function ClientDrop($idClient, $O) { $query = "DELETE FROM `client` WHERE `idClient`='{$idClient}';"; QueryExcute('', $query); $user_nom = $_SESSION['user_nom']; $user_prenom = $_SESSION['user_prenom']; NotifAllWrite('', '', '<a href="#">' . $user_nom . ' ' . $user_prenom . ' a supprimé le client, ' . $O->FamilyName . ' ' . $O->FirstName); LogWrite('Suppression de de client ' . $O->FamilyName . ' ' . $O->FirstName); Redirect('ili-modules/client/liste'); }
function UserInsert() { if (isset($_POST['cin']) && isset($_POST['FamilyName']) && isset($_POST['FirstName']) && isset($_POST['Email']) && isset($_POST['Phone']) && isset($_POST['Password']) && isset($_POST['FunctionPost']) && isset($_POST['Adress']) && isset($_POST['BirthDay'])) { //Recup variable $cin = addslashes($_POST['cin']); $FamilyName = addslashes($_POST['FamilyName']); $FirstName = addslashes($_POST['FirstName']); $Email = addslashes($_POST['Email']); $FunctionPost = addslashes($_POST['FunctionPost']); $Phone = addslashes($_POST['Phone']); $Adress = addslashes($_POST['Adress']); $BirthDay = addslashes($_POST['BirthDay']); $Password = addslashes($_POST['Password']); if (isset($_POST['fbAccount'])) { $fbAccount = $_POST['fbAccount']; } else { $fbAccount = ''; } if (isset($_POST['githubAccount'])) { $githubAccount = $_POST['githubAccount']; } else { $githubAccount = ''; } if (isset($_POST['linkedinAccount'])) { $linkedinAccount = $_POST['linkedinAccount']; } else { $linkedinAccount = ''; } if (isset($_POST['img_url'])) { $img_url = $_POST['img_url']; } else { $img_url = ''; } // Function global $Timestamp, $URL; $add_by = $_SESSION['user_nom_prenom']; if (QueryExcute('mysqli_fetch_object', "SELECT * FROM users WHERE idUser='******';")) { Redirect('ili-users/user_add?message=8'); } else { if (QueryExcute('mysqli_fetch_object', "SELECT * FROM users WHERE Email='{$Email}';")) { Redirect('ili-users/user_add?message=9'); } else { QueryExcute("", "INSERT INTO `users` VALUES ('{$cin}', '2', '{$FamilyName}', '{$FirstName}', '{$Email}', '{$FunctionPost}', '{$Phone}', '{$Adress}', '{$BirthDay}', MD5('{$Password}'), '{$Timestamp}', '{$fbAccount}', '{$githubAccount}', '{$linkedinAccount}', '{$ProfilePhoto}', '{$add_by}', '{$Timestamp}')"); QueryExcute("", "INSERT INTO `usersprivilege` VALUES (NULL, '{$cin}', 'USERS', '1', '0', '0', '0'), (NULL, '{$cin}', 'CLIENTS', '1', '0', '0', '0'), (NULL, '{$cin}', 'CONTRAT', '1', '0', '0', '0'), (NULL, '{$cin}', 'CAISSE', '1', '0', '0', '0')"); NotifAllWrite($cin, '', '<a href="' . $URL . 'ili-users/user_profil?id=' . $cin . '">Nouveau utilisateur, ' . $FamilyName . ' ' . $FirstName); LogWrite("Creation de l\\'utilisateur : " . $cin); Redirect('ili-users/users'); } } } }
function ContractRenew() { $idUser = $_SESSION['user_id']; $User = $_SESSION['user_nom_prenom']; if (isset($_POST['idContract']) && isset($_POST['StartDate']) && isset($_POST['EndDate']) && isset($_POST['Amount']) && isset($_POST['EncashmentDate']) && isset($_POST['PaymentKind'])) { $idContract = addslashes($_POST['idContract']); $StartDate = addslashes($_POST['StartDate']); $EndDate = addslashes($_POST['EndDate']); $Amount = addslashes($_POST['Amount']); global $NowEN; $EncashmentDate = $NowEN; $PaymentKind = addslashes($_POST['PaymentKind']); if (isset($_POST['PaymentCode'])) { $PaymentCode = addslashes($_POST['PaymentCode']); } else { $PaymentCode = ''; } if (isset($_POST['Bank'])) { $Bank = addslashes($_POST['Bank']); } else { $Bank = ''; } if (isset($_POST['TransferDate'])) { $TransferDate = addslashes($_POST['TransferDate']); } else { $TransferDate = ''; } $PayementAdd = QueryExcute("", "INSERT INTO `payment` VALUES (NULL, '{$EncashmentDate}', '', '{$PaymentKind}', '{$PaymentCode}', '{$Bank}', '{$TransferDate}', '{$Amount}', '{$idUser}');"); if (!$PayementAdd) { // recupération idPayment $ObjectPayement = QueryExcute("mysqli_fetch_array", "SELECT max(`idPayment`) FROM `payment`"); if ($ObjectPayement) { $idPayment = $ObjectPayement[0]; $ContractcycleAdd = QueryExcute("", "INSERT INTO `contractcycle` VALUES(NULL, '{$idPayment}', '{$idContract}', '{$StartDate}', '{$EndDate}', '{$idUser}');"); if (!$ContractcycleAdd) { NotifAllWrite("", "", $User . " a renouveler le contrat #" . $idContract); $user = UserGetInfo($idUser); NotifAllWrite('', '', '<a href="' . $URL . 'ili-modules/contrat/contrat?id=' . $idContract . '">' . $user->FamilyName . ' ' . $user->FirstName . ', a renouveler le contrat : #' . $idContract . '</a>'); Redirect("ili-modules/contrat/liste"); } else { Redirect('ili-modules/contrat/renew/renew?id=' . $idContract . '&message=31'); } } } else { Redirect('ili-modules/contrat/renew/renew?id=' . $idContract . '&message=32'); } } }
function ClientInsert() { //Form Variables if (isset($_POST['idClient']) && isset($_POST['FamilyName']) && isset($_POST['FirstName']) && isset($_POST['Phone']) && isset($_POST['Adress'])) { global $URL; $idClient = addslashes($_POST['idClient']); $FamilyName = addslashes($_POST['FamilyName']); $FirstName = addslashes($_POST['FirstName']); $Phone = addslashes($_POST['Phone']); $Adress = addslashes($_POST['Adress']); $idUser = $_SESSION['user_id']; $User = $_SESSION['user_nom_prenom']; if (QueryExcute("mysqli_fetch_row", "SELECT * FROM client WHERE idClient='{$idClient}'") == 0) { QueryExcute("", "INSERT INTO `client` VALUES ('{$idClient}', '{$FamilyName}', '{$FirstName}', '{$Phone}', '{$Adress}', '{$idUser}');"); NotifAllWrite('', '', '<a href="' . $URL . 'ili-modules/client/client?id=' . $idClient . '">' . $User . ' a creé un nouveau client , ' . $FamilyName . ' ' . $FirstName); LogWrite("Création de client : <a href=\"ili-modules/client/client?id=" . $idClient . "\">" . $idClient . "</a>"); Redirect('ili-modules/client/client?id=' . $idClient); } else { Redirect('ili-modules/client/add?message=16'); } } }
<?php include "../ili-functions/functions.php"; function UserDeban($idUser) { $QueryUserDeban = "UPDATE users SET idRank='2' WHERE idUser='******' ;"; QueryExcute('', $QueryUserDeban); } Authorization('2'); AuthorizedPrivileges('USERS', 'U'); $idUser = $_GET['id']; $user = UserGetInfo($idUser); if ($user == '') { Redirect('index?message=14'); } else { UserDeban($idUser); $idUserSession = $_SESSION['user_id']; $UserUpdated = UserGetInfo($idUser); $UserUpdater = UserGetInfo($idUserSession); NotifAllWrite($idUser, '', '<a href="' . $URL . 'ili-users/user_profil?id=' . $idUser . '">' . $UserUpdater->FamilyName . ' ' . $UserUpdater->FirstName . ' a débanni ' . $UserUpdated->FamilyName . ' ' . $UserUpdated->FirstName); LogWrite("Utilisateur : " . $user->idUser . " a ete debanni"); Redirect('ili-users/user_edit?id=' . $idUser); }
$TransferDate = addslashes($_POST['TransferDate']); } else { $TransferDate = ''; } $idUser = $_SESSION['user_id']; $ajout = QueryExcute("", "INSERT INTO `insurancecontract` VALUES ('{$idContract}', '{$idClient}', '{$TypeContract}', '{$NatureContract}');"); if (!$ajout) { $ajout2 = QueryExcute("", "INSERT INTO `payment` VALUES (NULL, '{$EncashmentDate}', '', '{$PaymentKind}', '{$PaymentCode}', '{$Bank}', '{$TransferDate}', '{$Amount}', '{$idUser}');"); if (!$ajout2) { $ObjectPayement = QueryExcute("mysqli_fetch_array", "SELECT max(`idPayment`) FROM `payment`"); if ($ObjectPayement) { $idPayment = $ObjectPayement[0]; $ajout3 = QueryExcute("", "INSERT INTO `contractcycle` VALUES(NULL, '{$idPayment}', '{$idContract}', '{$StartDate}', '{$EndDate}', '{$idUser}');"); if (!$ajout3) { $user = UserGetInfo($idUser); NotifAllWrite('', '', '<a href="' . $URL . 'ili-modules/contrat/contrat?id=' . $idContract . '">' . $user->FamilyName . ' ' . $user->FirstName . ', a crée un nouveau contrat : #' . $idContract . '</a>'); LogWrite("Ajout contract ID : " . $idContract); Redirect("ili-modules/contrat/liste"); } else { Redirect('ili-modules/contrat/add/add?clt=' . $id_clt . '&message=26'); } } else { Redirect('ili-modules/contrat/add/add?clt=' . $id_clt . '&message=27'); } } else { Redirect('ili-modules/contrat/add/add?clt=' . $id_clt . '&message=28'); } } else { Redirect('ili-modules/contrat/add/add?clt=' . $id_clt . '&message=29'); } }
<?php include "../ili-functions/functions.php"; function UserDiplomaDrop($idDiploma) { $query = "DELETE FROM `usersdiploma` WHERE `idDiploma`='{$idDiploma}';"; if (QueryExcute('', $query)) { return 1; } } Authorization('2'); UserDiplomaDrop($_GET['id_diploma']); $idUser = $_GET['idUser']; $diploma_name = $_GET['diploma_name']; $user = UserGetInfo($idUser); if ($user == '') { Redirect('index?message=14'); } else { $idUserSession = $_SESSION['user_id']; if ($idUserSession == $idUser) { NotifAllWrite($idUser, '', '<a href="' . $URL . 'ili-users/user_profil?id=' . $idUser . '">' . $user->FamilyName . ' ' . $user->FirstName . ' a supprimé son diplôme : ' . $diploma_name); } else { $UserUpdated = UserGetInfo($idUser); $UserUpdater = UserGetInfo($idUserSession); NotifAllWrite($idUser, '', '<a href="' . $URL . 'ili-users/user_profil?id=' . $idUser . '">' . $UserUpdater->FamilyName . ' ' . $UserUpdater->FirstName . ' a supprimer le diplôme : ' . $diploma_name . ' de ' . $UserUpdated->FamilyName . ' ' . $UserUpdated->FirstName); } LogWrite("Suppression du diplome : " . $diploma_name . ", de l\\'utilisateur : " . $idUser); Redirect('ili-users/user_edit?id=' . $idUser); }
function UserPrivilegesGetUpdate($idUser) { global $URL; $user = UserGetInfo($idUser); if ($_SESSION['user_idRank'] >= 3 && $_SESSION['user_id'] != $idUser) { echo ' <ul class="nav nav-tabs nav-stacked" style="margin-left:-15%;"> <div class="widget-body"> <div class="space10"></div> <ul id="tree_2" class="tree"> <li> <a data-toggle="branch" class="tree-toggle" data-role="branch" href="#">Autorisations</a> <ul class="branch in">'; $query = "SELECT `bloc` FROM `usersprivilege` WHERE `idUser`='{$idUser}'"; $result = QueryExcuteWhile($query); while ($o = mysqli_fetch_object($result)) { if ($o->bloc != 'CONTRAT' && $o->bloc != 'CAISSE') { echo ' <li><a data-toggle="branch" class="tree-toggle closed" data-role="branch" href="#">' . $o->bloc . '</a>'; $query2 = "SELECT * FROM `usersprivilege` WHERE `idUser`='{$idUser}' AND `bloc`='{$o->bloc}';"; $result2 = QueryExcuteWhile($query2); while ($b = mysqli_fetch_object($result2)) { echo ' <ul class="branch"> '; if ($b->s) { echo ' <li> <form action="" method="post" style="margin-bottom:-2px;"> <input type="hidden" name="' . $b->idPrivilege . 's0" value="1"> <input type="checkbox" name="s0" value="0" checked onChange="this.form.submit()"> <a><p class="icon-eye-open"></p></a> Voir </form> </li> '; } else { echo ' <li> <form action="" method="post" style="margin-bottom:-2px;"> <input type="checkbox" name="' . $b->idPrivilege . 's1" value="1" onChange="this.form.submit()"> <a><p class="icon-eye-open"></p></a> Voir </form> </li> '; } if ($b->c) { echo ' <li> <form action="" method="post" style="margin-bottom:-2px;"> <input type="hidden" name="' . $b->idPrivilege . 'c0" value="1"> <input type="checkbox" name="c0" value="0" checked onChange="this.form.submit()"> <a><p class="icon-plus"></p></a> Créer </form> </li> '; } else { echo ' <li> <form action="" method="post" style="margin-bottom:-2px;"> <input type="checkbox" name="' . $b->idPrivilege . 'c1" value="1" onChange="this.form.submit()"> <a><p class="icon-plus"></p></a> Créer </form> </li> '; } if ($b->u) { echo ' <li> <form action="" method="post" style="margin-bottom:-2px;"> <input type="hidden" name="' . $b->idPrivilege . 'u0" value="1"> <input type="checkbox" name="u0" value="0" checked onChange="this.form.submit()"> <a><p class="icon-edit"></p></a> Modifier </form> </li> '; } else { echo ' <li> <form action="" method="post" style="margin-bottom:-2px;"> <input type="checkbox" name="' . $b->idPrivilege . 'u1" value="1" onChange="this.form.submit()"> <a><p class="icon-edit"></p></a> Modifier </form> </li> '; } if ($b->d) { echo ' <li> <form action="" method="post" style="margin-bottom:-2px;"> <input type="hidden" name="' . $b->idPrivilege . 'd0" value="1"> <input type="checkbox" name="d0" value="0" checked onChange="this.form.submit()"> <a><p class="icon-trash"></p></a> Supprimer </form> </li> '; } else { echo ' <li> <form action="" method="post" style="margin-bottom:-2px;"> <input type="checkbox" name="' . $b->idPrivilege . 'd1" value="1" onChange="this.form.submit()"> <a><p class="icon-trash"></p></a> Supprimer </form> </li> '; } if (isset($_POST[$b->idPrivilege . 's0'])) { $query = "UPDATE `usersprivilege` SET s='0' WHERE idPrivilege='{$b->idPrivilege}';"; QueryExcute('', $query); NotifAllWrite('', '', '<a href="' . $URL . 'ili-users/user_profil?id=' . $user->idPrivilege_user . '">Supprission du privilége <strong>VOIR</strong> sur le bloc <strong>' . $o->bloc . '</strong> de ' . $user->FamilyName . ' ' . $user->FirstName); LogWrite("Suppression de privilege VOIR sur le bloc " . $o->bloc . " pour l\\'utilisateur : " . $idUser); echo '<SCRIPT LANGUAGE="JavaScript">document.location.href="user_edit?id=' . $idUser . '"</SCRIPT>'; } if (isset($_POST[$b->idPrivilege . 's1'])) { $query = "UPDATE `usersprivilege` SET s='1' WHERE idPrivilege='{$b->idPrivilege}';"; QueryExcute('', $query); NotifAllWrite('', '', '<a href="' . $URL . 'ili-users/user_profil?id=' . $user->idPrivilege_user . '">Ajout du privilége <strong>VOIR</strong> sur le bloc <strong>' . $o->bloc . '</strong> de ' . $user->FamilyName . ' ' . $user->FirstName); LogWrite("Ajout de privilege VOIR sur le bloc " . $o->bloc . " pour l\\'utilisateur : " . $idUser); echo '<SCRIPT LANGUAGE="JavaScript">document.location.href="user_edit?id=' . $idUser . '"</SCRIPT>'; } if (isset($_POST[$b->idPrivilege . 'c0'])) { $query = "UPDATE `usersprivilege` SET c='0' WHERE idPrivilege='{$b->idPrivilege}';"; QueryExcute('', $query); NotifAllWrite('', '', '<a href="' . $URL . 'ili-users/user_profil?id=' . $user->idPrivilege_user . '">Supprission du privilége <strong>CREER</strong> sur le bloc <strong>' . $o->bloc . '</strong> de ' . $user->FamilyName . ' ' . $user->FirstName); LogWrite("Suppression de privilege CREER sur le bloc " . $o->bloc . " pour l\\'utilisateur : " . $idUser); echo '<SCRIPT LANGUAGE="JavaScript">document.location.href="user_edit?id=' . $idUser . '"</SCRIPT>'; } if (isset($_POST[$b->idPrivilege . 'c1'])) { $query = "UPDATE `usersprivilege` SET c='1' WHERE idPrivilege='{$b->idPrivilege}';"; QueryExcute('', $query); NotifAllWrite('', '', '<a href="' . $URL . 'ili-users/user_profil?id=' . $user->idPrivilege_user . '">Ajout du privilége <strong>CREER</strong> sur le bloc <strong>' . $o->bloc . '</strong> de ' . $user->FamilyName . ' ' . $user->FirstName); LogWrite("Ajout de privilege CREER sur le bloc " . $o->bloc . " pour l\\'utilisateur : " . $idUser); echo '<SCRIPT LANGUAGE="JavaScript">document.location.href="user_edit?id=' . $idUser . '"</SCRIPT>'; } if (isset($_POST[$b->idPrivilege . 'u0'])) { $query = "UPDATE `usersprivilege` SET u='0' WHERE idPrivilege='{$b->idPrivilege}';"; QueryExcute('', $query); NotifAllWrite('', '', '<a href="' . $URL . 'ili-users/user_profil?id=' . $user->idPrivilege_user . '">Supprission du privilége <strong>MODIFIER</strong> sur le bloc <strong>' . $o->bloc . '</strong> de ' . $user->FamilyName . ' ' . $user->FirstName); LogWrite("Suppression de privilege MODIFIER sur le bloc " . $o->bloc . " pour l\\'utilisateur : " . $idUser); echo '<SCRIPT LANGUAGE="JavaScript">document.location.href="user_edit?id=' . $idUser . '"</SCRIPT>'; } if (isset($_POST[$b->idPrivilege . 'u1'])) { $query = "UPDATE `usersprivilege` SET u='1' WHERE idPrivilege='{$b->idPrivilege}';"; QueryExcute('', $query); NotifAllWrite('', '', '<a href="' . $URL . 'ili-users/user_profil?id=' . $user->idPrivilege_user . '">Ajout du privilége <strong>MODIFIER</strong> sur le bloc <strong>' . $o->bloc . '</strong> de ' . $user->FamilyName . ' ' . $user->FirstName); LogWrite("Ajout de privilege MODIFIER sur le bloc " . $o->bloc . " pour l\\'utilisateur : " . $idUser); echo '<SCRIPT LANGUAGE="JavaScript">document.location.href="user_edit?id=' . $idUser . '"</SCRIPT>'; } if (isset($_POST[$b->idPrivilege . 'd0'])) { $query = "UPDATE `usersprivilege` SET d='0' WHERE idPrivilege='{$b->idPrivilege}';"; QueryExcute('', $query); NotifAllWrite('', '', '<a href="' . $URL . 'ili-users/user_profil?id=' . $user->idPrivilege_user . '">Suppression du privilége <strong>SUPPRIMER</strong> sur le bloc <strong>' . $o->bloc . '</strong> de ' . $user->FamilyName . ' ' . $user->FirstName); LogWrite("Suppression de privilege SUPPRIMER sur le bloc " . $o->bloc . " pour l\\'utilisateur : " . $idUser); echo '<SCRIPT LANGUAGE="JavaScript">document.location.href="user_edit?id=' . $idUser . '"</SCRIPT>'; } if (isset($_POST[$b->idPrivilege . 'd1'])) { $query = "UPDATE `usersprivilege` SET d='1' WHERE idPrivilege='{$b->idPrivilege}';"; QueryExcute('', $query); NotifAllWrite('', '', '<a href="' . $URL . 'ili-users/user_profil?id=' . $user->idPrivilege_user . '">Ajout du privilége <strong>SUPPRIMER</strong> sur le bloc <strong>' . $o->bloc . '</strong> de ' . $user->FamilyName . ' ' . $user->FirstName); LogWrite("Ajout de privilege SUPPRIMER sur le bloc " . $o->bloc . " pour l\\'utilisateur : " . $idUser); echo '<SCRIPT LANGUAGE="JavaScript">document.location.href="user_edit?id=' . $idUser . '"</SCRIPT>'; } echo ' </ul> '; } } if ($o->bloc == 'CONTRAT') { echo ' <li><a data-toggle="branch" class="tree-toggle closed" data-role="branch" href="#">' . $o->bloc . '</a>'; $query2 = "SELECT * FROM `usersprivilege` WHERE `idUser`='{$idUser}' AND `bloc`='{$o->bloc}';"; $result2 = QueryExcuteWhile($query2); while ($b = mysqli_fetch_object($result2)) { echo ' <ul class="branch"> '; if ($b->s) { echo ' <li> <form action="" method="post" style="margin-bottom:-2px;"> <input type="hidden" name="' . $b->idPrivilege . 's0" value="1"> <input type="checkbox" name="s0" value="0" checked onChange="this.form.submit()"> <a><p class="icon-eye-open"></p></a> Voir </form> </li> '; } else { echo ' <li> <form action="" method="post" style="margin-bottom:-2px;"> <input type="checkbox" name="' . $b->idPrivilege . 's1" value="1" onChange="this.form.submit()"> <a><p class="icon-eye-open"></p></a> Voir </form> </li> '; } if ($b->c) { echo ' <li> <form action="" method="post" style="margin-bottom:-2px;"> <input type="hidden" name="' . $b->idPrivilege . 'c0" value="1"> <input type="checkbox" name="c0" value="0" checked onChange="this.form.submit()"> <a><p class="icon-file"></p></a> Créer </form> </li> '; } else { echo ' <li> <form action="" method="post" style="margin-bottom:-2px;"> <input type="checkbox" name="' . $b->idPrivilege . 'c1" value="1" onChange="this.form.submit()"> <a><p class="icon-file"></p></a> Créer </form> </li> '; } if ($b->u) { echo ' <li> <form action="" method="post" style="margin-bottom:-2px;"> <input type="hidden" name="' . $b->idPrivilege . 'u0" value="1"> <input type="checkbox" name="u0" value="0" checked onChange="this.form.submit()"> <a><p class="icon-repeat"></p></a> Renouveler </form> </li> '; } else { echo ' <li> <form action="" method="post" style="margin-bottom:-2px;"> <input type="checkbox" name="' . $b->idPrivilege . 'u1" value="1" onChange="this.form.submit()"> <a><p class="icon-repeat"></p></a> Renouveler </form> </li> '; } if ($b->d) { echo ' <li> <form action="" method="post" style="margin-bottom:-2px;"> <input type="hidden" name="' . $b->idPrivilege . 'd0" value="1"> <input type="checkbox" name="d0" value="0" checked onChange="this.form.submit()"> <a><p class="icon-trash"></p></a> Supprimer </form> </li> '; } else { echo ' <li> <form action="" method="post" style="margin-bottom:-2px;"> <input type="checkbox" name="' . $b->idPrivilege . 'd1" value="1" onChange="this.form.submit()"> <a><p class="icon-trash"></p></a> Supprimer </form> </li> '; } if (isset($_POST[$b->idPrivilege . 's0'])) { $query = "UPDATE `usersprivilege` SET s='0' WHERE idPrivilege='{$b->idPrivilege}';"; QueryExcute('', $query); NotifAllWrite('', '', '<a href="' . $URL . 'ili-users/user_profil?id=' . $user->idPrivilege_user . '">Supprission du privilége <strong>VOIR</strong> sur le bloc <strong>' . $o->bloc . '</strong> de ' . $user->FamilyName . ' ' . $user->FirstName); LogWrite("Suppression de privilege VOIR sur le bloc " . $o->bloc . " pour l\\'utilisateur : " . $idUser); echo '<SCRIPT LANGUAGE="JavaScript">document.location.href="user_edit?id=' . $idUser . '"</SCRIPT>'; } if (isset($_POST[$b->idPrivilege . 's1'])) { $query = "UPDATE `usersprivilege` SET s='1' WHERE idPrivilege='{$b->idPrivilege}';"; QueryExcute('', $query); NotifAllWrite('', '', '<a href="' . $URL . 'ili-users/user_profil?id=' . $user->idPrivilege_user . '">Ajout du privilége <strong>VOIR</strong> sur le bloc <strong>' . $o->bloc . '</strong> de ' . $user->FamilyName . ' ' . $user->FirstName); LogWrite("Ajout de privilege VOIR sur le bloc " . $o->bloc . " pour l\\'utilisateur : " . $idUser); echo '<SCRIPT LANGUAGE="JavaScript">document.location.href="user_edit?id=' . $idUser . '"</SCRIPT>'; } if (isset($_POST[$b->idPrivilege . 'c0'])) { $query = "UPDATE `usersprivilege` SET c='0' WHERE idPrivilege='{$b->idPrivilege}';"; QueryExcute('', $query); NotifAllWrite('', '', '<a href="' . $URL . 'ili-users/user_profil?id=' . $user->idPrivilege_user . '">Supprission du privilége <strong>CREER</strong> sur le bloc <strong>' . $o->bloc . '</strong> de ' . $user->FamilyName . ' ' . $user->FirstName); LogWrite("Suppression de privilege CREER sur le bloc " . $o->bloc . " pour l\\'utilisateur : " . $idUser); echo '<SCRIPT LANGUAGE="JavaScript">document.location.href="user_edit?id=' . $idUser . '"</SCRIPT>'; } if (isset($_POST[$b->idPrivilege . 'c1'])) { $query = "UPDATE `usersprivilege` SET c='1' WHERE idPrivilege='{$b->idPrivilege}';"; QueryExcute('', $query); NotifAllWrite('', '', '<a href="' . $URL . 'ili-users/user_profil?id=' . $user->idPrivilege_user . '">Ajout du privilége <strong>CREER</strong> sur le bloc <strong>' . $o->bloc . '</strong> de ' . $user->FamilyName . ' ' . $user->FirstName); LogWrite("Ajout de privilege CREER sur le bloc " . $o->bloc . " pour l\\'utilisateur : " . $idUser); echo '<SCRIPT LANGUAGE="JavaScript">document.location.href="user_edit?id=' . $idUser . '"</SCRIPT>'; } if (isset($_POST[$b->idPrivilege . 'u0'])) { $query = "UPDATE `usersprivilege` SET u='0' WHERE idPrivilege='{$b->idPrivilege}';"; QueryExcute('', $query); NotifAllWrite('', '', '<a href="' . $URL . 'ili-users/user_profil?id=' . $user->idPrivilege_user . '">Supprission du privilége <strong>RENOUVELER</strong> sur le bloc <strong>' . $o->bloc . '</strong> de ' . $user->FamilyName . ' ' . $user->FirstName); LogWrite("Suppression de privilege RENOUVELER sur le bloc " . $o->bloc . " pour l\\'utilisateur : " . $idUser); echo '<SCRIPT LANGUAGE="JavaScript">document.location.href="user_edit?id=' . $idUser . '"</SCRIPT>'; } if (isset($_POST[$b->idPrivilege . 'u1'])) { $query = "UPDATE `usersprivilege` SET u='1' WHERE idPrivilege='{$b->idPrivilege}';"; QueryExcute('', $query); NotifAllWrite('', '', '<a href="' . $URL . 'ili-users/user_profil?id=' . $user->idPrivilege_user . '">Ajout du privilége <strong>RENOUVELER</strong> sur le bloc <strong>' . $o->bloc . '</strong> de ' . $user->FamilyName . ' ' . $user->FirstName); LogWrite("Ajout de privilege RENOUVELER sur le bloc " . $o->bloc . " pour l\\'utilisateur : " . $idUser); echo '<SCRIPT LANGUAGE="JavaScript">document.location.href="user_edit?id=' . $idUser . '"</SCRIPT>'; } if (isset($_POST[$b->idPrivilege . 'd0'])) { $query = "UPDATE `usersprivilege` SET d='0' WHERE idPrivilege='{$b->idPrivilege}';"; QueryExcute('', $query); NotifAllWrite('', '', '<a href="' . $URL . 'ili-users/user_profil?id=' . $user->idPrivilege_user . '">Suppression du privilége <strong>SUPPRIMER</strong> sur le bloc <strong>' . $o->bloc . '</strong> de ' . $user->FamilyName . ' ' . $user->FirstName); LogWrite("Suppression de privilege SUPPRIMER sur le bloc " . $o->bloc . " pour l\\'utilisateur : " . $idUser); echo '<SCRIPT LANGUAGE="JavaScript">document.location.href="user_edit?id=' . $idUser . '"</SCRIPT>'; } if (isset($_POST[$b->idPrivilege . 'd1'])) { $query = "UPDATE `usersprivilege` SET d='1' WHERE idPrivilege='{$b->idPrivilege}';"; QueryExcute('', $query); NotifAllWrite('', '', '<a href="' . $URL . 'ili-users/user_profil?id=' . $user->idPrivilege_user . '">Ajout du privilége <strong>SUPPRIMER</strong> sur le bloc <strong>' . $o->bloc . '</strong> de ' . $user->FamilyName . ' ' . $user->FirstName); LogWrite("Ajout de privilege SUPPRIMER sur le bloc " . $o->bloc . " pour l\\'utilisateur : " . $idUser); echo '<SCRIPT LANGUAGE="JavaScript">document.location.href="user_edit?id=' . $idUser . '"</SCRIPT>'; } echo ' </ul> '; } } if ($o->bloc == 'CAISSE') { echo ' <li><a data-toggle="branch" class="tree-toggle closed" data-role="branch" href="#">' . $o->bloc . '</a>'; $query2 = "SELECT * FROM `usersprivilege` WHERE `idUser`='{$idUser}' AND `bloc`='{$o->bloc}';"; $result2 = QueryExcuteWhile($query2); while ($b = mysqli_fetch_object($result2)) { echo ' <ul class="branch"> '; if ($b->s) { echo ' <li> <form action="" method="post" style="margin-bottom:-2px;"> <input type="hidden" name="' . $b->idPrivilege . 's0" value="1"> <input type="checkbox" name="s0" value="0" checked onChange="this.form.submit()"> <a><p class="icon-book"></p></a> Journal </form> </li> '; } else { echo ' <li> <form action="" method="post" style="margin-bottom:-2px;"> <input type="checkbox" name="' . $b->idPrivilege . 's1" value="1" onChange="this.form.submit()"> <a><p class="icon-book"></p></a> Journal </form> </li> '; } if ($b->c) { echo ' <li> <form action="" method="post" style="margin-bottom:-2px;"> <input type="hidden" name="' . $b->idPrivilege . 'c0" value="1"> <input type="checkbox" name="c0" value="0" checked onChange="this.form.submit()"> <a><p class="icon-signout"></p></a> Décaissement </form> </li> '; } else { echo ' <li> <form action="" method="post" style="margin-bottom:-2px;"> <input type="checkbox" name="' . $b->idPrivilege . 'c1" value="1" onChange="this.form.submit()"> <a><p class="icon-signout"></p></a> Décaissement </form> </li> '; } if ($b->u) { echo ' <li> <form action="" method="post" style="margin-bottom:-2px;"> <input type="hidden" name="' . $b->idPrivilege . 'u0" value="1"> <input type="checkbox" name="u0" value="0" checked onChange="this.form.submit()"> <a><p class="icon-money"></p></a> Echéancier </form> </li> '; } else { echo ' <li> <form action="" method="post" style="margin-bottom:-2px;"> <input type="checkbox" name="' . $b->idPrivilege . 'u1" value="1" onChange="this.form.submit()"> <a><p class="icon-money"></p></a> Echéancier </form> </li> '; } if (isset($_POST[$b->idPrivilege . 's0'])) { $query = "UPDATE `usersprivilege` SET s='0' WHERE idPrivilege='{$b->idPrivilege}';"; QueryExcute('', $query); NotifAllWrite('', '', '<a href="' . $URL . 'ili-users/user_profil?id=' . $user->idPrivilege_user . '">Supprission du privilége <strong>JOURNAL</strong> sur le bloc <strong>' . $o->bloc . '</strong> de ' . $user->FamilyName . ' ' . $user->FirstName); LogWrite("Suppression de privilege VOIR sur le bloc " . $o->bloc . " pour l\\'utilisateur : " . $idUser); echo '<SCRIPT LANGUAGE="JavaScript">document.location.href="user_edit?id=' . $idUser . '"</SCRIPT>'; } if (isset($_POST[$b->idPrivilege . 's1'])) { $query = "UPDATE `usersprivilege` SET s='1' WHERE idPrivilege='{$b->idPrivilege}';"; QueryExcute('', $query); NotifAllWrite('', '', '<a href="' . $URL . 'ili-users/user_profil?id=' . $user->idPrivilege_user . '">Ajout du privilége <strong>JOURNAL</strong> sur le bloc <strong>' . $o->bloc . '</strong> de ' . $user->FamilyName . ' ' . $user->FirstName); LogWrite("Ajout de privilege VOIR sur le bloc " . $o->bloc . " pour l\\'utilisateur : " . $idUser); echo '<SCRIPT LANGUAGE="JavaScript">document.location.href="user_edit?id=' . $idUser . '"</SCRIPT>'; } if (isset($_POST[$b->idPrivilege . 'c0'])) { $query = "UPDATE `usersprivilege` SET c='0' WHERE idPrivilege='{$b->idPrivilege}';"; QueryExcute('', $query); NotifAllWrite('', '', '<a href="' . $URL . 'ili-users/user_profil?id=' . $user->idPrivilege_user . '">Supprission du privilége <strong>DECAISSEMENT</strong> sur le bloc <strong>' . $o->bloc . '</strong> de ' . $user->FamilyName . ' ' . $user->FirstName); LogWrite("Suppression de privilege CREER sur le bloc " . $o->bloc . " pour l\\'utilisateur : " . $idUser); echo '<SCRIPT LANGUAGE="JavaScript">document.location.href="user_edit?id=' . $idUser . '"</SCRIPT>'; } if (isset($_POST[$b->idPrivilege . 'c1'])) { $query = "UPDATE `usersprivilege` SET c='1' WHERE idPrivilege='{$b->idPrivilege}';"; QueryExcute('', $query); NotifAllWrite('', '', '<a href="' . $URL . 'ili-users/user_profil?id=' . $user->idPrivilege_user . '">Ajout du privilége <strong>DECAISSEMENT</strong> sur le bloc <strong>' . $o->bloc . '</strong> de ' . $user->FamilyName . ' ' . $user->FirstName); LogWrite("Ajout de privilege CREER sur le bloc " . $o->bloc . " pour l\\'utilisateur : " . $idUser); echo '<SCRIPT LANGUAGE="JavaScript">document.location.href="user_edit?id=' . $idUser . '"</SCRIPT>'; } if (isset($_POST[$b->idPrivilege . 'u0'])) { $query = "UPDATE `usersprivilege` SET u='0' WHERE idPrivilege='{$b->idPrivilege}';"; QueryExcute('', $query); NotifAllWrite('', '', '<a href="' . $URL . 'ili-users/user_profil?id=' . $user->idPrivilege_user . '">Supprission du privilége <strong>ECHEANCIER</strong> sur le bloc <strong>' . $o->bloc . '</strong> de ' . $user->FamilyName . ' ' . $user->FirstName); LogWrite("Suppression de privilege RENOUVELER sur le bloc " . $o->bloc . " pour l\\'utilisateur : " . $idUser); echo '<SCRIPT LANGUAGE="JavaScript">document.location.href="user_edit?id=' . $idUser . '"</SCRIPT>'; } if (isset($_POST[$b->idPrivilege . 'u1'])) { $query = "UPDATE `usersprivilege` SET u='1' WHERE idPrivilege='{$b->idPrivilege}';"; QueryExcute('', $query); NotifAllWrite('', '', '<a href="' . $URL . 'ili-users/user_profil?id=' . $user->idPrivilege_user . '">Ajout du privilége <strong>ECHEANCIER</strong> sur le bloc <strong>' . $o->bloc . '</strong> de ' . $user->FamilyName . ' ' . $user->FirstName); LogWrite("Ajout de privilege RENOUVELER sur le bloc " . $o->bloc . " pour l\\'utilisateur : " . $idUser); echo '<SCRIPT LANGUAGE="JavaScript">document.location.href="user_edit?id=' . $idUser . '"</SCRIPT>'; } echo ' </ul> '; } } echo ' </li> '; } echo ' </ul> </li> </ul> </div> </ul> '; } }
function UploadImage() { global $URL; $idUser = $_SESSION['user_id']; $user = UserGetInfo($idUser); if (isset($_POST["UploadImage"])) { $target_dir = "../../ili-upload/"; $target_file = $target_dir . basename($_FILES["fileToUpload"]['name']); $uploadOk = 1; $imageFileType = pathinfo($target_file, PATHINFO_EXTENSION); $imageFilename = pathinfo($target_file, PATHINFO_FILENAME); $imageNewName = "logo"; $NewTarget = $target_dir . $imageNewName . '.' . $imageFileType; // Check if image file is a actual image or fake image $check = getimagesize($_FILES["fileToUpload"]["tmp_name"]); if ($check !== false) { /*echo "Ce fichier est une image - " . $check["mime"] . ".";*/ $uploadOk = 1; } else { echo "Ce fichier n'est pas une image."; $uploadOk = 0; } // Check if file already exists /*if (file_exists($target_file)) { echo "Fichier existe déjà."; $uploadOk = 0; }*/ // Check file size if ($_FILES["fileToUpload"]["size"] > 500000) { echo "Le fichier est volumineux."; $uploadOk = 0; } // Allow certain file formats if ($imageFileType != "png") { echo "L'extension PNG uniquement est autorisé."; $uploadOk = 0; } // Check if $uploadOk is set to 0 by an error if ($uploadOk == 0) { echo "Erreur : Chargement!."; // if everything is ok, try to upload file } else { if (move_uploaded_file($_FILES["fileToUpload"]["tmp_name"], $NewTarget)) { /*echo "Fichier ". basename( $_FILES["fileToUpload"]["name"]). " Chargé.";*/ NotifAllWrite('', '', '<a href="' . $URL . 'ili-modules/ets/info">' . $user->FamilyName . ' ' . $user->FirstName . ', a modifier le logo de l`entreprise'); LogWrite("Modification de logo de l\\'entreprise"); Redirect('ili-modules/ets/info'); } else { echo "Erreur : Chargement!."; } } } }
<?php include "../../../ili-functions/functions.php"; if ($_POST) { //Récupération des variable depuis le lien $idClient = $_GET['idClient']; $Notification = $_GET['Notification']; $Log = $_GET['Log']; $Form = $_GET['Form']; //Récupération des varibales depuis la formulaire $input = $_POST['input']; //Exécution de requette QueryExcute("", "UPDATE `client` SET {$Form} = '{$input}' WHERE `idClient` = '{$idClient}';"); //Récupération des variables pour le log & notification $idUser = $_SESSION['user_id']; //Construction des objets pour le log & notification $User = UserGetInfo($idUser); $Client = ClientGetInfo($idClient); //Execution des fonctions NotifAllWrite('', '', '<a href="' . $URL . 'ili-modules/client/client?id=' . $idClient . '"><b>' . $User->FamilyName . ' ' . $User->FirstName . '</b> ' . $Notification . ' <b>' . $input . '</b>'); LogWrite($Log . ' ' . $input); }
<?php include "../ili-functions/functions.php"; function UserExpiranceDrop($idExperience) { $query = "DELETE FROM `usersexperience` WHERE `idExperience`='{$idExperience}';"; if (QueryExcute('', $query)) { return 1; } } Authorization('2'); UserExpiranceDrop($_GET['id_expirance']); $company = $_GET['Company']; $idUser = $_GET['idUser']; $user = UserGetInfo($idUser); if ($user == '') { Redirect('index?message=14'); } else { $idUserSession = $_SESSION['user_id']; if ($idUserSession == $idUser) { NotifAllWrite($idUser, '', '<a href="' . $URL . 'ili-users/user_profil?id=' . $idUser . '">' . $user->FamilyName . ' ' . $user->FirstName . ' a supprimé expérance dans l`etablissement : ' . $company); } else { $UserUpdated = UserGetInfo($idUser); $UserUpdater = UserGetInfo($idUserSession); NotifAllWrite($idUser, '', '<a href="' . $URL . 'ili-users/user_profil?id=' . $idUser . '">' . $UserUpdater->FamilyName . ' ' . $UserUpdater->FirstName . ' a supprimer l`experiance dans l`etablissement : ' . $company . ' de ' . $UserUpdated->FamilyName . ' ' . $UserUpdated->FirstName); } LogWrite("Suppression du l\\'experience : " . $company . ", de l\\'utilisateur : " . $idUser); Redirect('ili-users/user_edit?id=' . $idUser); }
<?php include "../ili-functions/functions.php"; function UserDrop($id) { QueryExcute('', "DELETE FROM usersprivilege WHERE idUser='******'"); QueryExcute('', "DELETE FROM users WHERE idUser='******'"); } Authorization('2'); AuthorizedPrivileges('USERS', 'D'); $id = $_GET['id']; if (!$IfUserHasActivity) { UserDrop($id); NotifAllWrite($id, '', 'L`utilisateur avec CIN :' . $id . ' a été supprimer'); LogWrite("Suppression de l`utilisateur avec CIN=" . $id); Refresh('index'); } else { Redirect('index?message=39'); }
<?php include "../ili-functions/functions.php"; function UserQualificationDrop($idQualification) { $Query = "DELETE FROM `usersqualification` WHERE `idQualification`='{$idQualification}';"; QueryExcute('', $Query); } Authorization('2'); $id_skills = $_GET['id_skills']; $skills_name = $_GET['skills_name']; $idUser = $_GET['idUser']; UserQualificationDrop($id_skills); $user = UserGetInfo($idUser); if ($user == '') { Redirect('index?message=14'); } else { $idUserSession = $_SESSION['user_id']; if ($idUserSession == $idUser) { NotifAllWrite($idUser, '', '<a href="' . $URL . 'ili-users/user_profil?id=' . $idUser . '">' . $user->FamilyName . ' ' . $user->FirstName . ' a supprimé son compétance : ' . $skills_name); } else { $UserUpdated = UserGetInfo($idUser); $UserUpdater = UserGetInfo($idUserSession); NotifAllWrite($idUser, '', '<a href="' . $URL . 'ili-users/user_profil?id=' . $idUser . '">' . $UserUpdater->FamilyName . ' ' . $UserUpdater->FirstName . ' a supprimer la compétance : ' . $skills_name . ' de ' . $UserUpdated->FamilyName . ' ' . $UserUpdated->FirstName); } LogWrite("Suppression du competence : " . $skills_name . " de l\\'utilisateur : " . $idUser); Redirect('ili-users/user_edit?id=' . $idUser); }
$PaymentCode = ''; } if (isset($_POST['Bank'])) { $Bank = addslashes($_POST['Bank']); } else { $Bank = ''; } if (isset($_POST['TransferDate'])) { $TransferDate = addslashes($_POST['TransferDate']); } else { $TransferDate = ''; } QueryExcute("", "INSERT INTO `payment` VALUES (NULL, '{$NowEN}', '{$Description}', '{$PaymentKind}', '{$PaymentCode}', '{$Bank}', '{$TransferDate}', '{$Amount}', '{$idUser}');"); $RecupIdPaiement = RecupIdPaiement(); $user = UserGetInfo($idUser); NotifAllWrite('', '', '<a href="' . $URL . 'ili-modules/caisse/paiement?id=' . $RecupIdPaiement . '">' . $user->FamilyName . ' ' . $user->FirstName . ', a effectuer un décaissement : ' . $Description . '</a>'); LogWrite("Décaissement : " . $Description); Redirect("ili-modules/caisse/journal"); } ?> </div> </div> </div> <!-- END PAGE CONTAINER--> </div> <!-- END PAGE --> </div> <!-- END CONTAINER --> <!-- BEGIN FOOTER -->