if ($enable_periods == 'y') {
//echo '<a href="edit_entry.php?room=',$row['2'],'&period=&year=',$cyear,'&month=',$cmonth,'&day=',$cday,'&page=week_all" title="',get_vocab('cliquez_pour_effectuer_une_reservation'),'"><span class="glyphicon glyphicon-plus"></span></a>',PHP_EOL;
$tplArray['rooms'][$incrementRoomAccessible]['jours'][$k]['editEntryLink'] = 'edit_entry.php?room=' . $row['2'] . '&period=&year=' . $cyear . '&month=' . $cmonth . '&day=' . $cday . '&page=week_all';
} else {
//echo '<a href="edit_entry.php?room=',$row['2'],'&hour=',$hour,'&minute=0&year=',$cyear,'&month=',$cmonth,'&day=',$cday,'&page=week_all" title="',get_vocab('cliquez_pour_effectuer_une_reservation'),'"><span class="glyphicon glyphicon-plus"></span></a>',PHP_EOL;
$tplArray['rooms'][$incrementRoomAccessible]['jours'][$k]['editEntryLink'] = 'edit_entry.php?room=' . $row['2'] . '&hour=' . $hour . '&minute=0&year=' . $cyear . '&month=' . $cmonth . '&day=' . $cday . '&page=week_all';
}
} else {
$tplArray['rooms'][$incrementRoomAccessible]['jours'][$k]['editEntryLink'] = false;
//echo ' '.PHP_EOL;
}
}
/*if (!$no_td) {
echo '</div>'.PHP_EOL;
}
/*print 'roomsObj.size='.min($longueur_liste_ressources_max, $len).";\n";*/
for ($j = 0; $row2 = grr_sql_row($res2, $j); $j++) {
$tplArrayEditEntry['areasIds'][$i]['roomsObjOption'][$j] = $row2;
//print "roomsObj.options[$j] = new Option(\"".str_replace('"', '\\"', $row2[1]).'",'.$row2[0].")\n";
}
//print "roomsObj.options[0].selected = true\n";
}
//print "break\n";
}
}
}
/*echo '<div id="error"></div>';
echo '<table class="table-bordered EditEntryTable"><tr>'.PHP_EOL;
echo '<td style="width:50%; vertical-align:top; padding-left:15px; padding-top:5px; padding-bottom:5px;">'.PHP_EOL;
echo '<table class="table-header">'.PHP_EOL;*/
if ((authGetUserLevel(getUserName(), -1, 'room') >= $qui_peut_reserver_pour || authGetUserLevel(getUserName(), $area, 'area') >= $qui_peut_reserver_pour) && ($id == 0 || $id != 0 && authGetUserLevel(getUserName(), $room) > 2)) {
$flag_qui_peut_reserver_pour = 'yes';
$tplArrayEditEntry['flagQuiPeutReserverPour'] = 'yes';
$tplArrayEditEntry['vocab']['reservation_au_nom_de'] = get_vocab('reservation au nom de');
$tplArrayEditEntry['vocab']['personne_exterieure'] = get_vocab('personne exterieure');
/* echo '<tr>'.PHP_EOL;
echo '<td class="E">'.PHP_EOL;
echo '<b>'.ucfirst(trim(get_vocab('reservation au nom de'))).get_vocab('deux_points').'</b>'.PHP_EOL;
echo '</td>'.PHP_EOL;
echo '</tr>'.PHP_EOL;
echo '<tr>'.PHP_EOL;
echo '<td class="CL">'.PHP_EOL;
echo '<div class="col-xs-6">'.PHP_EOL;
echo '<select size="1" class="form-control" name="beneficiaire" id="beneficiaire" onchange="setdefault(\'beneficiaire_default\',\'\');check_4();insertProfilBeneficiaire();">'.PHP_EOL;
echo '<option value="" >'.get_vocab('personne exterieure').'</option>'.PHP_EOL;*/
$sql = 'SELECT DISTINCT login, nom, prenom, tel FROM ' . TABLE_PREFIX . "_utilisateurs WHERE (etat!='inactif' and statut!='visiteur' ) OR (login='******') ORDER BY nom, prenom";
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with GRR; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
*/
include "include/admin.inc.php";
$grr_script_name = "admin_user.php";
$back = '';
if (isset($_SERVER['HTTP_REFERER'])) {
$back = htmlspecialchars($_SERVER['HTTP_REFERER']);
}
$display = isset($_GET["display"]) ? $_GET["display"] : NULL;
$order_by = isset($_GET["order_by"]) ? $_GET["order_by"] : NULL;
$msg = '';
if (Settings::get("ldap_statut") == "" && Settings::get("sso_statut") == "" && Settings::get("imap_statut") == "" || authGetUserLevel(getUserName(), -1) < 6 && authGetUserLevel(getUserName(), -1, 'user') != 1) {
showAccessDenied($back);
exit;
}
print_header("", "", "", $type = "with_session");
// Affichage de la colonne de gauche
include "admin_col_gauche.php";
$themessage = str_replace("'", "\\'", get_vocab("admin_purge_accounts_confirm"));
$themessage2 = str_replace("'", "\\'", get_vocab("admin_purge_accounts_confirm2"));
$themessage3 = str_replace("'", "\\'", get_vocab("admin_purge_tables_confirm"));
$themessage4 = str_replace("'", "\\'", get_vocab("admin_purge_accounts_confirm4"));
echo "<h2>" . get_vocab('admin_purge_accounts.php') . "</h2>";
echo get_vocab('admin_clean_accounts_desc');
echo "<div style=\"text-align:center;\">\n\n<form id=\"purge_liaison\" action=\"admin_purge_accounts.php\" method=\"post\">\n\n\t<div>\n\t\t<input type=\"hidden\" name=\"do_purge_table_liaison\" value=\"1\" />\n\n\t\t<input\n\t\ttype=\"button\"\n\t\tvalue=\"" . get_vocab('admin_purge_tables_liaison') . "\"\n\t\tonclick=\"return confirmButton('purge_liaison', '{$themessage3}')\" />\n\n\t</div></form></div>";
echo "<hr />";
echo get_vocab('admin_purge_accounts_desc');
// on affiche que les domaines que l'utilisateur connect?a le droit d'administrer
if (authGetUserLevel(getUserName(), $row[0], 'area') >= 4) {
echo "<tr>";
if ($row[2] == 'r') {
echo "<td><a href='admin_access_area.php?id_area={$row['0']}' title='" . get_vocab('admin_access_area.php') . "'><img src=\"img_grr/restricted_s.png\" alt=\"" . get_vocab('admin_access_area.php') . "\" title=\"" . get_vocab('admin_access_area.php') . "\" class=\"image\" /></a></td>\n";
} else {
echo "<td> </td>\n";
}
if (isset($id_area) && $id_area == $row[0]) {
echo "<td><span class=\"bground\"><b>>>> " . htmlspecialchars($row[1]) . " <<< </b></span>";
} else {
echo "<td><a href=\"admin_room.php?id_site=" . $id_site . "&id_area={$row['0']}\">" . htmlspecialchars($row[1]) . "</a> ";
}
echo "</td>\n";
echo "<td><a href=\"admin_edit_room.php?id_area={$row['0']}\"><img src=\"img_grr/edit_s.png\" alt=\"" . get_vocab("edit") . "\" title=\"" . get_vocab("edit") . "\" class=\"image\" /></a></td>\n";
if (authGetUserLevel(getUserName(), $row[0], 'area') >= 5) {
echo "<td><a href=\"admin_edit_room.php?id_area={$row['0']}&action=duplique_area\"><img src=\"img_grr/duplique.png\" alt=\"" . get_vocab('duplique_domaine') . "\" title=\"" . get_vocab('duplique_domaine') . "\" class=\"image\" /></a></td>\n";
echo "<td><a href=\"admin_room_del.php?id_site=" . $id_site . "&type=area&id_area={$row['0']}\"><img src=\"img_grr/delete_s.png\" alt=\"" . get_vocab('delete') . "\" title=\"" . get_vocab('delete') . "\" class=\"image\" /></a></td>\n";
}
echo "<td><a href=\"admin_type_area.php?id_area={$row['0']}\"><img src=\"img_grr/type.png\" alt=\"" . get_vocab('edittype') . "\" title=\"" . get_vocab('edittype') . "\" class=\"image\" /></a></td>\n";
echo "<td><a href='javascript:centrerpopup(\"view_rights_area.php?area_id={$row['0']}\",600,480,\"scrollbars=yes,statusbar=no,resizable=yes\")' title=\"" . get_vocab("privileges") . "\">\n\t\t\t\t\t<img src=\"img_grr/rights.png\" alt=\"" . get_vocab("privileges") . "\" class=\"image\" /></a></td>";
echo "</tr>\n";
}
}
echo "</table>\n";
echo "</td><td>\n";
//This one has the rooms
if (isset($id_area)) {
$sql = "SELECT id, room_name, description, capacity, max_booking, statut_room from " . TABLE_PREFIX . "_room where area_id={$id_area} ";
// on ne cherche pas parmi les ressources invisibles pour l'utilisateur
$tab_rooms_noaccess = verif_acces_ressource(getUserName(), 'all');
echo ' ';
}
}
echo '</td>' . PHP_EOL;
} else {
if ($descr != "") {
if (isset($today[$room][$t]["statut"]) && $today[$room][$t]["statut"] != '-') {
echo '<img src="img_grr/buzy.png" alt="' . get_vocab("ressource actuellement empruntee") . '" title="' . get_vocab("ressource actuellement empruntee") . '" width="20" height="20" class="image" />' . PHP_EOL;
}
if ($delais_option_reservation[$room] > 0 && isset($today[$room][$t]["option_reser"]) && $today[$room][$t]["option_reser"] != -1) {
echo '<img src="img_grr/small_flag.png" alt="' . get_vocab("reservation_a_confirmer_au_plus_tard_le") . '" title="' . get_vocab("reservation_a_confirmer_au_plus_tard_le") . ' ' . time_date_string_jma($today[$room][$t]["option_reser"], $dformat) . '" width="20" height="20" class="image" />' . PHP_EOL;
}
if (isset($today[$room][$t]["moderation"]) && $today[$room][$t]["moderation"] == '1') {
echo '<img src="img_grr/flag_moderation.png" alt="' . get_vocab("en_attente_moderation") . '" title="' . get_vocab("en_attente_moderation") . '" class="image" />' . PHP_EOL;
}
if ($statut_room[$room] == "1" || $statut_room[$room] == "0" && authGetUserLevel(getUserName(), $room) > 2) {
if ($acces_fiche_reservation) {
if ($settings->get("display_level_view_entry") == 0) {
$currentPage = 'day';
echo '<a title="' . htmlspecialchars($today[$room][$t]["who"]) . '" data-width="675" onclick="request(' . $id . ',' . $day . ',' . $month . ',' . $year . ',\'' . $currentPage . '\',readData);" data-rel="popup_name" class="poplight">' . $descr . PHP_EOL;
} else {
echo '<a class="lienCellule" title="', htmlspecialchars($today[$room][$t]["who"]), '" href="view_entry.php?id=', $id, '&day=', $day, '&month=', $month, '&year=', $year, '&page=day\\>', $descr;
}
} else {
echo ' ' . $descr;
}
$sql = "SELECT type_name,start_time,end_time,clef,courrier FROM " . TABLE_PREFIX . "_type_area ," . TABLE_PREFIX . "_entry WHERE " . TABLE_PREFIX . "_entry.id= " . $today[$room][$t]["id"] . " AND " . TABLE_PREFIX . "_entry.type= " . TABLE_PREFIX . "_type_area.type_letter";
$res = grr_sql_query($sql);
for ($i = 0; $row = grr_sql_row($res, $i); $i++) {
$type_name = $row['0'];
$start_time = $row['1'];
print_header();
echo '<h2>' . get_vocab('error_qui_peut_reserver_pour') . '</h2>';
echo '<a href="' . $back . '&Err=yes">' . get_vocab('returnprev') . '</a>';
include 'include/trailer.inc.php';
die;
}
if ($error_heure_debut_fin == 'yes') {
print_header();
echo '<h2>' . get_vocab('error_heure_debut_fin') . '</h2>';
echo $day;
echo '<a href="' . $back . '&Err=yes">' . get_vocab('returnprev') . '</a>';
include 'include/trailer.inc.php';
die;
}
if (strlen($err)) {
print_header();
echo '<h2>' . get_vocab('sched_conflict') . '</h2>';
if (!isset($hide_title)) {
echo get_vocab('conflict');
echo '<UL>';
}
echo $err;
if (!isset($hide_title)) {
echo '</UL>';
}
if (authGetUserLevel(getUserName(), $area, 'area') >= 4) {
echo "<center><table border=\"1\" cellpadding=\"10\" cellspacing=\"1\"><tr><td class='avertissement'><h3><a href='" . traite_grr_url('', 'y') . 'edit_entry_handler.php?' . $_SERVER['QUERY_STRING'] . "&del_entry_in_conflict=yes'>" . get_vocab('del_entry_in_conflict') . '</a></h4></td></tr></table></center><br />';
}
}
echo '<a href="' . $back . '&Err=yes">' . get_vocab('returnprev') . '</a><p>';
include 'include/trailer.inc.php';
$descrmatch = get_form_var('descrmatch', 'string');
$summarize = get_form_var('summarize', 'int');
$typematch = get_form_var('typematch', 'array');
$sortby = get_form_var('sortby', 'string');
$display = get_form_var('display', 'string');
$sumby = get_form_var('sumby', 'string');
# Require authenticated user if private bookings are required
if ($private_override == "private") {
if (!getAuthorised(1)) {
showAccessDenied($day, $month, $year, $area, "");
exit;
}
}
# Need to know user name and if they are an admin
$user = getUserName();
$is_admin = isset($user) && authGetUserLevel($user) >= 2;
//If we dont know the right date then make it up
if (!isset($day) or !isset($month) or !isset($year)) {
$day = date("d");
$month = date("m");
$year = date("Y");
}
if (empty($area)) {
$area = get_default_area();
}
// print the page header
print_header($day, $month, $year, $area, isset($room) ? $room : "");
if (isset($areamatch)) {
// Resubmit - reapply parameters as defaults.
// Make sure these are not escape-quoted:
// Make default values when the form is reused.
echo $d[$cday]["who1"][$i], '<br/>';
$Son_GenreRepeat = grr_sql_query1("SELECT type_name FROM " . TABLE_PREFIX . "_type_area ," . TABLE_PREFIX . "_entry WHERE " . TABLE_PREFIX . "_entry.id= " . $d[$cday]["id"][$i] . " AND " . TABLE_PREFIX . "_entry.type= " . TABLE_PREFIX . "_type_area.type_letter");
echo $Son_GenreRepeat, '<br/>';
if ($d[$cday]["description"][$i] != "") {
echo '<br /><i>(', $d[$cday]["description"][$i], ')</i>';
}
if ($acces_fiche_reservation) {
echo '</a>', PHP_EOL;
}
echo '</span>', PHP_EOL, '</td>', PHP_EOL, '</tr>', PHP_EOL, '</table>', PHP_EOL;
}
}
$date_now = time();
$hour = date("H", $date_now);
$date_booking = mktime(24, 0, 0, $month, $cday, $year);
if (($authGetUserLevel > 1 || $auth_visiteur == 1) && $UserRoomMaxBooking != 0 && verif_booking_date(getUserName(), -1, $room, $date_booking, $date_now, $enable_periods) && verif_delais_max_resa_room(getUserName(), $room, $date_booking) && verif_delais_min_resa_room(getUserName(), $room, $date_booking) && plages_libre_semaine_ressource($room, $month, $cday, $year) && ($this_statut_room == "1" || $this_statut_room == "0" && authGetUserLevel(getUserName(), $room) > 2) && $_GET['pview'] != 1) {
echo '<div class="empty_cell">', PHP_EOL;
if ($enable_periods == 'y') {
echo '<a href="edit_entry.php?room=', $room, '&period=&year=', $year, '&month=', $month, '&day=', $cday, '&page=month" title="', get_vocab("cliquez_pour_effectuer_une_reservation"), '"><span class="glyphicon glyphicon-plus"></span></a>', PHP_EOL;
} else {
echo '<a href="edit_entry.php?room=', $room, '&hour=', $hour, '&minute=0&year=', $year, '&month=', $month, '&day=', $cday, '&page=month" title="', get_vocab("cliquez_pour_effectuer_une_reservation"), '"><span class="glyphicon glyphicon-plus"></span></a>', PHP_EOL;
}
echo '</div>' . PHP_EOL;
} else {
echo ' ';
}
}
echo '</td>' . PHP_EOL;
}
if (++$weekcol == 7) {
$weekcol = 0;
</fieldset>
</form>
</body>
</html>
<?php
die;
}
$back = '';
if (isset($_SERVER['HTTP_REFERER'])) {
$back = htmlspecialchars($_SERVER['HTTP_REFERER']);
}
if (isset($sso_restrictions) && $sso_restrictions == true) {
showAccessDenied($back);
exit;
}
if (authGetUserLevel(getUserName(), -1) < 6 && $valid != 'yes') {
showAccessDenied($back);
exit;
}
if ($valid == 'no') {
print_header("", "", "", $type = "with_session");
// Affichage de la colonne de gauche
include "admin_col_gauche.php";
} else {
?>
<!doctype html>
<html>
<head>
<link rel="stylesheet" href="style.css" type="text/css">
<link rel="shortcut icon" href="favicon.ico">
<title> grr </title>
else
echo "<div class=\"empty_cell\">";
// Possibilité de faire une nouvelle réservation
$hour = date("H",$date_now); // Heure actuelle
$date_booking = mktime(24, 0, 0, $cmonth, $cday, $cyear); // minuit
if (est_hors_reservation(mktime(0,0,0,$cmonth,$cday,$cyear),$area))
echo "<img src=\"img_grr/stop.png\" alt=\"".get_vocab("reservation_impossible")."\" title=\"".get_vocab("reservation_impossible")."\" width=\"16\" height=\"16\" class=\"".$class_image."\" />";
else
if ((($authGetUserLevel > 1) or ($auth_visiteur == 1))
and ($UserRoomMaxBooking != 0)
and verif_booking_date(getUserName(), -1, $row[2], $date_booking, $date_now, $enable_periods)
and verif_delais_max_resa_room(getUserName(), $row[2], $date_booking)
and verif_delais_min_resa_room(getUserName(), $row[2], $date_booking)
and plages_libre_semaine_ressource($row[2], $cmonth, $cday, $cyear)
and (($row[4] == "1") or
(($row[4] == "0") and (authGetUserLevel(getUserName(),$row[2]) > 2) ))
and $_GET['pview'] != 1) {
if ($enable_periods == 'y')
echo "<a href=\"edit_entry.php?room=".$row[2]."&period=&year=$cyear&month=$cmonth&day=$cday&page=week_all\" title=\"".get_vocab("cliquez_pour_effectuer_une_reservation")."\"><img src=\"img_grr/new.png\" alt=\"".get_vocab("add")."\" class=\"".$class_image."\" /></a>";
else
echo "<a href=\"edit_entry.php?room=".$row[2]."&hour=$hour&minute=0&year=$cyear&month=$cmonth&day=$cday&page=week_all\" title=\"".get_vocab("cliquez_pour_effectuer_une_reservation")."\"><img src=\"img_grr/new.png\" alt=\"".get_vocab("add")."\" class=\"".$class_image."\" /></a>";
} else {
echo " ";
}
if (!$no_td)
echo "</div>";
echo "</td>\n";
} // Fin de la condition "on n'affiche pas tous les jours de la semaine"
$num_week_day++;// Pour le calcul des jours à afficher
$num_week_day = $num_week_day % 7;// Pour le calcul des jours à afficher
{
global $vocab;
// Search for indexes "user_name", "user_password", etc, in the localization array.
if (isset($vocab["user_" . $name])) {
return get_vocab("user_" . $name);
}
// If there is no entry (likely if user-defined fields have been added), return itself.
return $name;
}
/*---------------------------------------------------------------------------*\
| Authenticate the current user |
\*---------------------------------------------------------------------------*/
$initial_user_creation = 0;
if ($nusers > 0) {
$user = getUserName();
$level = authGetUserLevel($user);
// Do not allow unidentified people to browse the list.
if (!getAuthorised(1)) {
showAccessDenied($day, $month, $year, $area, "");
exit;
}
} else {
$initial_user_creation = 1;
if (!isset($Action)) {
$Action = "Add";
$Id = -1;
}
$level = $max_level;
$user = "";
// to avoid an undefined variable notice
}
$i = 0;
while ($line = sql_row($list, $i++)) {
print "<tr>\n";
$j = -1;
$this_id = 0;
foreach ($line as $col_value) {
$j += 1;
if ($j == 0) {
/* Don't display it, but remember it. */
$this_id = $col_value;
continue;
}
if ($j == 1) {
/* Use it to tell if it's a user or an admin */
$name = $col_value;
switch (authGetUserLevel($name, $auth["admin"])) {
case 1:
$right = get_vocab("user");
break;
case 2:
$right = get_vocab("administrator");
break;
// MRBS admin
// MRBS admin
case 3:
$right = get_vocab("administrator");
break;
// Reserved for future user admin.
// Reserved for future user admin.
default:
$right = get_vocab("unknown");
