} ?> </select> <input type="text" name="na2" size="4" value="<?php if (isset($_REQUEST['na2'])) { echo $_REQUEST['na2']; } ?> " /></p> <p><input type="button" value="Filtrar" onClick="document.getElementById('frm_filtro').action = 'logs.php'; document.getElementById('frm_filtro').submit();" /><input type="button" value="Baixar relatório" onClick="document.getElementById('frm_filtro').action = 'log_csv.php'; document.getElementById('frm_filtro').submit();" /></p> </form> <?php $filtro = ''; if (!empty($_REQUEST['ev'])) { $filtro .= (empty($filtro) ? '' : ' AND ') . "ev_id = '" . $db->AddSlashes($_REQUEST['ev']) . "'"; } if (!empty($_REQUEST['usu'])) { $filtro .= (empty($filtro) ? '' : ' AND ') . "usu_id = '" . $db->AddSlashes($_REQUEST['usu']) . "'"; } if (!empty($_REQUEST['nd']) && !empty($_REQUEST['nm']) && !empty($_REQUEST['na'])) { if (is_numeric($_REQUEST['na'])) { $d = intval($_REQUEST['nd'], 10); $m = intval($_REQUEST['nm'], 10); $a = intval($_REQUEST['na'], 10); if ($a < 100) { $a += 1900; } $dt = sprintf("%04d-%02d-%02d", $a, $m, $d); if (!empty($_REQUEST['nd2']) && !empty($_REQUEST['nm2']) && !empty($_REQUEST['na2'])) { if (is_numeric($_REQUEST['na2'])) {
//barra do governo full - largura 100% #require_once ('http://www.saopaulo.sp.gov.br/barrasp/barrasp_full.htm'); require_once "includes/cabecalho.php"; ?> <body> <?php $idCurrent = "Administrar"; require 'includes/menu.php'; ?> <div class="container"> <div class="content"> <img src="img/logo_snaids.gif"/><br/><br/> <?php if (!empty($_REQUEST['usu_nome'])) { if (!empty($_REQUEST['usu_id'])) { $db->Query("INSERT INTO tb_log (ev_id, usu_id, log_det) VALUES (6, {$_SESSION['user']['usu_id']}, '" . $db->AddSlashes("Usuário alterado: " . $_REQUEST['usu_nome']) . "')"); $db->Query("UPDATE tb_usuario SET usu_nome = '" . $db->AddSlashes($_REQUEST['usu_nome']) . "', usu_email = '" . $db->AddSlashes($_REQUEST['usu_email']) . "', usu_login = '******'usu_login']) . "', usu_cpf = '" . $db->AddSlashes($_REQUEST['usu_cpf']) . "', usu_local = '" . $db->AddSlashes($_REQUEST['usu_local']) . "', usu_fun = '" . $db->AddSlashes($_REQUEST['usu_fun']) . "', usu_reg = '" . $db->AddSlashes($_REQUEST['usu_reg']) . "', usu_mun = '" . $db->AddSlashes($_REQUEST['usu_mun']) . "', usu_fone = '" . $db->AddSlashes($_REQUEST['usu_fone']) . "' WHERE usu_id = '" . $db->AddSlashes($_REQUEST['usu_id']) . "'"); echo "<p>Usuário alterado!</p>"; } else { $novasenha = GeraSenha(); $db->Query("INSERT INTO tb_log (ev_id, usu_id, log_det) VALUES (6, {$_SESSION['user']['usu_id']}, '" . $db->AddSlashes("Usuário criado: " . $_REQUEST['usu_nome']) . "')"); $db->Query("INSERT INTO tb_usuario (usu_nome, usu_email, usu_login, usu_password, usu_cpf, usu_local, usu_fun, usu_reg, usu_mun, usu_fone, usu_nivel, usu_ativo) VALUES ('" . $db->AddSlashes($_REQUEST['usu_nome']) . "', '" . $db->AddSlashes($_REQUEST['usu_email']) . "', '" . $db->AddSlashes($_REQUEST['usu_login']) . "', MD5('{$novasenha}'), '" . $db->AddSlashes($_REQUEST['usu_cpf']) . "', '" . $db->AddSlashes($_REQUEST['usu_local']) . "', '" . $db->AddSlashes($_REQUEST['usu_fun']) . "', '" . $db->AddSlashes($_REQUEST['usu_reg']) . "', '" . $db->AddSlashes($_REQUEST['usu_mun']) . "', '" . $db->AddSlashes($_REQUEST['usu_fone']) . "', " . ($_SESSION['user']['usu_nivel'] + 1) . ", 1)"); EnviaEmail($_REQUEST['usu_email'], $_REQUEST['usu_login'], $novasenha); echo "<p>Usuário criado e senha enviada por email!</p>"; } } if (isset($_REQUEST['ativar'])) { $a = intval($_REQUEST['ativar']); if ($a) { $log = "Ativando usuário: " . $_REQUEST['usu_id']; } else {
$d2 = intval($_REQUEST['nd2'], 10); $m2 = intval($_REQUEST['nm2'], 10); $a2 = intval($_REQUEST['na2'], 10); if ($a2 < 100) { $a2 += 1900; } $dt2 = sprintf("%04d%02d%02d", $a2, $m2, $d2); $find .= (empty($find) ? '' : ' AND ') . "(`dt_nasc` >= '{$dt}' AND `dt_nasc` <= '{$dt2}') "; $log .= "Data de nascimento entre {$d}/{$m}/{$a} e {$d2}/{$m2}/{$a2}\n"; } else { $find .= (empty($find) ? '' : ' AND ') . "`dt_nasc` = '{$dt}'"; $log .= "Data de nascimento: {$d}/{$m}/{$a}\n"; } } } $db->Query("INSERT INTO tb_log (ev_id, usu_id, log_det) VALUES (3, {$_SESSION['user']['usu_id']}, '" . $db->AddSlashes($log) . "')"); $nt_n = ''; $nt_w = ''; $found = false; $qfind = $db->AddSlashes($find); $rs = $db->Query("SELECT * FROM tb_cache WHERE hash = MD5('{$qfind}')"); if ($rs->RowCount()) { $row = $rs->Row(); if ($row['filter'] == $find) { $nt_n = $row['nt_n']; $nt_w = $row['nt_w']; $found = true; } } if (!$found) { $rs = $db->Query("SELECT id FROM `tb_net` WHERE {$find} ORDER BY nm_pacient, nm_mae_pac");
require_once 'includes/phpvortex/DB_MySQL.class.php'; require_once 'includes/conn.php'; $db = new DB_MySQL($db_conn); $db->Connect(); $db->Query("SET NAMES 'utf8'"); $db->Query("SET CHARACTER SET utf8"); session_start(); if (isset($_REQUEST['logout'])) { if (!empty($_SESSION['user'])) { $db->Query("INSERT INTO tb_log (ev_id, usu_id) VALUES (2, {$_SESSION['user']['usu_id']})"); } $_SESSION['user'] = array(); } if (isset($_REQUEST['user'])) { $rs = $db->Query("SELECT * FROM tb_usuario WHERE usu_login = '******'user']) . "' AND usu_password = '******'password']) . "' AND usu_ativo = 1"); if ($rs->RowCount() == 1) { $_SESSION['user'] = $rs->Row(); $_SESSION['ip'] = $_SERVER['REMOTE_ADDR']; $db->Query("UPDATE tb_usuario SET dt_ult_login = CURRENT_TIMESTAMP WHERE usu_id = {$_SESSION['user']['usu_id']}"); $db->Query("INSERT INTO tb_log (ev_id, usu_id) VALUES (1, {$_SESSION['user']['usu_id']})"); header("Location:consulta.php"); exit; } else { $erro = "Usuário ou Senha Inválidos"; } } //barra do governo full - largura 100% #require_once ('http://www.saopaulo.sp.gov.br/barrasp/barrasp_full.htm'); require_once "includes/cabecalho.php"; ?>
?> <div class="container"> <div class="content"> <img src="img/logo_snaids.gif"/><br/><br/> <div id="admin"> <p><a href="usuarios.php">Cadastro de usuários</a></p> <p><a href="logs.php">Relatórios</a></p> <p><a href="base.php">Atualização das bases de dados</a></p> </div> <br /> <?php if (!empty($_REQUEST['desativar'])) { $db = new DB_MySQL($db_conn); $db->Connect(); $db->Query("UPDATE tb_usuario SET usu_ativo = 0 WHERE DATEDIFF(NOW(), dt_ult_login) > '" . $db->AddSlashes($_REQUEST['desativar']) . "'"); ?> <p>Usuários desativados</p> <?php } else { ?> <form action="admin.php" method="post"> <label for="desativar">Desativar usuários que não acessam o sistema por mais de </label> <input type="text" name="desativar" value="365" size="3" /> dias <input type="submit" value="Desativar" /> </form> <?php } ?> </div> <?php require 'includes/rodape.php';
<?php require_once 'includes/phpvortex/DB_MySQL.class.php'; require_once 'includes/conn.php'; require_once 'includes/helper.php'; $db = new DB_MySQL($db_conn); $db->Connect(); $db->Query("SET NAMES 'utf8'"); $db->Query("SET CHARACTER SET utf8"); session_start(); if (empty($_SESSION['user']) || empty($_SESSION['ip']) || $_SESSION['ip'] != $_SERVER['REMOTE_ADDR']) { header("Location: index.php"); exit; } if (strtolower($_REQUEST['b']) == 'n') { $rs = $db->Query("SELECT * FROM ((((tb_net LEFT JOIN tb_municnet USING (id_municip)) LEFT JOIN tb_regionet ON (tb_regionet.id_regiona = tb_net.id_regiona)) LEFT JOIN tb_unidade USING (id_unidade)) LEFT JOIN tb_ocupanet USING (id_ocupa_n)) WHERE id = '" . $db->AddSlashes($_REQUEST['n']) . "'"); $log = "Base: SINAN NET\n"; } else { $rs = $db->Query("SELECT * FROM (((tb_windows LEFT JOIN tb_municipi USING (id_municip)) LEFT JOIN tb_unidade USING (id_unidade)) LEFT JOIN tb_ocupacao USING (id_ocupaca)) WHERE id = '" . $db->AddSlashes($_REQUEST['n']) . "'"); $log = "Base: SINAN Windows\n"; } $row = $rs->Row(); $log .= "Número da Notificação: {$row['nu_notific']}\nNome: {$row['nm_pacient']}\n"; $db->Query("INSERT INTO tb_log (ev_id, usu_id, log_det) VALUES (4, {$_SESSION['user']['usu_id']}, '" . $db->AddSlashes($log) . "')"); $dataBr = "d/m/Y"; //barra do governo full - largura 100% header('Content-type: text/html; charset=utf-8'); #require_once ('http://www.saopaulo.sp.gov.br/barrasp/barrasp_full.htm'); require_once "includes/cabecalho.php"; ?> <body>