/** * Controleur page d'index admin * Permet l'affichage de la page d'administration des droits d'accès. */ function admin_index() { global $pdo, $tpl; $sql = $pdo->prepare('SELECT * FROM acces WHERE acl_action != "index" AND acl_action != "admin" ORDER BY acl_action ASC, acl_page ASC'); $sql->execute(); $conf = array(); while ($line = $sql->fetch()) { if (!isset($conf[$line['acl_action']])) { $conf[$line['acl_action']] = array(); } $conf[$line['acl_action']][] = $line; } $groups = new Modele('sections'); $groups->find(); while ($groups->next()) { $tpl->append('grps', $groups->toArray()); } $aclGrps = new Modele('access_groups'); $aclGrps->find(); $aclGrpsRslt = array(); while ($aclGrps->next()) { if (!isset($aclGrpsRslt[$aclGrps->raw_ag_access])) { $aclGrpsRslt[$aclGrps->raw_ag_access] = array(); } $aclGrpsRslt[$aclGrps->raw_ag_access][] = $aclGrps->raw_ag_group; } $tpl->assign('aclGrps', $aclGrpsRslt); $tpl->assign('acls', $conf); $tpl->display('admin_index.tpl'); quit(); }
function compta_index() { global $tpl; $mdl = new Modele('user_accounts'); $mdl->find(array('ua_user' => $_SESSION['user']['user_id'])); $accounts = array(array('ua_id' => 0, 'ua_identifier' => 'Chèque', 'ua_type' => 'cheq', 'ua_number' => '')); while ($mdl->next()) { $accounts[] = $mdl->toArray(); } $tpl->assign('accounts', $accounts); display(); }
/** * Fichier administration du wifi */ function wifi_tokens() { global $pdo, $tpl; $mdl = new Modele('wifi_tokenGroup'); $mdl->find(); while ($mdl->next()) { $line = $mdl->toArray(); $stmt = $pdo->prepare('SELECT COUNT(*) FROM wifi_tokens WHERE wt_group = ?'); $stmt->bindValue(1, $mdl->wtg_id); $stmt->execute(); $rst = $stmt->fetch(); $line['sum'] = $rst[0]; $stmt = $pdo->prepare('SELECT COUNT(*) FROM wifi_tokens WHERE wt_group = ? AND wt_assign IS NOT NULL'); $stmt->bindValue(1, $mdl->wtg_id); $stmt->execute(); $rst = $stmt->fetch(); $line['used'] = $rst[0]; $tpl->append("lines", $line); } display(); }
function index_password_change() { global $tpl; if (!isset($_GET['valid']) || $_GET['valid'] != $_SESSION['index_password_code']) { $tpl->assign('hsuccess', false); modexec('index'); } $mdl = new Modele('users'); $mdl->find(array('user_email' => $_SESSION['index_password_email'])); $mdl->next(); if (isset($_POST['pwd1'])) { $success = $mdl->modFrom(array('user_pass' => $_POST['pwd1']), false); $tpl->assign('hsuccess', $success); if ($success) { unset($_SESSION['index_password_code']); $_SESSION['user'] = $mdl->toArray(); $_SESSION['user']['role'] = aclFromText($mdl->raw_user_role); $tpl->assign('_user', $_SESSION['user']); modexec('index'); } } $tpl->assign('user', $mdl); display(); }
/** * Détails d'un utilisateur * Et optionnellement sa vie. */ function user_view() { global $pdo, $tpl, $srcdir; $utime = microtime(true); $sql = $pdo->prepare('SELECT * FROM users LEFT JOIN user_types ON ut_id = user_type WHERE user_id = ?'); $sql->bindValue(1, $_REQUEST['user']); $sql->execute(); $user = $sql->fetch(); $tpl->assign('user', $user); $sql = $pdo->prepare('SELECT * FROM user_sections LEFT JOIN sections ON section_id = us_section WHERE us_user = ?'); $sql->bindValue(1, $user['user_id']); $sql->execute(); $sections = array(); while ($line = $sql->fetch()) { $sections[] = $line['section_id']; $tpl->append('sections', $line); } //List events $sql = $pdo->prepare('SELECT * FROM event_staff' . ' LEFT JOIN events ON event_id = est_event' . ' LEFT JOIN sections ON section_id = est_section' . ' WHERE est_user = ?' . ' ORDER BY event_start DESC'); $sql->bindValue(1, $user['user_id']); $sql->execute(); while ($event = $sql->fetch(PDO::FETCH_ASSOC)) { $tpl->append('events', $event); } $sql = $pdo->prepare('SELECT * FROM sections WHERE section_type = "primary"'); $sql->execute(); while ($line = $sql->fetch()) { if (!in_array($line['section_id'], $sections)) { $tpl->append('section_list', $line); } } $mdt = new Modele('user_mandate'); $mdt->find(array('um_user' => $_REQUEST['user'])); while ($mdt->next()) { $tpl->append('mandates', $mdt->um_mandate); } $mdl = new Modele('card'); $mdl->find(array('card_user' => $_REQUEST['user'])); while ($l = $mdl->next()) { $o = new Modele('card'); $o->fetch($mdl->card_id); $tpl->append('cards', $o); } require_once $srcdir . '/libs/GoogleApi.php'; $api = new GoogleApi(); $mls = $api->findUserGroups($user['user_email']); $groups = array(); if (isset($mls->groups)) { $tpl->assign('groups', $mls->groups); foreach ($mls->groups as $group) { $groups[] = $group->email; } } $allGroups = $api->getGroupsList(); foreach ($allGroups->groups as $group) { if (!in_array($group->email, $groups)) { $tpl->append('otherGroups', $group); } } //Get Bocal data if ($user['user_login']) { include_once $srcdir . '/libs/bocal.php'; $bocal = new Bocal(); $bdata = $bocal->getUser($user['user_login']); $tpl->assign('bocal', $bdata); if ($bdata !== false) { include_once $srcdir . '/libs/intra.php'; $intra = new EIntranet(); $tpl->assign('intra', $intra->getUserInfos($user['user_login'])); } } //Get activities $sql = $pdo->prepare('SELECT * FROM marks ' . 'LEFT JOIN participations ON part_id = mark_participation ' . 'LEFT JOIN sections ON part_section = section_id ' . 'LEFT JOIN events ON part_event = event_id ' . 'WHERE mark_user = ? ' . 'ORDER BY part_attribution_date DESC'); $sql->bindValue(1, $user['user_id']); $sql->execute(); while ($line = $sql->fetch()) { $tpl->append('activities', $line); } //Compta $mdl = new Modele('user_accounts'); $mdl->find(array('ua_user' => $user['user_id'])); $accounts = array(array('ua_id' => 0, 'ua_identifier' => 'Chèque', 'ua_type' => 'cheq', 'ua_number' => '')); while ($mdl->next()) { $accounts[] = $mdl->toArray(); } $tpl->assign('accounts', $accounts); //Fin compta $tpl->assign('time', microtime(true) - $utime); $tpl->display('user_details.tpl'); quit(); }
function ml_autoUpdate() { global $tpl; $section = new Modele('sections'); $section->find('section_ml != ""'); $api = new GoogleApi(); $toAdd = array(); $toDelete = array(); $sections = array(); while ($section->next()) { $toAdd[$section->getKey()] = array(); $toDelete[$section->getKey()] = array(); $sections[$section->getKey()] = $section->toArray(); $Lmembers = new Modele('user_sections'); $Lmembers->find(array('us_section' => $section->getKey(), 'us_type' => 'manager')); while ($Lmembers->next()) { $toAdd[$section->getKey()][] = strtolower($Lmembers->us_user->user_email); } $reelMembers = $api->getGroupMembers($section->section_ml); foreach ($reelMembers->members as $member) { $key = array_keys($toAdd[$section->getKey()], strtolower($member->email)); if (strpos($member->email, 'save_') !== 0) { //Skip sauvegarde if ($member->type == "GROUP") { continue; } elseif (count($key) == 0) { $toDelete[$section->getKey()][] = strtolower($member->email); } else { unset($toAdd[$section->getKey()][$key[0]]); } } } } $tpl->assign('sections', $sections); $tpl->assign('toDelete', $toDelete); $tpl->assign('toAdd', $toAdd); display(); }
function ftp_add() { global $tpl, $pdo; $grp = new Modele('sections'); $grp->find(); while ($grp->next()) { if (hasAcl(ACL_ADMINISTRATOR) || isset($_SESSION['user']['sections'][$grp->section_id]) && $_SESSION['user']['sections'][$grp->section_id]['us_type'] == 'manager') { $tpl->append('groups', $grp->toArray()); } } if (isset($_POST['user'])) { $sqlUsr = $pdo->prepare('SELECT * FROM users WHERE user_name LIKE ?'); $sqlUsr->bindValue(1, $_POST['member']); $sqlUsr->execute(); if ($sqlUsr->rowCount() == 0) { $tpl->assign('error', 'Utilisateur INTRA introuveable.'); display(); } elseif (!hasAcl(ACL_ADMINISTRATOR) && (!isset($_SESSION['user']['sections'][$_POST['section']]) || $_SESSION['user']['sections'][$_POST['section']]['us_type'] != 'manager')) { $tpl->assign('error', 'Groupe introuveable.'); display(); } elseif (strlen($_POST['pass']) < 8) { $tpl->assign('error', 'Le mot de passe doit faire au moins 8 caractères.'); display(); } else { $add = new Modele('ftp_users'); $user = $sqlUsr->fetch(); $tpl->assign('hsuccess', $add->addFrom(array('fu_user' => 'toy_' . $_POST['user'], 'fu_pass' => $_POST['pass'], 'fu_section' => $_POST['section'], 'fu_member' => $user['user_id'], 'fu_path' => '/home/ftp/toyunda/timeurs/'))); $usr = escapeshellarg($_POST['user']); $pwd = escapeshellarg($_POST['pass']); _ftp_exec("sudo /opt/scripts/adduser.sh {$usr} {$pwd}"); display(); } } display(); }
/** * Détails d'un événement * Cette page permet de voir les informations détaillés d'une section. Nous pouvons aussi utiliser cette page pour ajouter ou retirer la participation d'une section à un événement. */ function event_view() { global $tpl, $pdo; $sql = $pdo->prepare('SELECT * FROM events LEFT JOIN users ON event_owner = user_id LEFT JOIN sections ON section_id = event_section WHERE event_id = ?'); $sql->bindValue(1, $_GET['event']); $sql->execute(); $event = $sql->fetch(); if (!$event) { modexec('syscore', 'notfound'); } $sql = $pdo->prepare('SELECT * FROM event_sections LEFT JOIN sections ON es_section = section_id WHERE es_event = ?'); $sql->bindValue(1, $event['event_id']); $sql->execute(); $es = array(); while ($line = $sql->fetch()) { $es[$line['section_id']] = $line; $es[$line['section_id']]['cdat'] = false; $es[$line['section_id']]['staffs'] = new Modele('event_staff'); $es[$line['section_id']]['staffs']->find(array('est_event' => $event['event_id'], 'est_section' => $line['section_id'])); } $mdl = new Modele('event_staff'); $mdl->find(array('est_event' => $event['event_id'], 'est_user' => $_SESSION['user']['user_id'])); while ($mdl->next()) { if (isset($es[$mdl->raw_est_section])) { $es[$mdl->raw_est_section]['cdat'] = $mdl->toArray(); } else { // Réparation de table a la volé $mdl->delete(); } } $tpl->assign('es', $es); $sql = $pdo->prepare('SELECT * FROM sections'); $sql->execute(); while ($line = $sql->fetch()) { if (!in_array($line['section_id'], array_keys($es))) { $tpl->append('sections', $line); } } $tpl->assign('event', $event); $tpl->display('event_view.tpl'); quit(); }