function delete_user($login) { $sql = "SELECT source FROM " . TABLE_PREFIX . "_utilisateurs\n\t WHERE login LIKE '{$login}'"; $res = grr_sql_query($sql); $row = grr_sql_row($res, 0); $source = $row[0]; if ($source == 'ext') { // Si l'utilisateur avait été créé automatiquement, on le // supprime // Cf. admin_user.php l99 et l203 $sql = "DELETE FROM " . TABLE_PREFIX . "_utilisateurs WHERE login='******'"; if (grr_sql_command($sql) < 0) { fatal_error(1, "<p>" . grr_sql_error()); } else { grr_sql_command("DELETE FROM " . TABLE_PREFIX . "_j_mailuser_room WHERE login='******'"); grr_sql_command("DELETE FROM " . TABLE_PREFIX . "_j_user_area WHERE login='******'"); grr_sql_command("DELETE FROM " . TABLE_PREFIX . "_j_user_room WHERE login='******'"); grr_sql_command("DELETE FROM " . TABLE_PREFIX . "_j_useradmin_area WHERE login='******'"); grr_sql_command("DELETE FROM " . TABLE_PREFIX . "_j_useradmin_site WHERE login='******'"); } // Fin de la session grr_closeSession($_GET['auto']); } // sinon c'est source="local": on le garde et il y a toujours accès // classique login/mot de passe). }
static function set($_name, $_value) { if (isset(self::$grrSettings[$_name])) { $sql = "UPDATE " . TABLE_PREFIX . "_setting set VALUE = '" . protect_data_sql($_value) . "' where NAME = '" . protect_data_sql($_name) . "'"; $res = grr_sql_query($sql); if (!$res) { return false; } } else { $sql = "INSERT INTO " . TABLE_PREFIX . "_setting set NAME = '" . protect_data_sql($_name) . "', VALUE = '" . protect_data_sql($_value) . "'"; $res = grr_sql_query($sql); if (!$res) { return false; } } self::$grrSettings[$_name] = $_value; return true; }
} $grrSettings['ldap_champ_email'] = $_POST['ldap_champ_email']; if (!Settings::set("se3_liste_groupes_autorises", $_POST['se3_liste_groupes_autorises'])) { echo "Erreur lors de l'enregistrement de se3_liste_groupes_autorises !<br />"; } $grrSettings['se3_liste_groupes_autorises'] = $_POST['se3_liste_groupes_autorises']; } } //Chargement des valeurs de la table settingS if (!Settings::load()) { die("Erreur chargement settings"); } if (isset($_POST['submit'])) { if (isset($_POST['login']) && isset($_POST['password'])) { $sql = "select upper(login) login, password, prenom, nom, statut from " . TABLE_PREFIX . "_utilisateurs where login = '******'login'] . "' and password = md5('" . $_POST['password'] . "') and etat != 'inactif' and statut='administrateur' "; $res_user = grr_sql_query($sql); $num_row = grr_sql_count($res_user); if ($num_row == 1) { $valid = 'yes'; } else { $message = get_vocab("wrong_pwd"); } } } if (!grr_resumeSession() && $valid != 'yes') { ?> <!doctype html> <html> <head> <link rel="stylesheet" href="style.css" type="text/css"> <title> grr </title>
if (!saveSetting("begin_bookings", $_GET['begin_bookings'])) { echo "Erreur lors de l'enregistrement de begin_bookings !<br />"; } else { $del = grr_sql_query("DELETE FROM ".TABLE_PREFIX."_entry WHERE (end_time < ".getSettingValue('begin_bookings').")"); $del = grr_sql_query("DELETE FROM ".TABLE_PREFIX."_repeat WHERE end_date < ".getSettingValue("begin_bookings")); $del = grr_sql_query("DELETE FROM ".TABLE_PREFIX."_entry_moderate WHERE (end_time < ".getSettingValue('begin_bookings').")"); $del = grr_sql_query("DELETE FROM ".TABLE_PREFIX."_calendar WHERE DAY < ".getSettingValue("begin_bookings")); } if (!saveSetting("end_bookings", $_GET['end_bookings'])) { echo "Erreur lors de l'enregistrement de end_bookings !<br />"; } else { $del = grr_sql_query("DELETE FROM ".TABLE_PREFIX."_entry WHERE start_time > ".getSettingValue("end_bookings")); $del = grr_sql_query("DELETE FROM ".TABLE_PREFIX."_repeat WHERE start_time > ".getSettingValue("end_bookings")); $del = grr_sql_query("DELETE FROM ".TABLE_PREFIX."_entry_moderate WHERE (start_time > ".getSettingValue('end_bookings').")"); $del = grr_sql_query("DELETE FROM ".TABLE_PREFIX."_calendar WHERE DAY > ".getSettingValue("end_bookings")); } header("Location: ./admin_config.php"); } else if (isset($_GET['valid']) and ($_GET['valid'] == "no")) { header("Location: ./admin_config.php"); } # print the page header print_header("","","","",$type="with_session", $page="admin"); echo "<h2>".get_vocab('admin_confirm_change_date_bookings.php')."</h2>"; echo "<p>".get_vocab("msg_del_bookings")."</p>"; ?> <form action="admin_confirm_change_date_bookings.php" method='get'> <div> <input type="submit" value="<?php echo get_vocab("save");?>" />
echo "<p>".get_vocab("maj_no_update_to_do")."</p>"; echo "<p style=\"text-align:center;\"><a href=\"./\">".get_vocab("welcome")."</a></p>"; } echo "<hr />"; if (isset($result) and ($result != '')) { echo "<div class=\"page_sans_col_gauche\">"; echo "<h2>".encode_message_utf8("Résultat de la mise à jour")."</h2>"; echo encode_message_utf8($result); echo $result_inter; echo "</div>"; } // Test de cohérence des types de réservation if ($version_grr > "1.9.1") { $res = grr_sql_query("select distinct type from ".TABLE_PREFIX."_entry order by type"); if ($res) { $liste = ""; for ($i = 0; ($row = grr_sql_row($res, $i)); $i++) { $test = grr_sql_query1("select type_letter from ".TABLE_PREFIX."_type_area where type_letter='".$row[0]."'"); if ($test == -1) $liste .= $row[0]." "; } if ($liste != "") { echo encode_message_utf8("<table border=\"1\" cellpadding=\"5\"><tr><td><p><span style=\"color:red;\"><b>ATTENTION : votre table des types de réservation n'est pas à jour :</b></span></p>"); echo encode_message_utf8("<p>Depuis la version 1.9.2, les types de réservation ne sont plus définis dans le fichier config.inc.php mais directement en ligne. Un ou plusieurs types sont actuellement utilisés dans les réservations mais ne figurent pas dans la tables des types. Cela risque d'engendrer des messages d'erreur. <b>Il s'agit du ou des types suivants : ".$liste."</b>"); echo encode_message_utf8("<br /><br />Vous devez donc définir dans <a href= './admin_type.php'>l'interface de gestion des types</a>, le ou les types manquants, en vous aidant éventuellement des informations figurant dans votre ancien fichier config.inc.php.</p></td></tr></table>"); } }
VerifyModeDemo(); if (!isset($_POST['cacher_lien_deconnecter'])) { $cacher_lien_deconnecter = "n"; } else { $cacher_lien_deconnecter = "y"; } if (!Settings::set("cacher_lien_deconnecter", $cacher_lien_deconnecter)) { echo "Erreur lors de l'enregistrement de cacher_lien_deconnecter !<br />"; } if (isset($_POST['Url_portail_sso'])) { if (!Settings::set("Url_portail_sso", $_POST['Url_portail_sso'])) { echo "Erreur lors de l'enregistrement de Url_portail_sso ! <br />"; } } if ($_POST['sso_statut'] == "no_sso") { $req = grr_sql_query("delete from " . TABLE_PREFIX . "_setting where NAME = 'sso_statut'"); $grrSettings['sso_statut'] = ''; } else { if (!Settings::set("sso_statut", $_POST['sso_statut'])) { echo "Erreur lors de l'enregistrement de sso_statut !<br />"; } $grrSettings['sso_statut'] = $_POST['sso_statut']; } if (!Settings::set("lcs_statut_prof", $_POST['lcs_statut_prof'])) { echo "Erreur lors de l'enregistrement de lcs_statut_prof !<br />"; } $grrSettings['lcs_statut_prof'] = $_POST['lcs_statut_prof']; if (!Settings::set("lcs_statut_eleve", $_POST['lcs_statut_eleve'])) { echo "Erreur lors de l'enregistrement de lcs_statut_eleve !<br />"; } $grrSettings['lcs_statut_eleve'] = $_POST['lcs_statut_eleve'];
$reg_statut = isset($_POST["reg_statut"]) ? $_POST["reg_statut"] : NULL; $reg_type_auth = isset($_POST["reg_type_auth"]) ? $_POST["reg_type_auth"] : NULL; $nb_row++; for ($row = 1; $row < $nb_row; $row++) { if ($reg_type_auth[$row] != "ext") { $reg_mdp[$row] = md5(unslashes($reg_mdp[$row])); } // On nettoie les windozeries $reg_nom[$row] = protect_data_sql(corriger_caracteres($reg_nom[$row])); $reg_prenom[$row] = protect_data_sql(corriger_caracteres($reg_prenom[$row])); $reg_email[$row] = protect_data_sql(corriger_caracteres($reg_email[$row])); $test_login = grr_sql_count(grr_sql_query("SELECT login FROM " . TABLE_PREFIX . "_utilisateurs WHERE login='******'")); if ($test_login == 0) { $regdata = grr_sql_query("INSERT INTO " . TABLE_PREFIX . "_utilisateurs SET nom='" . $reg_nom[$row] . "',prenom='" . $reg_prenom[$row] . "',login='******',email='" . $reg_email[$row] . "',password='******',statut='" . $reg_type_user[$row] . "',etat='" . $reg_statut[$row] . "',source='" . $reg_type_auth[$row] . "'"); } else { $regdata = grr_sql_query("UPDATE " . TABLE_PREFIX . "_utilisateurs SET nom='" . $reg_nom[$row] . "',prenom='" . $reg_prenom[$row] . "',email='" . $reg_email[$row] . "',password='******',statut='" . $reg_type_user[$row] . "',etat='" . $reg_statut[$row] . "',source='" . $reg_type_auth[$row] . "' WHERE login='******'"); } if (!$regdata) { echo "<p><font color=\"red\">" . $reg_login[$row] . get_vocab("deux_points") . get_vocab("message_records_error") . "</font></p>"; } else { if ($reg_stat[$row] == "nouveau") { echo "<p>" . $reg_login[$row] . get_vocab("deux_points") . get_vocab("admin_import_users_csv12") . "</p>"; } else { echo "<p>" . $reg_login[$row] . get_vocab("deux_points") . get_vocab("message_records") . "</p>"; } } } } ?> </body> </html>
if (isset($id_room)) { settype($id_room, "integer"); } else { $print = "all"; } if (Settings::get("authentification_obli") == 0 && getUserName() == '') { $type_session = "no_session"; } else { $type_session = "with_session"; } if (authGetUserLevel(getUserName(), -1) < 1 && Settings::get("authentification_obli") == 1 || !verif_acces_ressource(getUserName(), $id_room)) { showAccessDenied(''); exit; } echo begin_page(get_vocab("mrbs") . get_vocab("deux_points") . Settings::get("company")); $res = grr_sql_query("SELECT * FROM " . TABLE_PREFIX . "_room WHERE id={$id_room}"); if (!$res) { fatal_error(0, get_vocab('error_room') . $id_room . get_vocab('not_found')); } $row = grr_sql_row_keyed($res, 0); grr_sql_free($res); echo "<h3 style=\"text-align:center;\">"; echo get_vocab("room") . get_vocab("deux_points") . " " . htmlspecialchars($row["room_name"]); $id_area = mrbsGetRoomArea($id_room); $area_name = grr_sql_query1("select area_name from " . TABLE_PREFIX . "_area where id='" . $id_area . "'"); $area_access = grr_sql_query1("select access from " . TABLE_PREFIX . "_area where id='" . $id_area . "'"); echo "<br />(" . $area_name; if ($area_access == 'r') { echo " - " . get_vocab("access"); } echo ")";
function grr_sql_version() { $r = grr_sql_query("select version()"); $v = grr_sql_row($r, 0); grr_sql_free($r); return "MySQL $v[0]"; }
fclose($file); echo "</td></tr></table>"; } echo "<h1>" . get_vocab("sure") . "</h1>"; echo "<h1><a href=\"admin_open_mysql.php?file_name={$file_name}\">" . get_vocab("YES") . "!</a> <a href=\"admin_config.php?page_config=4\">" . get_vocab("NO") . "!</a></h1>"; echo "</div>"; } else { $file = fopen($file_name, "r") or exit("Erreur de lecture de fichier!"); $ok = ""; $error = ""; while (!feof($file)) { $line = fgets($file); while ($line[0] != '#' && !stristr($line, ';') && !feof($file)) { $line .= fgets($file); } if (grr_sql_query($line)) { $ok .= "1"; } else { $ok .= "0"; $error .= "<hr />" . htmlspecialchars($line); } } fclose($file); unlink($file_name); echo "<h3>La restauration est terminée !</h3>"; echo strlen($ok) . " requêtes ont été exécutées "; if (strrpos($ok, '0')) { echo "avec " . substr_count($ok, '0') . " erreur(s) :"; echo $error . "<hr />"; } else { echo "sans erreurs.";
} } } // Si pas de problème, retour à la page d'accueil après enregistrement if (isset($_GET['change_done']) && !isset($ok)) { $_SESSION['displ_msg'] = 'yes'; Header("Location: " . "admin_type.php?msg=" . $msg); exit; } # print the page header print_header("", "", "", $type = "with_session"); include "admin_col_gauche.php"; echo "<div class=\"page_sans_col_gauche\">"; affiche_pop_up($msg, "admin"); if (isset($id_type) && $id_type > 0) { $res = grr_sql_query("SELECT * FROM " . TABLE_PREFIX . "_type_area WHERE id={$id_type}"); if (!$res) { fatal_error(0, get_vocab('message_records_error')); } $row = grr_sql_row_keyed($res, 0); grr_sql_free($res); $change_type = 'modif'; echo "<h2>" . get_vocab("admin_type_modify_modify.php") . "</h2>"; } else { $row["id"] = '0'; $row["type_name"] = ''; $row["type_letter"] = ''; $row["order_display"] = 0; $row["disponible"] = 2; $row["couleur"] = ''; echo "<h2>" . get_vocab('admin_type_modify_create.php') . "</h2>";
$html .= '<input type="checkbox" id="affichage" name="affichage" title="" value="n" />' . PHP_EOL; $html .= '</div>' . PHP_EOL . '</td>' . PHP_EOL; $html .= '<td>' . PHP_EOL . '<div> ' . PHP_EOL; $html .= '<input type="checkbox" id="overload_mail" name="overload_mail" title="" value="n" />' . PHP_EOL; $html .= '<input type="hidden" name="action" value="add" />' . PHP_EOL . '</div>' . PHP_EOL . '</td>' . PHP_EOL; $html .= '<td>' . PHP_EOL . '<div> ' . PHP_EOL; $html .= '<input type="checkbox" id="confidentiel" name="confidentiel" title="' . get_vocab("champ_confidentiel") . '" value="y" />' . PHP_EOL; $html .= '<input type="hidden" name="action" value="add" />' . PHP_EOL . '</div>' . PHP_EOL . '</td>' . PHP_EOL; $html .= '<td>' . PHP_EOL . '<div>' . PHP_EOL . '<input class="btn btn-primary" type="submit" name="submit" value="' . get_vocab('add') . '" /></div></td>' . PHP_EOL; $html .= '</tr>' . PHP_EOL . '</table>' . PHP_EOL . '</form>' . PHP_EOL; $breakkey = ""; $ouvre_table = false; $ferme_table = false; $ind_div = 0; foreach ($userdomain as $key => $value) { $res = grr_sql_query("SELECT id, fieldname, fieldtype, obligatoire, fieldlist, affichage, overload_mail, confidentiel FROM " . TABLE_PREFIX . "_overload WHERE id_area={$key} ORDER BY fieldname;"); if (!$res) { fatal_error(0, grr_sql_error()); } if ($key != $breakkey && grr_sql_count($res) != 0) { if (!$ouvre_table) { $html .= '<table class="table table-bordered">'; $ferme_table = true; $ouvre_table = true; } $html .= '<tr>' . PHP_EOL . '<td colspan="3">' . PHP_EOL . '<h4>Liste des champs additionnels</h4>' . PHP_EOL . '</td>' . PHP_EOL . '</tr>' . PHP_EOL; } $breakkey = $key; if (grr_sql_count($res) != 0) { for ($i = 0; $row = grr_sql_row($res, $i); $i++) { $html .= '<tr>' . PHP_EOL;
$tplArray['vocab']['signaler_reservation_en_cours'] = get_vocab('signaler_reservation_en_cours'); $tplArray['vocab']['explications_signaler_reservation_en_cours'] = get_vocab('explications_signaler_reservation_en_cours'); $tplArray['vocab']['signaler_reservation_en_cours_option_0'] = get_vocab('signaler_reservation_en_cours_option_0'); $tplArray['vocab']['signaler_reservation_en_cours_option_1'] = get_vocab('signaler_reservation_en_cours_option_1'); $tplArray['vocab']['signaler_reservation_en_cours_option_2'] = get_vocab('signaler_reservation_en_cours_option_2'); $tplArray['vocab']['necessite_fonction_mail_automatique'] = get_vocab('necessite fonction mail automatique'); $tplArray['vocab']['envoyer maintenant mail retard'] = get_vocab('envoyer maintenant mail retard'); $tplArray['vocab']['status_courrier'] = get_vocab('status_courrier'); $tplArray['vocab']['msg_courrier'] = get_vocab('msg_courrier'); $tplArray['vocab']['Generer_pdf'] = get_vocab('Generer_pdf'); $tplArray['vocab']['status_clef'] = get_vocab('status_clef'); $tplArray['vocab']['msg_clef'] = get_vocab('msg_clef'); /* Partie sur les périodicités*/ if ($repeat_id != 0) { $tplArray['repeatId'] = true; $res = grr_sql_query('SELECT rep_type, end_date, rep_opt, rep_num_weeks, start_time, end_time FROM ' . TABLE_PREFIX . "_repeat WHERE id={$repeat_id}"); if (!$res) { fatal_error(0, grr_sql_error()); } if (grr_sql_count($res) == 1) { $row6 = grr_sql_row($res, 0); $rep_type = $row6[0]; $rep_end_date = utf8_strftime($dformat, $row6[1]); $rep_opt = $row6[2]; $rep_num_weeks = $row6[3]; $start_time = $row6[4]; $end_time = $row6[5]; $duration = $row6[5] - $row6[4]; } grr_sql_free($res); if ($enable_periods == 'y') {
echo "</div>"; } } if ($type == "area") { // Seul l'admin peut supprimer un domaine if (authGetUserLevel(getUserName(), $id_area, 'area') < 5) { showAccessDenied($back); exit; } //We are only going to let them delete an area if there are //no rooms. its easier $n = grr_sql_query1("SELECT count(*) FROM " . TABLE_PREFIX . "_room WHERE area_id={$id_area}"); if ($n == 0) { // Suppression des champ additionnels $sqlstring = "SELECT id FROM " . TABLE_PREFIX . "_overload WHERE id_area='" . $id_area . "'"; $result = grr_sql_query($sqlstring); for ($i = 0; $field_row = grr_sql_row($result, $i); $i++) { $id_overload = $field_row[0]; // Suppression des données dans les réservations déjà effectuées grrDelOverloadFromEntries($id_overload); $sql = "DELETE FROM " . TABLE_PREFIX . "_overload WHERE id={$id_overload};"; grr_sql_command($sql); } //OK, nothing there, lets blast it away grr_sql_command("DELETE FROM " . TABLE_PREFIX . "_area WHERE id={$id_area}"); grr_sql_command("update " . TABLE_PREFIX . "_utilisateurs set default_area = '-1', default_room = '-1' WHERE default_area='" . $id_area . "'"); grr_sql_command("DELETE FROM " . TABLE_PREFIX . "_area_periodes WHERE id_area={$id_area}"); grr_sql_command("DELETE FROM " . TABLE_PREFIX . "_j_useradmin_area WHERE id_area={$id_area}"); grr_sql_command("DELETE FROM " . TABLE_PREFIX . "_j_type_area WHERE id_area={$id_area}"); grr_sql_command("DELETE FROM " . TABLE_PREFIX . "_j_user_area WHERE id_area={$id_area}"); grr_sql_command("DELETE FROM " . TABLE_PREFIX . "_j_site_area WHERE id_area={$id_area}");
/** * Save a name, value pair to the database * * Use this function ponctually. If you need to save several settings, * you'd better write your own code * * Returns the result of the operation * * @_name string The name of the setting to save * @_value string Its value * * @return bool The result of the operation */ function saveSetting($_name, $_value) { global $grrSettings; if (isset($grrSettings[$_name])) { $sql = "update ".TABLE_PREFIX."_setting set VALUE = '" . protect_data_sql($_value) . "' where NAME = '" . protect_data_sql($_name) . "'"; $res = grr_sql_query($sql); if ( ! $res) return (false); } else { $sql = "insert into ".TABLE_PREFIX."_setting set NAME = '" . protect_data_sql($_name) . "', VALUE = '" . protect_data_sql($_value) . "'"; $res = grr_sql_query($sql); if ( ! $res) return (false); } $grrSettings[$_name] = $_value; return (true); }
} $nb_room = grr_sql_query1("SELECT count(r.room_name) FROM " . TABLE_PREFIX . "_room r\n\t\t\t\t\tleft join " . TABLE_PREFIX . "_area a on r.area_id=a.id\n\t\t\t\t\twhere a.id='" . $row_area[0] . "'"); $req_room = "SELECT r.room_name FROM " . TABLE_PREFIX . "_room r\n\t\t\t\tleft join " . TABLE_PREFIX . "_j_user_room j on r.id=j.id_room\n\t\t\t\tleft join " . TABLE_PREFIX . "_area a on r.area_id=a.id\n\t\t\t\twhere j.login = '******' and a.id='" . $row_area[0] . "'"; $res_room = grr_sql_query($req_room); $is_gestionnaire = ''; if ($res_room) { if (grr_sql_count($res_room) == $nb_room && $nb_room != 0) { $is_gestionnaire = $vocab["all_rooms"]; } else { for ($j = 0; $row_room = grr_sql_row($res_room, $j); $j++) { $is_gestionnaire .= $row_room[0] . "<br />"; } } } $req_mail = "SELECT r.room_name from " . TABLE_PREFIX . "_room r\n\t\t\t\tleft join " . TABLE_PREFIX . "_j_mailuser_room j on r.id=j.id_room\n\t\t\t\tleft join " . TABLE_PREFIX . "_area a on r.area_id=a.id\n\t\t\t\twhere j.login = '******' and a.id='" . $row_area[0] . "'"; $res_mail = grr_sql_query($req_mail); $is_mail = ''; if ($res_mail) { for ($j = 0; $row_mail = grr_sql_row($res_mail, $j); $j++) { $is_mail .= $row_mail[0] . "<br />"; } } if ($row_area[2] == 'r') { $test_restreint = grr_sql_query1("SELECT count(id_area) from " . TABLE_PREFIX . "_j_user_area j where j.login = '******' and j.id_area='" . $row_area[0] . "'"); if ($test_restreint >= 1) { $is_restreint = 'y'; } else { $is_restreint = 'n'; } } else { $is_restreint = 'n';
<?php use Grr\Event\EditEntryHandlerForCreate; $dispatcher->addListener('editentryhandler.beforedb', function (EditEntryHandlerForCreate $event) { /* config from config.yml */ global $configValuesHookCreateEntry; /* get the data from the event */ $data = $event->getData(); /* get the champs_libre field associated with the current user */ $champsLibre = mysqli_result(grr_sql_query('SELECT champs_libre FROM ' . TABLE_PREFIX . '_utilisateurs WHERE login="******"'), 0); $userInfo = explode('@', $champsLibre); /* first case is the domain associated with the user, I use it to override the fields for mrbsCreate* functions */ /*echo "<pre>BEFORE"; var_dump($data); echo "<hr>"; var_dump($userInfo); echo "</pre>";*/ if ($data['entry_moderate'] == 1) { /* the entry is moderate */ //echo "<br>MODERATE"; //echo $userInfo[0] ." -- ". $data['area']; if ($userInfo[0] == $data['area']) { /* this user is not moderate for this ressource */ $data['entry_moderate'] = 0; $data['send_mail_moderate'] = 0; //echo "<br>dans le if chuipascensé moderé<br>"; } } /* set back the event */ $event->setData($data); /*echo "<pre>AFTER";
/** * Close a session * * Set the closing time in the logs * Destroy all session data * @_auto string Session auto-close flag * @return nothing */ function grr_closeSession(&$_auto) { settype($_auto, "integer"); session_name(SESSION_NAME); @session_start(); // Sometimes 'start' may not exist, because the session was previously closed by another window // It's not necessary to ".TABLE_PREFIX."_log this, then if (isset($_SESSION['start'])) { $sql = "update " . TABLE_PREFIX . "_log set AUTOCLOSE = '" . $_auto . "', END = now() where SESSION_ID = '" . session_id() . "' and START = '" . $_SESSION['start'] . "'"; grr_sql_query($sql); } // Détruit toutes les variables de session $_SESSION = array(); // Détruit le cookie sur le navigateur $CookieInfo = session_get_cookie_params(); @setcookie(session_name(), '', time() - 3600, $CookieInfo['path']); // On détruit la session session_destroy(); }
} else { if (isset($_GET["id_area"])) { $id_area = $_GET["id_area"]; settype($id_area,"integer"); } else die(); $sql = "SELECT id, room_name FROM ".TABLE_PREFIX."_room WHERE area_id='".$id_area."'"; // on ne cherche pas parmi les ressources invisibles pour l'utilisateur $tab_rooms_noaccess = verif_acces_ressource(getUserName(), 'all'); foreach($tab_rooms_noaccess as $key){ $sql .= " and id != $key "; } $sql .= " ORDER BY order_display,room_name"; $resultat = grr_sql_query($sql); $display_liste = ' <table border="0"><tr> <td>'.get_vocab('default_room').'</td> <td> <select name="id_room"> <option value="-1"'; if ($default_room == -1) $display_liste .= ' selected="selected" '; $display_liste .= ' >'.get_vocab('default_room_all').'</option>'."\n". '<option value="-2"'; if ($default_room == -2) $display_liste .= ' selected="selected" '; $display_liste .= ' >'.get_vocab('default_room_week_all').'</option>'."\n". '<option value="-3"'; if ($default_room == -3)
<div class="form-group"> <div class="input-group"> <div class="input-group-addon"><span class="glyphicon glyphicon-earphone"></span></div> <input class="form-control" type="text" size="8" maxlength="14" id="telephone" name="telephone" placeholder="Votre numéro de téléphone" /> </div> </div> </fieldset> <fieldset> <legend><b>Réservation</b></legend> <label for="subject">Sujet :</label> <textarea class="form-control" id="subject" name="sujet" cols="30" rows="4"></textarea><br/> <label>Domaines : </label> <select id="area" name="area" class="form-control"> <?php $sql_areaName = "SELECT id, area_name FROM " . TABLE_PREFIX . "_area ORDER BY area_name"; $res_areaName = grr_sql_query($sql_areaName); for ($i = 0; $row_areaName = grr_sql_row($res_areaName, $i); $i++) { if (authUserAccesArea(getUserName(), $row_areaName[0]) == 1) { $id = $row_areaName[0]; $area_name = $row_areaName[1]; echo '<option onclick="" value="' . $id . '"> ' . $area_name . '</option>' . PHP_EOL; } } ?> </select> <script> $(document).ready(function() { var $domaine = $('#area'); var $salle = $('#room'); $domaine.on('change', function()
require_once($racine."include/session.inc.php"); // Resume session if (!grr_resumeSession()) { header("Location: {$racine}logout.php?auto=1&url=$url"); die(); }; // Paramètres langage $use_admin = 'y'; include $racine."include/language.inc.php"; */ $temp = time(); $result = grr_sql_query("SELECT * FROM " . TABLE_PREFIX . "_entry WHERE end_time > '{$temp}';"); $export = "<?xml version=\"1.0\" encoding=\"UTF-8\" ?>\n"; $export = "<RESERVATIONS>"; while ($row = mysqli_fetch_array($result)) { $beneficiaire = grr_sql_query("SELECT * FROM " . TABLE_PREFIX . "_utilisateurs WHERE login = '******'beneficiaire'] . "';"); $beneficiaire = mysqli_fetch_array($beneficiaire); $export .= "<RESERVATION>"; $groupe = $row['beneficiaire']; $nom = $beneficiaire['nom']; $prenom = $beneficiaire['prenom']; $arrive = date('d/m/Y', $row['start_time']) . ' ' . date('H:i', $row['start_time']); $depart = date('d/m/Y', $row['end_time']) . ' ' . date('H:i', $row['end_time']); $export .= "<GROUPE>{$groupe}</GROUPE>"; $export .= "<NOM>{$nom}</NOM>"; $export .= "<PRENOM>{$prenom}</PRENOM>"; $export .= "<ARRIVEE>{$arrive}</ARRIVEE>"; $export .= "<DEPART>{$depart}</DEPART>"; $export .= "</RESERVATION>"; } $export .= "</RESERVATIONS>";
<?php include "include/connect.inc.php"; include "include/mysql.inc.php"; include "include/misc.inc.php"; $id = $_GET['id']; echo "<optgroup label=\"Salles\">"; $res = grr_sql_query("SELECT room_name FROM " . TABLE_PREFIX . "_room WHERE area_id = '" . $id . "' ORDER BY room_name"); $nbresult = mysqli_num_rows($res); if ($nbresult != 0) { for ($t = 0; $row_roomName = grr_sql_row($res, $t); $t++) { $room_name = $row_roomName[0]; echo " <option value =\"{$t}\">{$room_name}</option>"; } } else { echo " <option value =\"1\">Aucune ressource liée à ce domaine</option>"; }
/** NettoyerTablesJointure() * * Supprime les lignes inutiles dans les tables de liaison * */ function NettoyerTablesJointure() { $nb = 0; // Table grr_j_mailuser_room $req = "SELECT j.login FROM " . TABLE_PREFIX . "_j_mailuser_room j\n\tLEFT JOIN " . TABLE_PREFIX . "_utilisateurs u on u.login=j.login\n\tWHERE (u.login IS NULL)"; $res = grr_sql_query($req); if ($res) { for ($i = 0; $row = grr_sql_row($res, $i); $i++) { $nb++; grr_sql_command("delete from " . TABLE_PREFIX . "_j_mailuser_room where login='******'"); } } // Table grr_j_user_area $req = "SELECT j.login FROM " . TABLE_PREFIX . "_j_user_area j\n\tLEFT JOIN " . TABLE_PREFIX . "_utilisateurs u on u.login=j.login\n\tWHERE (u.login IS NULL)"; $res = grr_sql_query($req); if ($res) { for ($i = 0; $row = grr_sql_row($res, $i); $i++) { $nb++; grr_sql_command("delete from " . TABLE_PREFIX . "_j_user_area where login='******'"); } } // Table grr_j_user_room $req = "SELECT j.login FROM " . TABLE_PREFIX . "_j_user_room j\n\tLEFT JOIN " . TABLE_PREFIX . "_utilisateurs u on u.login=j.login\n\tWHERE (u.login IS NULL)"; $res = grr_sql_query($req); if ($res) { for ($i = 0; $row = grr_sql_row($res, $i); $i++) { $nb++; grr_sql_command("DELETE FROM " . TABLE_PREFIX . "_j_user_room WHERE login='******'"); } } // Table grr_j_useradmin_area $req = "SELECT j.login FROM " . TABLE_PREFIX . "_j_useradmin_area j\n\tLEFT JOIN " . TABLE_PREFIX . "_utilisateurs u on u.login=j.login\n\tWHERE (u.login IS NULL)"; $res = grr_sql_query($req); if ($res) { for ($i = 0; $row = grr_sql_row($res, $i); $i++) { $nb++; grr_sql_command("DELETE FROM " . TABLE_PREFIX . "_j_useradmin_area WHERE login='******'"); } } // Table grr_j_useradmin_site $req = "SELECT j.login FROM " . TABLE_PREFIX . "_j_useradmin_site j\n\tLEFT JOIN " . TABLE_PREFIX . "_utilisateurs u on u.login=j.login\n\tWHERE (u.login IS NULL)"; $res = grr_sql_query($req); if ($res) { for ($i = 0; $row = grr_sql_row($res, $i); $i++) { $nb++; grr_sql_command("DELETE FROM " . TABLE_PREFIX . "_j_useradmin_site WHERE login='******'"); } } // Suppression effective echo "<hr />\n"; echo "<p class='avertissement'>" . get_vocab("tables_liaison") . get_vocab("deux_points") . $nb . get_vocab("entres_supprimees") . "</p>\n"; }
} else { if (isset($_GET['id'])) { $id = $_GET['id']; } else { header('Location: ' . Settings::get("grr_url")); } $sql = "SELECT * FROM " . TABLE_PREFIX . "_entry WHERE id='" . $id . "'"; $res = grr_sql_query($sql); if (!$res) { fatal_error(0, grr_sql_error()); } $row = grr_sql_row($res, 0); $sql = "SELECT room_name FROM " . TABLE_PREFIX . "_room WHERE id='" . $row[5] . "'"; $res = grr_sql_query($sql); $row2 = grr_sql_row($res, 0); $res2 = grr_sql_query("SELECT rep_type, end_date, rep_opt, rep_num_weeks, start_time, end_time FROM " . TABLE_PREFIX . "_repeat WHERE id={$row['4']}"); if (!$res2) { fatal_error(0, grr_sql_error()); } if (grr_sql_count($res2) == 1) { $row6 = grr_sql_row($res2, 0); $rep_type = $row6[0]; $rep_end_date = utf8_strftime($dformat, $row6[1]); $rep_opt = $row6[2]; $rep_num_weeks = $row6[3]; $start_time = $row6[4]; $end_time = $row6[5]; $duration = $row6[5] - $row6[4]; } if ($row[4] != 0) { $period = 1;
echo "</tr></table>"; echo "<h3>" . get_vocab("type_de_creneaux") . "</h3>"; echo "<table>"; //echo "<p style=\"text-align:left;\"><b>ATTENTION :</b> Les deux types de configuration des creneaux sont incompatibles entre eux : un changement du type de creneaux entraene donc, apres validation, un <b>effacement de toutes les reservations de ce domaine</b></p>."; echo "<tr><td colspan=\"2\"><label><input type=\"radio\" name=\"enable_periods\" value=\"n\" onclick=\"bascule()\" "; if ($row["enable_periods"] == 'n') { echo "checked=\"checked\""; } echo " />" . get_vocab("creneaux_de_reservation_temps") . "</label><br />"; echo "<label><input type=\"radio\" name=\"enable_periods\" value=\"y\" onclick=\"bascule()\" "; if ($row["enable_periods"] == 'y') { echo "checked=\"checked\""; } echo " />" . get_vocab("creneaux_de_reservation_pre_definis") . "</label></td></tr></table>"; //Les creneaux de reservation sont bases sur des intitules pre-definis. $sql_periode = grr_sql_query("SELECT num_periode, nom_periode FROM " . TABLE_PREFIX . "_area_periodes where id_area='" . $id_area . "' order by num_periode"); $num_periodes = grr_sql_count($sql_periode); if (!isset($number_periodes)) { if ($num_periodes == 0) { $number_periodes = 10; } else { $number_periodes = $num_periodes; } } if ($row["enable_periods"] == 'y') { echo "<table id=\"menu2\" border=\"1\" cellspacing=\"1\" cellpadding=\"6\">"; } else { echo "<table style=\"display:none\" id=\"menu2\" border=\"1\" cellspacing=\"1\" cellpadding=\"6\">"; } echo "<tr><td>" . get_vocab("nombre_de_creneaux") . get_vocab("deux_points") . "</td>"; echo "<td style=\"width:30%;\"><input type=\"text\" id=\"nb_per\" name=\"number_periodes\" size=\"1\" onkeypress=\"if (event.keyCode==13) return aff_creneaux()\" value=\"{$number_periodes}\" />\n\t\t\t<a href=\"#Per\" onclick=\"javascript:return(aff_creneaux())\">" . get_vocab("goto") . "</a>\n";
$is_admin .= $row_admin[1] . " " . $row_admin[2] . " (" . $row_admin[0] . ")"; if ($row_admin[3] == 'inactif') { $is_admin .= "<b> -> " . get_vocab("no_activ_user") . "</b>"; } $is_admin .= "<br />"; } } if ($is_admin != '') { $a_privileges = 'y'; echo "\n<h3><b>" . get_vocab("utilisateurs administrateurs domaine") . "</b></h3>"; echo $is_admin; } // Si le domaine est restreint, on teste si des utilateurs y ont accès if ($area_access == 'r') { $req_restreint = "SELECT u.login, u.nom, u.prenom, u.etat FROM " . TABLE_PREFIX . "_utilisateurs u left join " . TABLE_PREFIX . "_j_user_area j on u.login=j.login WHERE j.id_area = '" . $area_id . "' ORDER BY u.nom, u.prenom"; $res_restreint = grr_sql_query($req_restreint); $is_restreint = ''; if ($res_restreint) { for ($j = 0; $row_restreint = grr_sql_row($res_restreint, $j); $j++) { $is_restreint .= $row_restreint[1] . " " . $row_restreint[2] . " (" . $row_restreint[0] . ")"; if ($row_restreint[3] == 'inactif') { $is_restreint .= "<b> -> " . get_vocab("no_activ_user") . "</b>"; } $is_restreint .= "<br />"; } } if ($is_restreint != '') { $a_privileges = 'y'; echo "\n<h3>" . get_vocab("utilisateurs acces restreint domaine") . "</h3>\n"; echo "<p>" . $is_restreint . "</p>"; }
function reporton(&$row, $dformat) { global $vocab, $enable_periods; echo "<tr>"; //Affiche "area" $area_nom = htmlspecialchars($row[8]); $areadescrip = htmlspecialchars($row[10]); if ($areadescrip != "") { $titre_area_descript = "title=\"" . $areadescrip . "\""; } else { $titre_area_descript = ""; } echo "<td " . $titre_area_descript . " >" . $area_nom . "</td>"; //Affiche "room" $room = htmlspecialchars($row[9]); echo "<td>" . $room . "</td>"; // Breve description (title), avec un lien $breve_description = affichage_lien_resa_planning($row[3], $row[0]); $breve_description = "<a href=\"view_entry.php?id={$row['0']}\">" . $breve_description . "</a>"; echo "<td>" . $breve_description . "</td>\n"; // From date-time and duration: echo "<td>"; if ($enable_periods == 'y') { echo describe_period_span($row[1], $row[2]); echo "</td>\n"; } else { echo describe_span($row[1], $row[2], $dformat); if (date("d\\/m\\/Y", $row[1]) == date("d\\/m\\/Y", $row[2])) { echo "<br />" . date("H\\:i", $row[1]) . " ==> " . date("H\\:i", $row[2]) . "</td>\n"; } else { echo "<br />" . date("d\\/m\\/Y\\ \\-\\ H\\:i", $row[1]) . " ==> " . date("d\\/m\\/Y\\ \\-\\ H\\:i", $row[2]) . "</td>\n"; } } //Description if ($row[4] != "") { $description = nl2br(htmlspecialchars($row[4])); } else { $description = " "; } echo "<td>" . $description . "</td>\n"; //Type de réservation $et = grr_sql_query1("SELECT type_name FROM " . TABLE_PREFIX . "_type_area WHERE type_letter='" . $row[5] . "'"); if ($et == -1) { $et = "?" . $row[5] . "?"; } echo "<td>" . $et . "</td>\n"; //Affichage de "crée par" $sql_beneficiaire = "SELECT prenom, nom FROM " . TABLE_PREFIX . "_utilisateurs WHERE login = '******'"; $res_beneficiaire = grr_sql_query($sql_beneficiaire); if ($res_beneficiaire) { $row_user = grr_sql_row($res_beneficiaire, 0); } echo "<td>" . htmlspecialchars($row_user[0]) . " " . htmlspecialchars($row_user[1]) . "</td>"; //Affichage de la date de la dernière mise à jour echo "<td>" . date_time_string($row[7], $dformat) . "</td>\n"; echo "</tr>\n"; }
/** NettoyerTablesJointure() * Supprime les lignes inutiles dans les tables de liaison. */ function NettoyerTablesJointure() { $nb = 0; // Table grr_j_mailuser_room $req = 'SELECT j.login FROM ' . TABLE_PREFIX . '_j_mailuser_room j LEFT JOIN ' . TABLE_PREFIX . '_utilisateurs u on u.login=j.login WHERE (u.login IS NULL)'; $res = grr_sql_query($req); if ($res) { for ($i = 0; $row = grr_sql_row($res, $i); ++$i) { ++$nb; grr_sql_command('delete from ' . TABLE_PREFIX . "_j_mailuser_room where login='******'"); } } // Table grr_j_user_area $req = 'SELECT j.login FROM ' . TABLE_PREFIX . '_j_user_area j LEFT JOIN ' . TABLE_PREFIX . '_utilisateurs u on u.login=j.login WHERE (u.login IS NULL)'; $res = grr_sql_query($req); if ($res) { for ($i = 0; $row = grr_sql_row($res, $i); ++$i) { ++$nb; grr_sql_command('delete from ' . TABLE_PREFIX . "_j_user_area where login='******'"); } } // Table grr_j_user_room $req = 'SELECT j.login FROM ' . TABLE_PREFIX . '_j_user_room j LEFT JOIN ' . TABLE_PREFIX . '_utilisateurs u on u.login=j.login WHERE (u.login IS NULL)'; $res = grr_sql_query($req); if ($res) { for ($i = 0; $row = grr_sql_row($res, $i); ++$i) { ++$nb; grr_sql_command('DELETE FROM ' . TABLE_PREFIX . "_j_user_room WHERE login='******'"); } } // Table grr_j_useradmin_area $req = 'SELECT j.login FROM ' . TABLE_PREFIX . '_j_useradmin_area j LEFT JOIN ' . TABLE_PREFIX . '_utilisateurs u on u.login=j.login WHERE (u.login IS NULL)'; $res = grr_sql_query($req); if ($res) { for ($i = 0; $row = grr_sql_row($res, $i); ++$i) { ++$nb; grr_sql_command('DELETE FROM ' . TABLE_PREFIX . "_j_useradmin_area WHERE login='******'"); } } // Table grr_j_useradmin_site $req = 'SELECT j.login FROM ' . TABLE_PREFIX . '_j_useradmin_site j LEFT JOIN ' . TABLE_PREFIX . '_utilisateurs u on u.login=j.login WHERE (u.login IS NULL)'; $res = grr_sql_query($req); if ($res) { for ($i = 0; $row = grr_sql_row($res, $i); ++$i) { ++$nb; grr_sql_command('DELETE FROM ' . TABLE_PREFIX . "_j_useradmin_site WHERE login='******'"); } } // Suppression effective echo "<hr />\n"; echo "<p class='avertissement'>" . get_vocab('tables_liaison') . get_vocab('deux_points') . $nb . get_vocab('entres_supprimees') . "</p>\n"; }
<input class="btn btn-primary" type="submit" value="<?php echo get_vocab("OK"); ?> " style="font-variant: small-caps;"/> </fieldset> </form> </div> <hr style="margin-top: 32px; margin-bottom: 24px;"/> <h3> <?php echo get_vocab("cleaning_log"); ?> </h3> <?php $sql = "select START from " . TABLE_PREFIX . "_log order by END"; $res = grr_sql_query($sql); $logs_number = grr_sql_count($res); $row = grr_sql_row($res, 0); $annee = substr($row[0], 0, 4); $mois = substr($row[0], 5, 2); $jour = substr($row[0], 8, 2); echo "<p>" . get_vocab("logs_number") . "<b>" . $logs_number . "</b><br />"; echo get_vocab("older_date_log") . "<b>" . $jour . "/" . $mois . "/" . $annee . "</b></p>"; if (!isset($_POST['cleanYear'])) { $_POST['cleanYear'] = strftime("%Y"); } if (!isset($_POST['cleanMonth'])) { $_POST['cleanMonth'] = strftime("%m"); } if (!isset($_POST['cleanDay'])) { $_POST['cleanDay'] = strftime("%d");
$html .= "<input type=\"checkbox\" id=\"overload_mail\" name=\"overload_mail\" title=\"\" value=\"n\" />\n"; $html .= "<input type=\"hidden\" name=\"action\" value=\"add\" /></div></td>\n"; $html .= "<td><div> "; $html .= "<input type=\"checkbox\" id=\"confidentiel\" name=\"confidentiel\" title=\"".get_vocab("champ_confidentiel")."\" value=\"y\" />\n"; $html .= "<input type=\"hidden\" name=\"action\" value=\"add\" /></div></td>\n"; $html .= "<td><div><input type=\"submit\" name=\"submit\" value=\"".get_vocab('add')."\" /></div></td>\n"; $html .= "</tr></table></form>\n"; // X+2- On affiche les données du tableau $breakkey = ""; $ouvre_table=false; $ferme_table=false; $ind_div = 0; foreach( $userdomain as $key=>$value ) { $res = grr_sql_query("select id, fieldname, fieldtype, obligatoire, fieldlist, affichage, overload_mail, confidentiel from ".TABLE_PREFIX."_overload where id_area=$key order by fieldname;"); if (! $res) fatal_error(0, grr_sql_error()); if (($key != $breakkey ) and (grr_sql_count($res) != 0)) { if (!$ouvre_table) { $html .= "<table border=\"0\" cellpadding=\"3\">"; $ferme_table=true; $ouvre_table=true; } $html .= "<tr><td colspan=\"5\"><hr /></td></tr>"; } $breakkey = $key; if (grr_sql_count($res) != 0) for ($i = 0; ($row = grr_sql_row($res, $i)); $i++) {