// 9 [8] Area (HTML) -> a.area_name
// 10 [9] Room (HTML) -> r.room_name
// 11 [10] Room description -> r.description
// 12 [11] id de l'area -> a.id
// 13 [12] les champs additionnele -> e.overload_desc
// Tableau des ressources invisibles pour l'utilisateur
$sql = "SELECT distinct e.id, e.start_time, e.end_time, e.name, e.description, " . "e.type, e.beneficiaire, " . grr_sql_syntax_timestamp_to_unix("e.timestamp") . ", a.area_name, r.room_name, r.description, a.id, e.overload_desc" . " FROM " . TABLE_PREFIX . "_entry e, " . TABLE_PREFIX . "_area a, " . TABLE_PREFIX . "_room r, " . TABLE_PREFIX . "_type_area t";
// Si l'utilisateur n'est pas administrateur, seuls les domaines auxquels il a accès sont pris en compte
if (authGetUserLevel(getUserName(), -1) < 6) {
if ($test_grr_j_user_area != 0) {
$sql .= ", " . TABLE_PREFIX . "_j_user_area j ";
}
}
$sql .= " WHERE e.room_id = r.id AND r.area_id = a.id";
// on ne cherche pas parmi les ressources invisibles pour l'utilisateur
$tab_rooms_noaccess = verif_acces_ressource(getUserName(), 'all');
foreach ($tab_rooms_noaccess as $key) {
$sql .= " and r.id != {$key} ";
}
// Si l'utilisateur n'est pas administrateur, seuls les domaines auxquels il a accès sont pris en compte
if (authGetUserLevel(getUserName(), -1) < 6) {
if ($test_grr_j_user_area == 0) {
$sql .= " and a.access='a' ";
} else {
$sql .= " and ((j.login='******' and j.id_area=a.id and a.access='r') or (a.access='a')) ";
}
}
$sql .= " AND e.start_time < {$report_end} AND e.end_time > {$report_start}";
$k = 0;
if (isset($champ[0])) {
$sql .= " AND (";
if (!isset($retour_page)) {
$retour_page = $back;
// on nettoie la chaine :
$long_chaine_a_supprimer = strlen(strstr($retour_page, "&msg="));
// longueur de la chaine e partir de la premiere occurence de &msg=
if ($long_chaine_a_supprimer == 0) {
$long_chaine_a_supprimer = strlen(strstr($retour_page, "?msg="));
}
$long = strlen($retour_page) - $long_chaine_a_supprimer;
$retour_page = substr($retour_page, 0, $long);
}
// modification d'une resource : admin ou gestionnaire
if (authGetUserLevel(getUserName(), -1) < 6) {
if (isset($room)) {
// Il s'agit d'une modif de ressource
if (authGetUserLevel(getUserName(), $room) < 3 || !verif_acces_ressource(getUserName(), $room)) {
showAccessDenied($back);
exit;
}
} else {
if (isset($area_id)) {
// On verifie que le domaine $area_id existe
$test = grr_sql_query1("SELECT id FROM " . TABLE_PREFIX . "_area WHERE id='" . $area_id . "'");
if ($test == -1) {
showAccessDenied($back);
exit;
}
// Il s'agit de l'ajout d'une ressource
// On verifie que l'utilisateur a le droit d'ajouter des ressources
if (authGetUserLevel(getUserName(), $area_id, 'area') < 4) {
showAccessDenied($back);
echo '<tr>' . PHP_EOL;
if ($iii % 2 == 1) {
tdcell("cell_hours");
} else {
tdcell("cell_hours2");
}
$iii++;
if ($enable_periods == 'y') {
$time_t = date("i", $t);
$time_t_stripped = preg_replace("/^0/", "", $time_t);
echo $periods_name[$time_t_stripped] . '</td>' . PHP_EOL;
} else {
echo affiche_heure_creneau($t, $resolution) . '</td>' . PHP_EOL;
}
while (list($key, $room) = each($rooms)) {
if (verif_acces_ressource(getUserName(), $room)) {
if (isset($today[$room][$t]["id"])) {
$id = $today[$room][$t]["id"];
$color = $today[$room][$t]["color"];
$descr = $today[$room][$t]["data"];
} else {
unset($id);
}
if (isset($id) && !est_hors_reservation(mktime(0, 0, 0, $month, $day, $year), $area)) {
$c = $color;
} else {
if ($statut_room[$room] == "0") {
$c = "avertissement";
} else {
$c = "empty_cell";
}
/**
* Affichage des rooms sous la forme d'un input
*
* @param string $link
* @param string $current_area
* @param string $current_room
* @param string $year
* @param string $month
* @param string $day
* @return string
*/
function make_room_item_html($link, $current_area, $current_room, $year, $month, $day)
{
global $vocab;
$out_html = '<br />' . PHP_EOL . '<div class="panel panel-default">' . PHP_EOL . '<div class="panel-heading">' . get_vocab("rooms") . get_vocab("deux_points") . '</div>' . PHP_EOL . '<div class="panel-body">' . PHP_EOL . '<form class="ressource" id="room_001" action="' . $_SERVER['PHP_SELF'] . '">' . PHP_EOL;
$sql = "SELECT id, room_name, description FROM " . TABLE_PREFIX . "_room WHERE area_id='" . protect_data_sql($current_area) . "' ORDER BY order_display,room_name";
$res = grr_sql_query($sql);
if ($res) {
for ($i = 0; $row = grr_sql_row($res, $i); $i++) {
if (verif_acces_ressource(getUserName(), $row[0])) {
$link2 = $link . '.php?year=' . $year . '&month=' . $month . '&day=' . $day . '&room=' . $row[0];
$link_all_room = 'week_all.php?year=' . $year . '&month=' . $month . '&day=' . $day . '&area=' . $current_area;
if (!isset($_GET['room'])) {
if (isset($all_ressource) && $all_ressource == 0) {
$out_html .= '<div class="panel-body">' . PHP_EOL . '<input id="item_select" class="btn btn-primary btn-lg btn-block" name="all_room" value="Toutes les ressources" onclick="location.href=\'' . $link_all_room . '\' ;charger();"/>' . PHP_EOL;
}
$out_html .= '<input class="btn btn-default btn-lg btn-block item" type="button" name="' . $row[0] . '" value="' . htmlspecialchars($row[1]) . '" onclick="location.href=\'' . $link2 . '\' ;charger();"/>' . PHP_EOL;
$all_ressource = 1;
} else {
if (isset($all_ressource) && $all_ressource == 0) {
$out_html .= '<input class="btn btn-primary btn-lg btn-block item" type="button" name="all_room" value="Toutes les ressources" onclick="location.href=\'' . $link_all_room . '\' ;charger();"/>' . PHP_EOL;
}
$all_ressource = 1;
if ($current_room == $row[0]) {
$out_html .= '<input class="btn btn-primary btn-lg btn-block item_select" type="button" name="' . $row[0] . '" value="' . htmlspecialchars($row[1]) . '" onclick="location.href=\'' . $link2 . '\';charger();"/>' . PHP_EOL;
} else {
$out_html .= '<input class="btn btn-default btn-lg btn-block item" type="button" name="' . $row[0] . '" value="' . htmlspecialchars($row[1]) . '" onclick="location.href=\'' . $link2 . '\' ;charger();"/>' . PHP_EOL;
}
}
}
}
}
$out_html .= '</form>' . PHP_EOL . '</div>' . PHP_EOL . '</div>' . PHP_EOL;
return $out_html;
}
* sorti de la boucle for
*/
$tplArray['vocab']['ressource_temporairement_indisponible'] = get_vocab('ressource_temporairement_indisponible');
$tplArray['vocab']['fiche_ressource'] = get_vocab('fiche_ressource');
$tplArray['vocab']['ressource_actuellement_empruntee'] = get_vocab('ressource actuellement empruntee');
$tplArray['vocab']['reservation_a_confirmer_au_plus_tard_le'] = get_vocab('reservation_a_confirmer_au_plus_tard_le');
$tplArray['vocab']['en_attente_moderation'] = get_vocab('en_attente_moderation');
$tplArray['vocab']['reservation_impossible'] = get_vocab('reservation_impossible');
$tplArray['vocab']['cliquez_pour_effectuer_une_reservation'] = get_vocab('cliquez_pour_effectuer_une_reservation');
$tplArray['vocab']['top_of_page'] = get_vocab('top_of_page');
$li = 0;
/* incrément des room accessibles, todo peut faire dvoublon avec $li, à refactoriser */
$incrementRoomAccessible = 0;
for ($ir = 0; $row = grr_sql_row($res, $ir); $ir++) {
/* un tour de boucle par room */
$verif_acces_ressource = verif_acces_ressource(getUserName(), $row['2']);
if ($verif_acces_ressource) {
/* l'incrément est différent de celui de la boucle si certaines room ne sont pas accessibles */
$acces_fiche_reservation = verif_acces_fiche_reservation(getUserName(), $row['2']);
$UserRoomMaxBooking = UserRoomMaxBooking(getUserName(), $row['2'], 1);
$authGetUserLevel = authGetUserLevel(getUserName(), -1);
$auth_visiteur = auth_visiteur(getUserName(), $row['2']);
$tplArray['rooms'][$incrementRoomAccessible]['id'] = $row[2];
$tplArray['rooms'][$incrementRoomAccessible]['capacity'] = $row[1];
$tplArray['rooms'][$incrementRoomAccessible]['description'] = $row[3];
//echo '<tr>'.PHP_EOL;
/* remplacé par la class "table_stripped de bootstrap */
/*if ($ir % 2 == 1) {
echo tdcell('cell_hours');
} else {
echo tdcell('cell_hours2');
}
echo '<h4 class="titre">' . ucfirst($this_area_name) . ' - ' . get_vocab("all_areas") . '<br>' . ucfirst(utf8_strftime("%B %Y", $month_start)) . ' </h4>' . PHP_EOL;
if ($_GET['pview'] != 1) {
echo ' <a href="month_all2.php?year=' . $year . '&month=' . $month . '&area=' . $area . '"><img src="img_grr/change_view.png" alt="' . get_vocab("change_view") . '" title="' . get_vocab("change_view") . '" class="image" /></a>' . PHP_EOL;
}
echo '</div>' . PHP_EOL;
if (isset($_GET['precedent'])) {
if ($_GET['pview'] == 1 && $_GET['precedent'] == 1) {
echo '<span id="lienPrecedent">' . PHP_EOL;
echo '<button class="btn btn-default btn-xs" onclick="charger();javascript:history.back();">Précedent</button>' . PHP_EOL;
echo '</span>' . PHP_EOL;
}
}
echo '<div class="contenu_planning">' . PHP_EOL;
for ($i = 0; $row = grr_sql_row($res, $i); $i++) {
$verif_acces_ressource[$row[10]] = verif_acces_ressource(getUserName(), $row[10]);
$acces_fiche_reservation[$row[10]] = verif_acces_fiche_reservation(getUserName(), $row[10]);
$t = max((int) $row[0], $month_start);
$end_t = min((int) $row[1], $month_end);
$day_num = date("j", $t);
if ($enable_periods == 'y') {
$midnight = mktime(12, 0, 0, $month, $day_num, $year);
} else {
$midnight = mktime(0, 0, 0, $month, $day_num, $year);
}
while ($t < $end_t) {
$d[$day_num]["id"][] = $row[2];
$d[$day_num]["id_room"][] = $row[10];
if (Settings::get("display_info_bulle") == 1) {
$d[$day_num]["who"][] = get_vocab("reservee au nom de") . affiche_nom_prenom_email($row[4], $row[9], "nomail");
} else {
}
if (!verif_qui_peut_reserver_pour($room_id, getUserName(), $beneficiaire)) {
$error_qui_peut_reserver_pour = 'yes';
}
if (!verif_heure_debut_fin($starttime, $endtime, $area)) {
$error_heure_debut_fin = 'yes';
}
if (resa_est_hors_reservation2($starttime, $endtime, $area)) {
$error_heure_debut_fin = 'yes';
}
}
$statut_room = grr_sql_query1('SELECT statut_room from ' . TABLE_PREFIX . "_room where id = '{$room_id}'");
if ($statut_room == '0' && authGetUserLevel(getUserName(), $room_id) < 3) {
$error_booking_room_out = 'yes';
}
if (!verif_acces_ressource(getUserName(), $room_id)) {
$error_booking_room_out = 'yes';
}
}
$err = '';
if ($error_booking_in_past == 'no' && $error_chevaussement == 'no' && $error_duree_max_resa_area == 'no' && $error_delais_max_resa_room == 'no' && $error_delais_min_resa_room == 'no' && $error_date_option_reservation == 'no' && $error_qui_peut_reserver_pour == 'no' && $error_heure_debut_fin == 'no') {
foreach ($_GET['rooms'] as $room_id) {
if ($rep_type != 0 && !empty($reps)) {
if (count($reps) < $max_rep_entrys) {
$diff = $endtime - $starttime;
for ($i = 0; $i < count($reps); ++$i) {
if (isset($_GET['del_entry_in_conflict']) && $_GET['del_entry_in_conflict'] == 'yes') {
grrDelEntryInConflict($room_id, $reps[$i], $reps[$i] + $diff, $ignore_id, $repeat_id, 0);
}
if ($i == count($reps) - 1) {
$tmp = mrbsCheckFree($room_id, $reps[$i], $reps[$i] + $diff, $ignore_id, $repeat_id);
/**
* Menu gauche affichage des room via select.
*
* @param string $link
* @param string $current_area
* @param string $current_room
* @param string $year
* @param string $month
* @param string $day
*
* @return string
*/
function make_room_selection_fields($link, $current_area, $current_room, $year, $month, $day, $fieldType)
{
global $twig;
$tplArray['fieldType'] = $fieldType;
$tplArray['vocab']['rooms'] = get_vocab('rooms');
$tplArray['vocab']['all_rooms'] = get_vocab('all_rooms');
$tplArray['formAction'] = urlencode(strip_tags($_SERVER['PHP_SELF']));
$tplArray['linkToAllRoom'] = $link . '_all.php?year=' . $year . '&month=' . $month . '&day=' . $day . '&area=' . $current_area;
/*$out_html = '<b><i>'.get_vocab('rooms').get_vocab('deux_points').'</i></b><br /><form id="room_001" action="'.$_SERVER['PHP_SELF'].'"><div><select class="form-control" name="room" onchange="room_go()">';
$out_html .= '<option value="'.$link."_all.php?year=$year&month=$month&day=$day&area=$current_area\">".get_vocab('all_rooms').'</option>';*/
$sql = 'select id, room_name, description from ' . TABLE_PREFIX . "_room WHERE area_id='" . protect_data_sql($current_area) . "' order by order_display,room_name";
$res = grr_sql_query($sql);
if ($res) {
for ($i = 0; $row = grr_sql_row($res, $i); ++$i) {
if (verif_acces_ressource(getUserName(), $row[0])) {
if ($row[2]) {
$temp = ' (' . mb_substr($row[2], 0, 10) . '... )';
} else {
$temp = '';
}
$tplArray['rooms'][$i]['linkToRoom'] = $link . '.php?year=' . $year . '&month=' . $month . '&day=' . $day . '&room=' . $row[0];
$tplArray['rooms'][$i]['txtOption'] = htmlspecialchars(strip_tags($row[1] . $temp));
/*if ($row[0] == $current_area) {*/
$tplArray['rooms'][$i]['current'] = $row[0] == $current_area ? true : false;
//$selected = ($row[0] == $current_room) ? 'selected="selected"' : '';
//$link2 = $link.'.php?year='.$year.'&month='.$month.'&day='.$day.'&room='.$row[0];
//$out_html .= "<option $selected value=\"$link2\">".htmlspecialchars($row[1].$temp).'</option>'.PHP_EOL;
}
}
}
/*$out_html .= '</select>'.PHP_EOL;
$out_html .= '</div>'.PHP_EOL;
$out_html .= '<script type="text/javascript">'.PHP_EOL;
$out_html .= 'function room_go()'.PHP_EOL;
$out_html .= ' {'.PHP_EOL;
$out_html .= 'box = document.getElementById("room_001").room;'.PHP_EOL;
$out_html .= 'destination = box.options[box.selectedIndex].value;'.PHP_EOL;
$out_html .= 'if (destination) location.href = destination;'.PHP_EOL;
$out_html .= '}'.PHP_EOL;
$out_html .= '</script>'.PHP_EOL;
$out_html .= '<noscript>'.PHP_EOL;
$out_html .= '<div>'.PHP_EOL;
$out_html .= '<input type="submit" value="Change" />'.PHP_EOL;
$out_html .= '</div>'.PHP_EOL;
$out_html .= '</noscript>'.PHP_EOL;
$out_html .= '</form>'.PHP_EOL;*/
return $tplArray;
//return $twig->render('forms/roomFields.html.twig', $tplArray);
//return $out_html;
}
// Resume session
include "include/resume_session.php";
// Paramètres langage
include "include/language.inc.php";
$id_room = isset($_GET["id_room"]) ? $_GET["id_room"] : NULL;
if (isset($id_room)) {
settype($id_room, "integer");
} else {
$print = "all";
}
if (Settings::get("authentification_obli") == 0 && getUserName() == '') {
$type_session = "no_session";
} else {
$type_session = "with_session";
}
if (authGetUserLevel(getUserName(), -1) < 1 && Settings::get("authentification_obli") == 1 || !verif_acces_ressource(getUserName(), $id_room)) {
showAccessDenied('');
exit;
}
echo begin_page(get_vocab("mrbs") . get_vocab("deux_points") . Settings::get("company"));
$res = grr_sql_query("SELECT * FROM " . TABLE_PREFIX . "_room WHERE id={$id_room}");
if (!$res) {
fatal_error(0, get_vocab('error_room') . $id_room . get_vocab('not_found'));
}
$row = grr_sql_row_keyed($res, 0);
grr_sql_free($res);
echo "<h3 style=\"text-align:center;\">";
echo get_vocab("room") . get_vocab("deux_points") . " " . htmlspecialchars($row["room_name"]);
$id_area = mrbsGetRoomArea($id_room);
$area_name = grr_sql_query1("select area_name from " . TABLE_PREFIX . "_area where id='" . $id_area . "'");
$area_access = grr_sql_query1("select access from " . TABLE_PREFIX . "_area where id='" . $id_area . "'");
$long_chaine_a_supprimer = strlen(strstr($retour_page,"&msg=")); // longueur de la chaine à partir de la première occurence de &msg=
if ($long_chaine_a_supprimer==0) $long_chaine_a_supprimer = strlen(strstr($retour_page,"?msg="));
$long = strlen($retour_page) - $long_chaine_a_supprimer;
$retour_page = substr($retour_page,0,$long);
}
$day = date("d");
$month = date("m");
$year = date("Y");
// modification d'une resource : admin ou gestionnaire
if (authGetUserLevel(getUserName(),-1) < 6)
{
if (isset($room))
{
// Il s'agit d'une modif de ressource
if (((authGetUserLevel(getUserName(),$room) < 3)) or (!verif_acces_ressource(getUserName(), $room))) {
showAccessDenied($day, $month, $year, '',$back);
exit();
}
} else {
if (isset($area_id)) {
// On vérifie que le domaine $area_id existe
$test = grr_sql_query1("select id from ".TABLE_PREFIX."_area where id='".$area_id."'");
if ($test == -1) {
showAccessDenied($day, $month, $year, '',$back);
exit();
}
// Il s'agit de l'ajout d'une ressource
// On vérifie que l'utilisateur a le droit d'ajouter des ressources
if ((authGetUserLevel(getUserName(),$area_id,'area') < 4)) {
showAccessDenied($day, $month, $year, '',$back);
}
};
// Paramètres langage
include "include/language.inc.php";
if ((getSettingValue("authentification_obli")==0) and (getUserName()=='')) {
$type_session = "no_session";
} else {
$type_session = "with_session";
}
$id_room = isset($_GET["id_room"]) ? $_GET["id_room"] : NULL;
if (isset($id_room)) settype($id_room,"integer");
if ((authGetUserLevel(getUserName(),$id_room) < 4) or (!verif_acces_ressource(getUserName(), $id_room)))
{
$day = date("d");
$month = date("m");
$year = date("Y");
showAccessDenied($day, $month, $year, '','');
exit();
}
echo begin_page(getSettingValue("company").get_vocab("deux_points").get_vocab("mrbs"));
$res = grr_sql_query("SELECT * FROM ".TABLE_PREFIX."_room WHERE id=$id_room");
if (! $res) fatal_error(0, get_vocab('error_room') . $id_room . get_vocab('not_found'));
$row = grr_sql_row_keyed($res, 0);
grr_sql_free($res);
// Paramètres langage
include "include/language.inc.php";
$id_room = isset($_GET["id_room"]) ? $_GET["id_room"] : NULL;
if (isset($id_room)) settype($id_room,"integer");
else
$print = "all";
if ((getSettingValue("authentification_obli")==0) and (getUserName()=='')) {
$type_session = "no_session";
} else {
$type_session = "with_session";
}
if(((authGetUserLevel(getUserName(),-1) < 1) and (getSettingValue("authentification_obli")==1)) or (!verif_acces_ressource(getUserName(), $id_room)))
{
$day = date("d");
$month = date("m");
$year = date("Y");
showAccessDenied($day, $month, $year, '','');
exit();
}
echo begin_page(get_vocab("mrbs").get_vocab("deux_points").getSettingValue("company"));
$res = grr_sql_query("SELECT * FROM ".TABLE_PREFIX."_room WHERE id=$id_room");
if (! $res) fatal_error(0, get_vocab('error_room') . $id_room . get_vocab('not_found'));
$row = grr_sql_row_keyed($res, 0);
grr_sql_free($res);
function make_room_list_html($link,$current_area, $current_room, $year, $month, $day) {
global $vocab;
echo "<b><i><span class=\"bground\">".get_vocab("rooms").get_vocab("deux_points")."</span></i></b><br />";
$sql = "select id, room_name, description from ".TABLE_PREFIX."_room where area_id='".protect_data_sql($current_area)."' order by order_display,room_name";
$res = grr_sql_query($sql);
if ($res) for ($i = 0; ($row = grr_sql_row($res, $i)); $i++)
{
// On affiche uniquement les ressources autorisées
if (verif_acces_ressource(getUserName(), $row[0])) {
if ($row[0] == $current_room)
{
echo "<b><span class=\"week\">> ".grr_htmlSpecialChars($row[1])."</span></b><br />\n";
} else {
echo "<a href=\"".$link."?year=$year&month=$month&day=$day&&room=$row[0]\">".grr_htmlSpecialChars($row[1]). "</a><br />\n";
}
}
}
}
} else {
echo affiche_heure_creneau($t,$resolution)."</td>\n";
$tab[$tab_ligne][] = affiche_heure_creneau($t,$resolution);
}
echo "</tr>\n";
reset($rooms);
$tab_ligne++;
}
// répétition de la ligne d'en-tête
echo "<tr>\n<th> </th>";
for ($i = 0; $i < $nbcol; $i++)
{
// On affiche pas toutes les ressources
if (verif_acces_ressource(getUserName(), $id_room[$i])) {
echo "<th";
if ($statut_room[$id_room[$i]] == "0") echo " class='avertissement' ";
echo ">" . grr_htmlSpecialChars($room_name[$i])."</th>";
}
}
echo "<th> </th></tr>\n";
echo "</table>";
show_colour_key($area);
}
grr_sql_free($res);
/*
echo "<table border=\"1\">";
foreach ($tab as $cle => $value) {
echo "<tr>";
