Example #1
0
 /**
  * \brief return  the access to a folder,
  * \param $p_dossier id if it is == 0 then we take the value from $_SESSION
  * \return the priv_priv
  *          - X no access
  *          - R has access (normal user)
  *
  */
 function get_folder_access($p_dossier = 0)
 {
     if ($p_dossier == 0) {
         $p_dossier = dossier::id();
     }
     if ($this->admin == 1) {
         return 'R';
     }
     $cn = new Database();
     $sql = "select 'R' from jnt_use_dos where use_id=\$1 and dos_id=\$2";
     $res = $cn->get_value($sql, array($this->id, $p_dossier));
     if ($cn->get_affected() == 0) {
         return 'X';
     }
     return $res;
 }
Example #2
0
Cordialement,

Noalyss team
      
EOF;
        $mail->set_message($message);
        $mail->compose();
        $mail->send();
        echo '<p style="position:absolute;z-index:2;top:25px;left: 50px; background-color:whitesmoke;">
L\'email a été envoyé avec un lien et le nouveau mot de passe, vérifiez vos spams</p>';
    }
} elseif ($action == "req") {
    $request_id = HtmlInput::default_value_request("req", "");
    if (strlen(trim($request_id)) == SIZE_REQUEST) {
        require_once NOALYSS_INCLUDE . '/class_database.php';
        $cn = new Database(0);
        $value = $cn->get_value("select password from recover_pass where request=\$1 and created_on > now() - interval '12 hours' and recover_on is null", array($request_id));
        if ($cn->get_affected() > 0) {
            $cn->exec_sql("update ac_users set use_pass=md5(rp.password) from recover_pass as rp where rp.use_id=ac_users.use_id and request=\$1", array($request_id));
            $cn->exec_sql("update recover_pass set recover_by=\$1 , recover_on=now() where request=\$2", array($_SERVER['REMOTE_ADDR'], $request_id));
            ?>
    <p style="position:absolute;z-index:2;top:25px;left: 50px; background-color:whitesmoke;">
            Opération réussie , vous pouvez vous connecter avec votre nouveau mot de passe
             
    </p>
            <?php 
        }
    } else {
        die("Requête inconnue");
    }
}