function developer_index()
{
//Securité : sortir les gens malhonnêtes
if (isset($_REQUEST['appli'])) {
modexec('syscore', 'forbidden');
}
$cli = new Modele('api_clients');
if (hasAcl(ACL_SUPERUSER)) {
$cli->find();
} else {
$cli->find(array('ac_owner' => $_SESSION['user']['user_id']));
}
$cli->appendTemplate('clients');
display();
}
function bulletin_edit($period_id)
{
global $tpl, $root;
if (isset($_POST['send'])) {
foreach ($_POST as $key => $value) {
$parsed = explode(';', $key, 2);
if (count($parsed) == 2) {
list($user, $field) = $parsed;
$usrblt = new Modele('bulletin_user');
$usrblt->find(array('bu_period' => $period_id, 'bu_user' => $user));
if ($usrblt->next()) {
$data = unserialize($usrblt->bu_data);
foreach ($data as &$mark) {
if ($mark['label'] == $field) {
$mark['duration'] = $value;
}
}
$usrblt->bu_data = serialize($data);
}
}
}
redirect("admin_note", "viewbulletin", array("id" => $period_id, "hsuccess" => 1));
}
bulletin_toTemplate($period_id);
$tpl->display($root . 'libs/bulletins/epitech/edit.tpl');
}
function _trip_update($ufile)
{
$total = $ufile->tu_type->tt_price;
$opt = new Modele('trip_option_userfile');
$opt->find(array('too_userfiles' => $ufile->getKey()));
while ($opt->next()) {
$total += $opt->tou_option->too_price;
}
$chq = new Modele('trip_cheq');
$totalPay = 0;
$totalCaution = 0;
$chq->find(array('tq_file' => $ufile->getKey()));
while ($chq->next()) {
if ($chq->raw_tq_type == 'PAYMENT') {
$totalPay += $chq->tq_amount;
} else {
$totalCaution += $chq->tq_amount;
}
}
if ($totalPay >= $total && $ufile->raw_tu_payment != 'YES') {
$ufile->tu_payment = 'YES';
}
if ($totalCaution >= $ufile->tu_trip->tr_caution && $ufile->raw_tu_caution != 'YES') {
$ufile->tu_caution = 'YES';
}
if ($ufile->raw_tu_payment == 'YES' && $ufile->raw_tu_caution == 'YES' && $ufile->tu_step == 5) {
$ufile->tu_step = 9;
}
}
/**
* Controleur page d'index admin
* Permet l'affichage de la page d'administration des droits d'accès.
*/
function admin_index()
{
global $pdo, $tpl;
$sql = $pdo->prepare('SELECT * FROM acces WHERE acl_action != "index" AND acl_action != "admin" ORDER BY acl_action ASC, acl_page ASC');
$sql->execute();
$conf = array();
while ($line = $sql->fetch()) {
if (!isset($conf[$line['acl_action']])) {
$conf[$line['acl_action']] = array();
}
$conf[$line['acl_action']][] = $line;
}
$groups = new Modele('sections');
$groups->find();
while ($groups->next()) {
$tpl->append('grps', $groups->toArray());
}
$aclGrps = new Modele('access_groups');
$aclGrps->find();
$aclGrpsRslt = array();
while ($aclGrps->next()) {
if (!isset($aclGrpsRslt[$aclGrps->raw_ag_access])) {
$aclGrpsRslt[$aclGrps->raw_ag_access] = array();
}
$aclGrpsRslt[$aclGrps->raw_ag_access][] = $aclGrps->raw_ag_group;
}
$tpl->assign('aclGrps', $aclGrpsRslt);
$tpl->assign('acls', $conf);
$tpl->display('admin_index.tpl');
quit();
}
function compta_index()
{
global $tpl;
$mdl = new Modele('user_accounts');
$mdl->find(array('ua_user' => $_SESSION['user']['user_id']));
$accounts = array(array('ua_id' => 0, 'ua_identifier' => 'Chèque', 'ua_type' => 'cheq', 'ua_number' => ''));
while ($mdl->next()) {
$accounts[] = $mdl->toArray();
}
$tpl->assign('accounts', $accounts);
display();
}
function bocal_update()
{
global $srcdir;
include $srcdir . '/libs/bocal.php';
$mdl = new Modele('event_bocal');
$mdl->find();
$boc = new Bocal();
while ($mdl->next()) {
$boc->getTicket($mdl->eb_ticket);
$boc->updateDB($mdl->getKey());
}
echo "ok";
}
function note_viewp()
{
global $tpl;
$period = new Modele('periods');
$period->fetch($_REQUEST['period']);
$tpl->assign('period', $period);
$mdl = new Modele('marks');
$mdl->find(array('mark_user' => $_SESSION['user']['user_id'], 'mark_period' => $period->getKey()));
while ($mdl->next()) {
$tpl->append('marks', new Modele($mdl));
}
display();
}
/**
* Fichier administration du wifi
*/
function wifi_tokens()
{
global $pdo, $tpl;
$mdl = new Modele('wifi_tokenGroup');
$mdl->find();
while ($mdl->next()) {
$line = $mdl->toArray();
$stmt = $pdo->prepare('SELECT COUNT(*) FROM wifi_tokens WHERE wt_group = ?');
$stmt->bindValue(1, $mdl->wtg_id);
$stmt->execute();
$rst = $stmt->fetch();
$line['sum'] = $rst[0];
$stmt = $pdo->prepare('SELECT COUNT(*) FROM wifi_tokens WHERE wt_group = ? AND wt_assign IS NOT NULL');
$stmt->bindValue(1, $mdl->wtg_id);
$stmt->execute();
$rst = $stmt->fetch();
$line['used'] = $rst[0];
$tpl->append("lines", $line);
}
display();
}
function index_password_change()
{
global $tpl;
if (!isset($_GET['valid']) || $_GET['valid'] != $_SESSION['index_password_code']) {
$tpl->assign('hsuccess', false);
modexec('index');
}
$mdl = new Modele('users');
$mdl->find(array('user_email' => $_SESSION['index_password_email']));
$mdl->next();
if (isset($_POST['pwd1'])) {
$success = $mdl->modFrom(array('user_pass' => $_POST['pwd1']), false);
$tpl->assign('hsuccess', $success);
if ($success) {
unset($_SESSION['index_password_code']);
$_SESSION['user'] = $mdl->toArray();
$_SESSION['user']['role'] = aclFromText($mdl->raw_user_role);
$tpl->assign('_user', $_SESSION['user']);
modexec('index');
}
}
$tpl->assign('user', $mdl);
display();
}
function user_check()
{
global $tpl;
$mdt = new Modele('mandate');
$mdt->find(array('mandate_select' => 'TRUE'));
$tpl->assign('mandates', array());
if (isset($_POST['idfiche'])) {
$tpl->assign('hsuccess', user_add_mandate($_POST['idfiche'], $_POST['mandate']));
}
while ($l = $mdt->next()) {
$tpl->append('mandates', $l);
}
display();
}
/**
* Uninstall ACLs
*/
private function _uninstallAcls()
{
if (!isset($this->defs['acces'])) {
return;
}
foreach ($this->defs['acces'] as $action => $pages) {
foreach ($pages as $page => $acl) {
$mdl = new Modele('acces');
$mdl->find(array('acl_page' => $page, 'acl_action' => $action));
if ($mdl->next()) {
$mdl->delete();
}
}
}
}
function tripadm_order()
{
global $tpl;
$ufile = _tripadm_load();
$total = $ufile->tu_type->tt_price;
$opt = new Modele('trip_option_userfile');
$opt->find(array('too_userfiles' => $ufile->getKey()));
while ($opt->next()) {
$tpl->append('opts', new Modele($opt));
$total += $opt->tou_option->too_price;
}
$chq = new Modele('trip_cheq');
$totalPay = 0;
$totalCaution = 0;
$chq->find(array('tq_file' => $ufile->getKey()));
while ($chq->next()) {
$tpl->append('chqs', new Modele($chq));
if ($chq->raw_tq_type == 'PAYMENT') {
$totalPay += $chq->tq_amount;
} else {
$totalCaution += $chq->tq_amount;
}
}
$tpl->assign('total', $total);
$tpl->assign('paiement', $totalPay);
$tpl->assign('caution', $totalCaution);
display();
}
function ml_execUpdate()
{
$section = new Modele('sections');
$section->find('section_ml != ""');
$api = new GoogleApi();
while ($section->next()) {
$toAdd = array();
$toDelete = array();
$Lmembers = new Modele('user_sections');
$Lmembers->find(array('us_section' => $section->getKey(), 'us_type' => 'manager'));
while ($Lmembers->next()) {
$toAdd[] = strtolower($Lmembers->us_user->user_email);
}
$reelMembers = $api->getGroupMembers($section->section_ml);
if (isset($reelMembers->members)) {
foreach ($reelMembers->members as $member) {
$key = array_keys($toAdd, strtolower($member->email));
if (strpos($member->email, 'save_') !== 0) {
//Skip sauvegarde
if ($member->type == "GROUP") {
continue;
} elseif (count($key) == 0) {
$toDelete[] = strtolower($member->email);
} else {
unset($toAdd[$key[0]]);
}
}
}
}
foreach ($toAdd as $mail) {
$api->addGroupMember($section->section_ml, $mail);
}
foreach ($toDelete as $mail) {
$api->delGroupMember($section->section_ml, $mail);
}
}
redirect('ml', 'autoUpdate');
}
function admin_note_addbulletin()
{
global $pdo, $root, $tpl;
if (isset($_REQUEST['period'])) {
$mdl = new Modele("periods");
$mdl->fetch($_REQUEST['period']);
$_REQUEST['generator'] = basename($_REQUEST['generator']);
require $root . 'libs' . DS . 'bulletins' . DS . $_REQUEST['generator'] . DS . 'bulletin.php';
bulletin_add($mdl->period_id);
$mdl->period_state = 'DRAFT';
$mdl->period_generator = $_REQUEST['generator'];
redirect('admin_note', 'bulletin', array('hsuccess' => 1));
}
$mdl = new Modele("periods");
$mdl->find(array("period_state" => "ACTIVE"));
$mdl->appendTemplate('periods');
foreach (scandir($root . 'libs' . DS . 'bulletins') as $generator) {
if (is_dir($root . 'libs' . DS . 'bulletins' . DS . $generator) && $generator[0] != '.') {
$tpl->append('generators', $generator);
}
}
display();
}
function ftp_add()
{
global $tpl, $pdo;
$grp = new Modele('sections');
$grp->find();
while ($grp->next()) {
if (hasAcl(ACL_ADMINISTRATOR) || isset($_SESSION['user']['sections'][$grp->section_id]) && $_SESSION['user']['sections'][$grp->section_id]['us_type'] == 'manager') {
$tpl->append('groups', $grp->toArray());
}
}
if (isset($_POST['user'])) {
$sqlUsr = $pdo->prepare('SELECT * FROM users WHERE user_name LIKE ?');
$sqlUsr->bindValue(1, $_POST['member']);
$sqlUsr->execute();
if ($sqlUsr->rowCount() == 0) {
$tpl->assign('error', 'Utilisateur INTRA introuveable.');
display();
} elseif (!hasAcl(ACL_ADMINISTRATOR) && (!isset($_SESSION['user']['sections'][$_POST['section']]) || $_SESSION['user']['sections'][$_POST['section']]['us_type'] != 'manager')) {
$tpl->assign('error', 'Groupe introuveable.');
display();
} elseif (strlen($_POST['pass']) < 8) {
$tpl->assign('error', 'Le mot de passe doit faire au moins 8 caractères.');
display();
} else {
$add = new Modele('ftp_users');
$user = $sqlUsr->fetch();
$tpl->assign('hsuccess', $add->addFrom(array('fu_user' => 'toy_' . $_POST['user'], 'fu_pass' => $_POST['pass'], 'fu_section' => $_POST['section'], 'fu_member' => $user['user_id'], 'fu_path' => '/home/ftp/toyunda/timeurs/')));
$usr = escapeshellarg($_POST['user']);
$pwd = escapeshellarg($_POST['pass']);
_ftp_exec("sudo /opt/scripts/adduser.sh {$usr} {$pwd}");
display();
}
}
display();
}
function trip_opt_list()
{
global $tpl;
$mod = new Modele('trip_options');
$mod->fetch($_GET['option']);
$mod->assignTemplate('option');
$mdl = $mod->topt_trip;
$mdl->assignTemplate('trip');
$opt = new Modele('trip_option_options');
$opt->find(array('too_option' => $mod->getKey()));
$opt->appendTemplate('ooptions');
display();
}
function event_staff_add()
{
global $pdo;
// Autocomplete
if (isset($_GET['format']) && $_GET['format'] == 'json') {
$sql = $pdo->prepare("SELECT user_name, user_firstname, user_lastname FROM users WHERE user_name LIKE :term OR user_firstname LIKE :term OR user_lastname LIKE :term ORDER BY user_name ASC LIMIT 10");
$sql->bindValue('term', "%{$_GET['term']}%");
$sql->execute();
echo json_encode($sql->fetchAll(PDO::FETCH_ASSOC));
quit();
}
if (isset($_POST['login'])) {
$mdl = new Modele('event_staff');
$usr = $pdo->prepare('SELECT user_id FROM users WHERE user_name = ?');
foreach (explode(',', $_POST['login']) as $login) {
$usr->bindValue(1, trim($login));
$usr->execute();
$usrDetails = $usr->fetch();
if ($usrDetails !== false) {
$mdl->find(array('est_user' => $usrDetails['user_id'], 'est_event' => $_REQUEST['event'], 'est_section' => $_REQUEST['section']));
if ($mdl->next()) {
$mdl->est_status = 'OK';
} else {
$mdl->addFrom(array('est_user' => $usrDetails['user_id'], 'est_event' => $_REQUEST['event'], 'est_section' => $_REQUEST['section'], 'est_status' => 'OK'));
}
}
}
redirect('event', 'staff', array('section' => $_REQUEST['section'], 'event' => $_REQUEST['event'], 'hsuccess' => 1));
}
}
function api_userinfo()
{
$usr = _api_getUser();
if ($usr === null) {
return;
}
$infos = array('sub' => $usr->user_id, 'name' => $usr->user_name, 'given_name' => $usr->user_firstname, 'family_name' => $usr->user_lastname, 'nickname' => $usr->user_name, 'email' => $usr->user_email, 'email_verified' => false, 'gender' => $usr->user_sexe == 'GIRL' ? 'female' : 'male', 'birthdate' => $usr->user_born, 'phone_number' => $usr->user_phone, 'phone_number_verified' => false, 'acl' => $usr->raw_user_role, 'groups' => array());
$sections = new Modele('user_sections');
$sections->find(array('us_user' => $usr->getKey()));
while ($sections->next()) {
$infos['groups'][] = array('gid' => $sections->us_section->section_id, 'name' => $sections->us_section->section_name, 'role' => $sections->raw_us_type);
}
echo json_encode($infos);
quit();
}
function cards_delbundle()
{
$bdl = new Modele('cardbundle');
$bdl->fetch($_GET['bundle']);
$crd = new Modele('card');
$crd->find(array('card_bundle' => $bdl->getKey()));
while ($crd->next()) {
$crd->card_bundle = null;
$crd->card_status = 'WAIT';
}
$bdl->delete();
redirect('cards');
}
function tripusr_step4()
{
global $tpl;
$ufile = _tripusr_load();
if ($ufile->tu_step != 4) {
redirect('tripusr', 'continue', array('file' => $ufile->getKey()));
}
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
if (isset($_POST["next"])) {
$bill = new Modele('trip_types');
$bill->fetch($_POST['ticket']);
switch ($bill->raw_tt_restriction) {
case 'ALL':
$ufile->tu_type = $bill->getKey();
$ufile->tu_price = $bill->tt_price;
$ufile->tu_step = 5;
redirect('tripusr', 'step5', array('file' => $ufile->getKey()));
break;
case 'USER':
$ufile->tu_type = $bill->getKey();
if (aclFromText($_SESSION['user']['user_role']) >= ACL_USER) {
$ufile->tu_price = $bill->tt_price;
$ufile->tu_step = 5;
redirect('tripusr', 'step5', array('file' => $ufile->getKey()));
}
break;
default:
echo 'ERROR: not implemented';
quit();
break;
}
}
/* else {
$questions = new Modele('trip_options');
$questions->find(array('topt_trip' => $ufile->raw_tu_trip));
// Pas de complements, go back etape 2
if ($questions->count() == 0) {
$ufile->tu_step = 2;
redirect('tripusr', 'step2', array('file' => $ufile->getKey()));
} else {
$ufile->tu_step = 3;
redirect('tripusr', 'step3', array('file' => $ufile->getKey()));
}
} */
}
$tickets = new Modele('trip_types');
$tickets->find(array('tt_trip' => $ufile->raw_tu_trip));
$tickets->appendTemplate('tickets');
display();
}
function section_admin_ml_noadmin()
{
global $tpl, $srcdir, $pdo;
include $srcdir . '/libs/GoogleApi.php';
$api = new GoogleApi();
$mdl = new Modele('sections');
$mdl->fetch($_REQUEST['section']);
$mdl->assignTemplate('section');
$lnk = new Modele('section_ml');
$lnk->find(array('sm_section' => $_REQUEST['section'], 'sm_ml' => $_REQUEST['ml']));
$mbr = $api->getGroupMemberDetails($_REQUEST['ml'], $_REQUEST['member']);
if (!$lnk->next() || strpos($_REQUEST['member'], 'save_') === 0 || $mbr->type == "GROUP") {
modexec('syscore', 'forbidden');
}
$api->setGroupMemberLevel($lnk->sm_ml, $_REQUEST['member'], 'MEMBER');
redirect("section", "admin_ml", array("hsuccess" => 1, "section" => $_REQUEST['section'], "ml" => $lnk->sm_ml));
}
function reverse($model)
{
$infos = mdle_need_desc($model);
foreach ($infos['fields'] as $name => $f) {
if ($f['type'] == 'external' && $f['table'] == $this->getName()) {
$mdl = new Modele($model);
$mdl->find(array($name => $this->getKey()));
return $mdl;
}
}
return false;
}
