function printOrder()
{
$desk_id = getValue('desk_id', 'int', 'POST', 0);
check_desk_exist($desk_id);
$list_menu = getValue('list_menu', 'arr', 'POST', array());
//cập nhật số lượng thực đơn đã in bếp vào trường cdm_printed_number
$array_menu_success = array();
foreach ($list_menu as $menu) {
$sql = 'UPDATE current_desk_menu
SET cdm_printed_number = cdm_printed_number + ' . $menu['print_number'] . '
WHERE cdm_menu_id = ' . $menu['men_id'] . '
AND cdm_desk_id = ' . $desk_id;
$db_update = new db_execute($sql);
if ($db_update->total) {
$array_menu_success[] = $menu;
}
}
if (!$array_menu_success) {
return;
} else {
$array_return = array('success' => 1, 'list_menu' => $array_menu_success);
}
//log action
log_action(ACTION_LOG_PRINT_ORDER, 'In chế biến xuống bếp - bàn ID ' . $desk_id);
die(json_encode($array_return));
}
function debitRequest()
{
global $app;
#http://83.138.190.170/skyeapi/debitrequest?msisdn=2347062385282&sessionid=435654257&endofsesssion=false&userdata=*336*9*750*07062385281#&op=MTNmain
#msisdn=2348134197100&sessionid=435654257&endofsesssion=false&userdata=*336*5#
$req = $app->request();
#$userdata= '*336*9#';
$userdata = $req->get('userdata');
$use = explode('*', $userdata);
if ($use[4]) {
$amt = $use[3];
$destMsisdn = $use[4];
$destMsisdn = rtrim($destMsisdn, "#");
} else {
$amt = $use[3];
$amt = rtrim($amt, '#');
$destMsisdn = $req->get('msisdn');
}
$actMsisdn = $req->get('msisdn');
$msisdn = $actMsisdn;
$sessionid = $req->get('sessionid') ? $req->get('sessionid') : time();
#$amt = $amt * 100;
$op = $req->get('op');
$stat_id = 1;
$length = 15;
$transId = getToken($length);
//Log action:
$logFile = "transaction.log";
log_action("Logging USSD Request@" . date('Y-m-d h:i:s') . ">> Session id ({$sessionid}), MSISDN ({$actMsisdn})," . "UserData ({$userdata})\n", $logFile);
#$transId = db_query("select TRANSID_SEQ.NEXTVAL from dual");
#$log_req = "insert into top_request (transaction_id,act_msisdn,dest_msisdn,status_id,amt,operator) values (TRANSID_SEQ.NEXTVAL,'$actMsisdn','$destMsisdn','$amt','$op' )";
$log_req = "insert into top_request (transaction_id,act_msisdn,dest_msisdn,status_id,amt,operator,sessionid) values ('{$transId}','{$actMsisdn}','{$destMsisdn}',{$stat_id},'{$amt}','{$op}','{$sessionid}' )";
$sql = db_execute($log_req);
if ($sql) {
$response = array('response' => 'Transaction Successfull:', 'endofsession' => 'true', 'msisdn' => $msisdn);
#echo '{"success": ' . json_encode($sql) . '}';
} else {
$response = array('response' => 'Registration Failed:', 'endofsession' => 'true', 'msisdn' => $msisdn);
#echo '{"failure":{"text":'. Failed .'}}';
}
header('Content-Type: application/json');
echo json_encode($response);
}
function change_passwd($new_passwd1, $new_passwd2, $DEBUG = FALSE)
{
$PHP_SELF = $_SERVER['PHP_SELF'];
$session = session_id();
if (strlen($new_passwd1) == 0 || strlen($new_passwd2) == 0 || $new_passwd1 != $new_passwd2) {
echo _('user_passwd_error') . "<br>\n";
} else {
$passwd_md5 = md5($new_passwd1);
$sql1 = 'UPDATE conges_users SET u_passwd=\'' . $passwd_md5 . '\' WHERE u_login=\'' . $_SESSION['userlogin'] . '\' ';
$result = SQL::query($sql1);
if ($result) {
echo _('form_modif_ok') . " <br><br> \n";
} else {
echo _('form_mofif_not_ok') . "<br><br> \n";
}
}
$comment_log = 'changement Password';
log_action(0, '', $_SESSION['userlogin'], $comment_log, $DEBUG);
}
function procesaXmlV32($factura, &$resultado)
{
global $SITE_URL, $KEYS_DIR;
//,$CODIFICACION_UTF8,$DECODIFICACION_UTF8,$CODIFICACION_XML_UTF8, $DECODIFICACION_XML_UTF8;
$xml = "";
$resultado = array();
//version sat 3.2
$xml = domSATV32($factura);
if ($xml == null) {
log_action("ERROR GENERANDO XML ", 0);
return -1;
}
$codifxml = mb_detect_encoding($xml, 'UTF-8', true);
$cadenaOriginal = cadenaSATV3_2($xml);
//Version cfdi
$codifCadena = mb_detect_encoding($cadenaOriginal, 'UTF-8', true);
if ($codifxml != 'UTF-8' || $codifCadena != 'UTF-8') {
$msg = "codificacon utf8 invalida ";
log_action($msg);
$resultado['error'] = $msg;
return -1;
}
$resultado['cadena'] = $cadenaOriginal;
//SELLO
$facej = new Java('cc.lab.SignatureMgmt');
$pkeyfile = $SITE_URL . $KEYS_DIR . $factura->sello['llavedec'];
$sello = $facej->sign($cadenaOriginal, $pkeyfile);
log_action(print_r("*********************** S E L L O **********************", TRUE));
log_action($cadenaOriginal);
log_action(print_r($pkeyfile, TRUE));
if (!(strpos($sello, "ERROR") === false)) {
log_action("ERROR GENERANDO SELLO: " . $sello, 0);
$resultado['error'] = "ERROR GENERANDO SELLO: " . $sello;
return -1;
}
$xml = str_replace("%SELLO%", $sello, $xml);
$resultado['sello'] = $sello;
$XMLBODY = $xml;
$resultado['xmlutf8'] = $XMLBODY;
$resultado['xml'] = $xml;
return 0;
}
function SOAP_client($client_id, $cfdistring)
{
// URL del Webservice del PAC - viene de constantes.php
global $PAC_URL;
$client_id = 'MCO000823CK3';
// Crea objeto SoapClient
try {
$client = new SoapClient($PAC_URL, array('trace' => 1, 'connection_timeout' => 15));
} catch (Exception $e) {
log_action("Error creando SoapClient:" . $e->getMessage());
return 'exception error';
}
// Envia peticion de timbrado al PAC
try {
$params = array('client_id' => $client_id, 'cfdiString' => $cfdistring);
$resultado = $client->__soapCall('requestPacCertification', array('parameters' => $params));
} catch (Exception $e) {
log_action("Error creando accesando PAC 1:" . $e->getMessage());
echo "Error creando accesando PAC 1:";
sleep(10);
try {
$params = array('client_id' => $client_id, 'cfdiString' => $cfdistring);
$resultado = $client->__soapCall('requestPacCertification', array('parameters' => $params));
} catch (Exception $e) {
log_action("Error creando accesando PAC 2:" . $e->getMessage());
echo "Error creando accesando PAC 2:";
sleep(30);
try {
$params = array('client_id' => $client_id, 'cfdiString' => $cfdistring);
$resultado = $client->__soapCall('requestPacCertification', array('parameters' => $params));
} catch (Exception $e) {
log_action("Error creando accesando PAC 3:" . $e->getMessage());
echo "Error creando accesando PAC 3:";
return 'exception error';
}
}
}
// Regresa el XML de la factura de
$cfdi_xml = base64_decode($resultado->return);
return $cfdi_xml;
}
//Cobalt on the web: http://cobalt.jvroig.com
//******************************************************************
require 'path.php';
init_cobalt('Delete refstudent');
if (isset($_GET['student_id'])) {
$student_id = urldecode($_GET['student_id']);
require_once 'form_data_refstudent.php';
} elseif (xsrf_guard()) {
init_var($_POST['btn_cancel']);
init_var($_POST['btn_delete']);
require 'components/query_string_standard.php';
if ($_POST['btn_cancel']) {
log_action('Pressed cancel button', $_SERVER['PHP_SELF']);
redirect("listview_refstudent.php?{$query_string}");
} elseif ($_POST['btn_delete']) {
log_action('Pressed delete button', $_SERVER['PHP_SELF']);
require_once 'subclasses/refstudent.php';
$dbh_refstudent = new refstudent();
$object_name = 'dbh_refstudent';
require 'components/create_form_data.php';
$dbh_refstudent->del($arr_form_data);
redirect("listview_refstudent.php?{$query_string}");
}
}
require 'subclasses/refstudent_html.php';
$html = new refstudent_html();
$html->draw_header('Delete Refstudent', $message, $message_type);
$html->draw_listview_referrer_info($filter_field_used, $filter_used, $page_from, $filter_sort_asc, $filter_sort_desc);
$html->draw_hidden('student_id');
$html->detail_view = TRUE;
$html->draw_controls('delete');
function commit_modif($tab_new_values, $session, $DEBUG = FALSE)
{
$PHP_SELF = $_SERVER['PHP_SELF'];
if ($session == "") {
$URL = "{$PHP_SELF}";
} else {
$URL = "{$PHP_SELF}?session={$session}";
}
// update de la table
foreach ($tab_new_values as $nom_mail => $tab_mail) {
$subject = addslashes($tab_mail['subject']);
$body = addslashes($tab_mail['body']);
$req_update = 'UPDATE conges_mail SET mail_subject=\'' . $subject . '\', mail_body=\'' . $body . '\' WHERE mail_nom=\'' . SQL::quote($nom_mail) . '\' ';
$result1 = SQL::query($req_update);
}
echo "<span class = \"messages\">" . _('form_modif_ok') . "</span><br>";
$comment_log = "configuration des mails d\\'alerte";
log_action(0, "", "", $comment_log, $DEBUG);
if ($DEBUG) {
echo "<a href=\"{$URL}\" method=\"POST\">" . _('form_retour') . "</a><br>\n";
} else {
echo "<META HTTP-EQUIV=REFRESH CONTENT=\"2; URL={$URL}\">";
}
}
$target_file = basename($_FILES['file_upload']['name']);
$upload_dir = SITE_ROOT . DS . "uploads";
$path_filenme = $upload_dir . "/" . $target_file;
chmod($upload_dir, 0777);
chmod($path_filenme, 0777);
chmod($tmp_file, 0777);
// You will probably want to first use file_exists() to make sure
// there isn't already a file by the same name.
// move_uploaded_file will return false if $tmp_file is not a valid upload file
// or if it cannot be moved for any other reason
if (move_uploaded_file($tmp_file, $upload_dir . "/" . $target_file)) {
log_action('Upload file success', "{$_SESSION['username']} uploaded file {$path_filenme} " . $temp_file . " - " . $target_file);
$message = "File uploaded successfully.";
chmod($path_filenme, 0777);
} else {
log_action('Upload file error', "{$_SESSION['username']} uploaded file {$path_filenme} " . $temp_file . " - " . $target_file);
$error = $_FILES['file_upload']['error'];
$message = $upload_errors[$error];
}
}
?>
<?php
// The maximum file size (in bytes) must be declared before the file input field
// and can't be larger than the setting for upload_max_filesize in php.ini.
//
// This form value can be manipulated. You should still use it, but you rely
// on upload_max_filesize as the absolute limit.
//
// Think of it as a polite declaration: "Hey PHP, here comes a file less than X..."
<?php
//******************************************************************
//This file was generated by Cobalt, a rapid application development
//framework developed by JV Roig (jvroig@jvroig.com).
//
//Cobalt on the web: http://cobalt.jvroig.com
//******************************************************************
require 'path.php';
init_cobalt('View eval dtl');
if (isset($_GET['id'])) {
$id = urldecode($_GET['id']);
require 'form_data_eval_dtl.php';
} elseif (xsrf_guard()) {
init_var($_POST['btn_back']);
if ($_POST['btn_back']) {
log_action('Pressed cancel button', $_SERVER['PHP_SELF']);
require 'components/query_string_standard.php';
redirect("listview_eval_dtl.php?{$query_string}");
}
}
require 'subclasses/eval_dtl_html.php';
$html = new eval_dtl_html();
$html->draw_header('Detail View: Eval Dtl', $message, $message_type);
$html->draw_listview_referrer_info($filter_field_used, $filter_used, $page_from, $filter_sort_asc, $filter_sort_desc);
$html->detail_view = TRUE;
$html->draw_controls('view');
$html->draw_footer();
//****************************************************************************************
require 'path.php';
init_cobalt('View sub doc');
if (xsrf_guard()) {
init_var($_POST['btn_cancel']);
init_var($_POST['btn_submit']);
if ($_POST['btn_cancel']) {
log_action('Pressed cancel button');
redirect("listview_sub_doc.php");
}
if ($_POST['btn_submit']) {
log_action('Pressed submit button');
require 'subclasses/sub_doc.php';
$dbh_sub_doc = new sub_doc();
if ($message == "") {
log_action('Exported table data to CSV');
$timestamp = date('Y-m-d');
$token = generate_token(0, 'fs');
$csv_name = $token . $_SESSION['user'] . '_sub_doc_' . $timestamp . '.csv';
$filename = TMP_DIRECTORY . '/' . $csv_name;
$csv_contents = $dbh_sub_doc->export_to_csv();
$csv_file = fopen($filename, "wb");
fwrite($csv_file, $csv_contents);
fclose($csv_file);
chmod($filename, 0755);
$csv_name = urlencode($csv_name);
$message = 'CSV file successfully generated: <a href="/' . BASE_DIRECTORY . '/download_generic.php?filename=' . $csv_name . '">Download the CSV file.</a>';
$message_type = 'system';
}
}
}
//******************************************************************
require 'path.php';
init_cobalt('View accomplishment');
if (xsrf_guard()) {
init_var($_POST['btn_cancel']);
init_var($_POST['btn_submit']);
if ($_POST['btn_cancel']) {
log_action('Pressed cancel button', $_SERVER['PHP_SELF']);
redirect("listview_accomplishment.php");
}
if ($_POST['btn_submit']) {
log_action('Pressed submit button', $_SERVER['PHP_SELF']);
require 'subclasses/accomplishment.php';
$dbh_accomplishment = new accomplishment();
if ($message == "") {
log_action("Exported table data to CSV", $_SERVER['PHP_SELF']);
$timestamp = date('Y-m-d');
$token = generate_token(0, 'fs');
$csv_name = $token . $_SESSION['user'] . '_accomplishment_' . $timestamp . '.csv';
$filename = TMP_DIRECTORY . '/' . $csv_name;
$csv_contents = $dbh_accomplishment->export_to_csv();
$csv_file = fopen($filename, "wb");
fwrite($csv_file, $csv_contents);
fclose($csv_file);
chmod($filename, 0755);
$csv_name = urlencode($csv_name);
$message = 'CSV file successfully generated: <a href="/' . BASE_DIRECTORY . '/download_generic.php?filename=' . $csv_name . '">Download the CSV file.</a>';
$message_type = 'system';
}
}
}
function commit_vider_table_logs($session, $DEBUG = FALSE)
{
//$DEBUG=TRUE;
$PHP_SELF = $_SERVER['PHP_SELF'];
$sql_delete = "TRUNCATE TABLE conges_logs ";
$ReqLog_delete = SQL::query($sql_delete);
// ecriture de cette action dans les logs
$comment_log = "effacement des logs de php_conges ";
log_action(0, "", "", $comment_log, $DEBUG);
echo "<span class = \"messages\">" . _('form_modif_ok') . "</span><br>";
if ($session == "") {
redirect(ROOT_PATH . 'config/config_logs.php');
} else {
redirect(ROOT_PATH . 'config/config_logs.php?session=' . $session);
}
}
<?php
require_once '../../includes/initialize.php';
if (!$session->is_logged_in()) {
redirect_to('login.php');
}
include_once '../layouts/admin-header.php';
$logfile = SITE_ROOT . DS . 'logs' . DS . 'log.txt';
if (!empty($_GET['clear']) == 'true') {
file_put_contents($logfile, '');
/** Add the first log entry */
log_action('Logs cleared', "by User ID {$session->user_id}");
/** redirect tp this same page so that the URL won't have "clear=true" anymore */
redirect_to('logfile.php');
}
?>
<a href="index.php">« Back</a>
<h2>Log File</h2>
<p><a href="logfile.php?clear=true">Clear log file</a></p>
<?php
if (file_exists($logfile) && is_readable($logfile) && ($handle = fopen($logfile, 'r'))) {
/** read */
echo "<ul class='side-nav'>";
while (!feof($handle)) {
$entry = fgets($handle);
if (trim($entry) != "") {
echo "<li>{$entry}</li>";
}
}
echo "</ul>";
fclose($handle);
function ajout_global_groupe($choix_groupe, $tab_new_nb_conges_all, $tab_calcul_proportionnel, $tab_new_comment_all, $DEBUG = FALSE)
{
$PHP_SELF = $_SERVER['PHP_SELF'];
$session = session_id();
// recup de la liste des users d'un groupe donné
$list_users = get_list_users_du_groupe($choix_groupe, $DEBUG);
foreach ($tab_new_nb_conges_all as $id_conges => $nb_jours) {
if ($nb_jours != 0) {
$comment = $tab_new_comment_all[$id_conges];
$sql1 = "SELECT u_login, u_quotite FROM conges_users WHERE u_login IN ({$list_users}) ORDER BY u_login ";
$ReqLog1 = SQL::query($sql1);
while ($resultat1 = $ReqLog1->fetch_array()) {
$current_login = $resultat1["u_login"];
$current_quotite = $resultat1["u_quotite"];
if (!isset($tab_calcul_proportionnel[$id_conges]) || $tab_calcul_proportionnel[$id_conges] != TRUE) {
$nb_conges = $nb_jours;
} else {
// pour arrondir au 1/2 le + proche on fait x 2, on arrondit, puis on divise par 2
$nb_conges = ROUND($nb_jours * ($current_quotite / 100) * 2) / 2;
}
$valid = verif_saisie_decimal($nb_conges, $DEBUG);
if ($valid) {
// 1 : on update conges_solde_user
$req_update = 'UPDATE conges_solde_user SET su_solde = su_solde+ ' . intval($nb_conges) . '
WHERE su_login = \'' . SQL::quote($current_login) . '\' AND su_abs_id = ' . intval($id_conges) . ';';
$ReqLog_update = SQL::query($req_update);
// 2 : on insert l'ajout de conges dans la table periode
// recup du nom du groupe
$groupename = get_group_name_from_id($choix_groupe, $DEBUG);
$commentaire = _('resp_ajout_conges_comment_periode_groupe') . " {$groupename}";
// ajout conges
insert_ajout_dans_periode($DEBUG, $current_login, $nb_conges, $id_conges, $commentaire);
}
}
$group_name = get_group_name_from_id($choix_groupe, $DEBUG);
if (!isset($tab_calcul_proportionnel[$id_conges]) || $tab_calcul_proportionnel[$id_conges] != TRUE) {
$comment_log = "ajout conges pour groupe {$group_name} ({$nb_jours} jour(s)) ({$comment}) (calcul proportionnel : No)";
} else {
$comment_log = "ajout conges pour groupe {$group_name} ({$nb_jours} jour(s)) ({$comment}) (calcul proportionnel : Yes)";
}
log_action(0, "ajout", "groupe", $comment_log, $DEBUG);
}
}
}
message("Bestätigung", '
<form name="theform" method="post" action="' . build_link("postops.php") . '">
Möchten Sie diesen Post wirklich löschen?<br><br>
<input type="hidden" name="do_delete" value="1">
<input type="hidden" name="action" value="delete">
<input type="hidden" name="post[postid]" value="' . $post['postid'] . '">
<input class="tbbutton" type="submit" name="Submit" value="Löschen >>">
</form>');
}
} else {
// re-get $post
$post = $HTTP_POST_VARS['post'];
if (!($post['postid'] = intval($post['postid']))) {
exit('nix da');
}
// decrease thread reply count
thwb_query("UPDATE " . $pref . "thread SET threadreplies=threadreplies-1 WHERE threadid={$thread['threadid']}");
// decrease board post count
thwb_query("UPDATE " . $pref . "board SET boardposts=boardposts-1 WHERE boardid={$board['boardid']}");
// remove post
thwb_query("DELETE FROM " . $pref . "post WHERE postid={$post['postid']}");
// display stuff
updatethread($thread['threadid']);
updateboard($board['boardid']);
log_action('delete post');
message("Post wurde gelöscht", "Post wurde gelöscht.<br><a href=\"" . build_link("showtopic.php?thread[threadid]={$thread['threadid']}") . "\">Zurück zum Thread</a>");
}
} else {
message("Fehler", "Sie haben keine Erlaubnis diesen Post zu löschen");
}
}
<?php
require 'path.php';
init_cobalt('ALLOW_ALL', FALSE);
//Create a log entry that user logged out.
log_action('Logged out', $_SERVER['PHP_SELF']);
/********** Start of session cleanup. **********/
//First, unset all session variables.
$_SESSION = array();
//Second, delete the session cookie.
if (isset($_COOKIE[session_name()])) {
setcookie(session_name(), "", time() - 86400);
}
//Third and last step, destroy the session.
session_destroy();
/********** End of session cleanup. **********/
redirect('index.php');
if (isset($_GET['clear']) && $_GET['clear'] == 'true') {
// This works OK..
// U R repeating urself here....
// if (file_exists($file) && is_readable($file)) {
// if ($handle = fopen($file, 'w')) {
// $content = "Logs were cleared...\n";
// fwrite($handle, $content);
// fclose($handle);
// } else {
// echo "file could not be accessed..";
// }
// Smaller --DRY-- way
// reset the logfile.
file_put_contents($file, "");
// Add the first log file enrty
log_action("Logs Cleared", "by {$session->username}");
// redirect the same page, so url won't have
// "clear=true" query anymore..
redirect_to('logfile.php');
}
?>
<?php
include '../layouts/admin_header.php';
?>
<div class="navbar navbar-inverse navbar-fixed-top">
<div class="container">
<p><a class="navbar-brand text-muted" href="index.php">Photo Gallery: Admin</a></p>
<div>
<ul class="nav navbar-nav navbar-right">
<li><a href="admin/index.php">Home</a></li>
function insert_dans_periode($login, $date_deb, $demi_jour_deb, $date_fin, $demi_jour_fin, $nb_jours, $commentaire, $id_type_abs, $etat, $id_fermeture)
{
// Récupération du + grand p_num (+ grand numero identifiant de conges)
$sql1 = "SELECT max(p_num) FROM conges_periode";
$ReqLog1 = \includes\SQL::query($sql1);
if ($num_new_demande = $ReqLog1->fetch_row()) {
$num_new_demande = $num_new_demande[0] + 1;
} else {
$num_new_demande = 1;
}
$sql2 = "INSERT INTO conges_periode SET p_login='******',p_date_deb='{$date_deb}', p_demi_jour_deb='{$demi_jour_deb}',p_date_fin='{$date_fin}', p_demi_jour_fin='{$demi_jour_fin}', p_nb_jours='{$nb_jours}', p_commentaire='{$commentaire}', p_type='{$id_type_abs}', p_etat='{$etat}', ";
if ($id_fermeture != 0) {
$sql2 = $sql2 . " p_fermeture_id='{$id_fermeture}' ,";
}
if ($etat == "demande") {
$sql2 = $sql2 . " p_date_demande=NOW() ,";
} else {
$sql2 = $sql2 . " p_date_traitement=NOW() ,";
}
$sql2 = $sql2 . " p_num='{$num_new_demande}' ";
$result = \includes\SQL::query($sql2);
if ($id_fermeture != 0) {
$comment_log = "saisie de fermeture num {$num_new_demande} (type {$id_type_abs}) pour {$login} ({$nb_jours} jours) (de {$date_deb} {$demi_jour_deb} à {$date_fin} {$demi_jour_fin})";
} elseif ($etat == "demande") {
$comment_log = "demande de conges num {$num_new_demande} (type {$id_type_abs}) pour {$login} ({$nb_jours} jours) (de {$date_deb} {$demi_jour_deb} à {$date_fin} {$demi_jour_fin})";
} else {
$comment_log = "saisie de conges num {$num_new_demande} (type {$id_type_abs}) pour {$login} ({$nb_jours} jours) (de {$date_deb} {$demi_jour_deb} à {$date_fin} {$demi_jour_fin})";
}
log_action($num_new_demande, $etat, $login, $comment_log);
if ($result) {
return $num_new_demande;
} else {
return 0;
}
}
<?php
require_once "../../includes/initialize.php";
if ($session->is_logged_in()) {
redirect_to("index.php");
}
// Remember to give your form's submit tag a name="submit" attribute!
if (isset($_POST['submit'])) {
// Form has been submitted.
$username = trim($_POST['username']);
$password = trim($_POST['password']);
// Check database to see if username/password exist.
$found_user = User::authenticate($username, $password);
if ($found_user) {
$session->login($found_user);
log_action('Login', "{$found_user->username} logged in.");
redirect_to("index.php");
} else {
// username/password combo was not found in the database
$message = "Username/password combination incorrect.";
}
} else {
// Form has not been submitted.
$username = "";
$password = "";
$message = "";
}
include_layout_template('header.php');
?>
<div id="form">
<h2>Login</h2>
function stmt_execute($log = TRUE)
{
$this->stmt->execute() or error_handler('Database error. ', $this->stmt->error);
if ($this->query_type == "SELECT") {
$this->stmt->store_result();
$this->error = $this->stmt->error;
$this->num_rows = $this->stmt->num_rows;
$log = LOG_SELECT_QUERIES;
} elseif ($this->query_type == "INSERT") {
$this->auto_id = $this->stmt->insert_id;
$this->error = $this->stmt->error;
} else {
$this->affected_rows = $this->mysqli->affected_rows;
}
if ($log) {
log_action('Query Executed: ' . $this->query . "\r\n" . print_r($this->stmt_bind_args, TRUE));
}
return $this;
}
//****************************************************************************************
require 'path.php';
init_cobalt('Delete department');
if (isset($_GET['department_id'])) {
$department_id = urldecode($_GET['department_id']);
require_once 'form_data_department.php';
}
if (xsrf_guard()) {
init_var($_POST['btn_cancel']);
init_var($_POST['btn_delete']);
require 'components/query_string_standard.php';
if ($_POST['btn_cancel']) {
log_action('Pressed cancel button');
redirect("listview_department.php?{$query_string}");
} elseif ($_POST['btn_delete']) {
log_action('Pressed delete button');
require_once 'subclasses/department.php';
$dbh_department = new department();
$object_name = 'dbh_department';
require 'components/create_form_data.php';
$dbh_department->delete($arr_form_data);
redirect("listview_department.php?{$query_string}");
}
}
require 'subclasses/department_html.php';
$html = new department_html();
$html->draw_header('Delete Department', $message, $message_type);
$html->draw_listview_referrer_info($filter_field_used, $filter_used, $page_from, $filter_sort_asc, $filter_sort_desc);
$html->draw_hidden('department_id');
$html->detail_view = TRUE;
$html->draw_controls('delete');
function ajout_user(&$tab_new_user, $tab_checkbox_sem_imp, $tab_checkbox_sem_p, &$tab_new_jours_an, &$tab_new_solde, $checkbox_user_groups, $DEBUG = FALSE)
{
$PHP_SELF = $_SERVER['PHP_SELF'];
$session = session_id();
if ($DEBUG) {
echo "tab_new_jours_an = ";
print_r($tab_new_jours_an);
echo "<br>\n";
echo "tab_new_solde = ";
print_r($tab_new_solde);
echo "<br>\n";
}
// si pas d'erreur de saisie :
if (verif_new_param($tab_new_user, $tab_new_jours_an, $tab_new_solde, $DEBUG) == 0) {
echo $tab_new_user['login'] . "---" . $tab_new_user['nom'] . "---" . $tab_new_user['prenom'] . "---" . $tab_new_user['quotite'] . "\n";
echo "---" . $tab_new_user['is_resp'] . "---" . $tab_new_user['resp_login'] . "---" . $tab_new_user['is_admin'] . "---" . $tab_new_user['is_hr'] . "---" . $tab_new_user['see_all'] . "---" . $tab_new_user['email'] . "<br>\n";
foreach ($tab_new_jours_an as $id_cong => $jours_an) {
echo $tab_new_jours_an[$id_cong] . "---" . $tab_new_solde[$id_cong] . "<br>\n";
}
$new_date_deb_grille = $tab_new_user['new_year'] . "-" . $tab_new_user['new_mois'] . "-" . $tab_new_user['new_jour'];
echo "{$new_date_deb_grille}<br>\n";
/*****************************/
/* INSERT dans conges_users */
if ($_SESSION['config']['how_to_connect_user'] == "dbconges") {
$motdepasse = md5($tab_new_user['password1']);
} else {
$motdepasse = "none";
}
$sql1 = "INSERT INTO conges_users SET ";
$sql1 = $sql1 . "u_login='******'login'] . "', ";
$sql1 = $sql1 . "u_nom='" . addslashes($tab_new_user['nom']) . "', ";
$sql1 = $sql1 . "u_prenom='" . addslashes($tab_new_user['prenom']) . "', ";
$sql1 = $sql1 . "u_is_resp='" . $tab_new_user['is_resp'] . "', ";
if ($tab_new_user['resp_login'] == 'no_resp') {
$sql1 = $sql1 . "u_resp_login= NULL , ";
} else {
$sql1 = $sql1 . "u_resp_login='******'resp_login'] . "', ";
}
$sql1 = $sql1 . "u_is_admin='" . $tab_new_user['is_admin'] . "', ";
$sql1 = $sql1 . "u_is_hr='" . $tab_new_user['is_hr'] . "', ";
$sql1 = $sql1 . "u_see_all='" . $tab_new_user['see_all'] . "', ";
$sql1 = $sql1 . "u_passwd='{$motdepasse}', ";
$sql1 = $sql1 . "u_quotite=" . $tab_new_user['quotite'] . ",";
$sql1 = $sql1 . " u_email='" . $tab_new_user['email'] . "' ";
$result1 = SQL::query($sql1);
/**********************************/
/* INSERT dans conges_solde_user */
foreach ($tab_new_jours_an as $id_cong => $jours_an) {
$sql3 = "INSERT INTO conges_solde_user (su_login, su_abs_id, su_nb_an, su_solde, su_reliquat) ";
$sql3 = $sql3 . "VALUES ('" . $tab_new_user['login'] . "' , {$id_cong}, " . $tab_new_jours_an[$id_cong] . ", " . $tab_new_solde[$id_cong] . ", 0) ";
$result3 = SQL::query($sql3);
}
/*****************************/
/* INSERT dans conges_artt */
$list_colums_to_insert = "a_login";
$list_values_to_insert = "'" . $tab_new_user['login'] . "'";
// on parcours le tableau des jours d'absence semaine impaire
if ($tab_checkbox_sem_imp != "") {
while (list($key, $val) = each($tab_checkbox_sem_imp)) {
//echo "$key => $val<br>\n";
$list_colums_to_insert = "{$list_colums_to_insert}, {$key}";
$list_values_to_insert = "{$list_values_to_insert}, '{$val}'";
}
}
if ($tab_checkbox_sem_p != "") {
while (list($key, $val) = each($tab_checkbox_sem_p)) {
//echo "$key => $val<br>\n";
$list_colums_to_insert = "{$list_colums_to_insert}, {$key}";
$list_values_to_insert = "{$list_values_to_insert}, '{$val}'";
}
}
$sql2 = "INSERT INTO conges_artt ({$list_colums_to_insert}, a_date_debut_grille) VALUES ({$list_values_to_insert}, '{$new_date_deb_grille}')";
$result2 = SQL::query($sql2);
/***********************************/
/* ajout du user dans ses groupes */
$result4 = TRUE;
if ($_SESSION['config']['gestion_groupes'] && $checkbox_user_groups != "") {
$result4 = commit_modif_user_groups($tab_new_user['login'], $checkbox_user_groups, $DEBUG);
}
/*****************************/
if ($result1 && $result2 && $result3 && $result4) {
echo _('form_modif_ok') . "<br><br> \n";
} else {
echo _('form_modif_not_ok') . "<br><br> \n";
}
$comment_log = "ajout_user : "******" / " . addslashes($tab_new_user['nom']) . " " . addslashes($tab_new_user['prenom']) . " (" . $tab_new_user['quotite'] . " %)";
log_action(0, "", $tab_new_user['login'], $comment_log, $DEBUG);
/* APPEL D'UNE AUTRE PAGE */
echo " <form action=\"{$PHP_SELF}?session={$session}&onglet=admin-users\" method=\"POST\"> \n";
echo "<input type=\"submit\" value=\"" . _('form_retour') . "\">\n";
echo " </form> \n";
}
}
require 'form_data_industrysector.php';
} elseif (xsrf_guard()) {
init_var($_POST['btn_cancel']);
init_var($_POST['btn_submit']);
require 'components/query_string_standard.php';
require 'subclasses/industrysector.php';
$dbh_industrysector = new industrysector();
$object_name = 'dbh_industrysector';
require 'components/create_form_data.php';
extract($arr_form_data);
if ($_POST['btn_cancel']) {
log_action('Pressed cancel button', $_SERVER['PHP_SELF']);
redirect("listview_industrysector.php?{$query_string}");
}
if ($_POST['btn_submit']) {
log_action('Pressed submit button', $_SERVER['PHP_SELF']);
$message .= $dbh_industrysector->sanitize($arr_form_data)->lst_error;
extract($arr_form_data);
if ($dbh_industrysector->check_uniqueness_for_editing($arr_form_data)->is_unique) {
//Good, no duplicate in database
} else {
$message = "Record already exists with the same primary identifiers!";
}
if ($message == "") {
$dbh_industrysector->edit($arr_form_data);
redirect("listview_industrysector.php?{$query_string}");
}
}
}
require 'subclasses/industrysector_html.php';
$html = new industrysector_html();
$IPAddressOptions = $_GET['IPAddressOptions'];
$TimeStart = $_GET['TimeStart'];
$TimeEnd = $_GET['TimeEnd'];
$Username = $_GET['Username'];
$Module = $_GET['Module'];
$Keyword = $_GET['Keyword'];
$IPAddress = $_GET['IPAddress'];
if (isset($_GET['current_page'])) {
$current_page = $_GET['current_page'];
}
$CREATE_FILTERS = TRUE;
}
if (xsrf_guard()) {
init_var($_POST['btn_cancel']);
if ($_POST['btn_cancel']) {
log_action("Pressed cancel button", $_SERVER['PHP_SELF']);
echo "<script>window.close()</script>";
}
if (isset($_POST['start'])) {
$start = $_POST['start'];
}
$DateTimeOptions = $_POST['DateTimeOptions'];
$UserOptions = $_POST['UserOptions'];
$ModuleOptions = $_POST['ModuleOptions'];
$KeywordSearch = $_POST['KeywordSearch'];
$IPAddressOptions = $_POST['IPAddressOptions'];
$TimeStart = $_POST['TimeStart'];
$TimeEnd = $_POST['TimeEnd'];
$Username = $_POST['Username'];
$Module = $_POST['Module'];
$Keyword = $_POST['Keyword'];
<?php
//******************************************************************
//This file was generated by Cobalt, a rapid application development
//framework developed by JV Roig (jvroig@jvroig.com).
//
//Cobalt on the web: http://cobalt.jvroig.com
//******************************************************************
require 'path.php';
init_cobalt('View user passport groups');
if (isset($_GET['passport_group_id'])) {
$passport_group_id = urldecode($_GET['passport_group_id']);
require 'form_data_user_passport_groups.php';
}
if (xsrf_guard()) {
init_var($_POST['btn_back']);
if ($_POST['btn_back']) {
log_action('Pressed cancel button');
require 'components/query_string_standard.php';
redirect("listview_user_passport_groups.php?{$query_string}");
}
}
require 'subclasses/user_passport_groups_html.php';
$html = new user_passport_groups_html();
$html->draw_header('Detail View: User Passport Groups', $message, $message_type);
$html->draw_listview_referrer_info($filter_field_used, $filter_used, $page_from, $filter_sort_asc, $filter_sort_desc);
$html->detail_view = TRUE;
$html->draw_controls('view');
$html->draw_footer();
function commit_update($u_login_to_update, &$tab_new_user, &$tab_new_jours_an, &$tab_new_solde, &$tab_new_reliquat, $tab_checkbox_sem_imp, $tab_checkbox_sem_p, $DEBUG = FALSE)
{
//$DEBUG=TRUE;
$PHP_SELF = $_SERVER['PHP_SELF'];
$session = session_id();
$result = TRUE;
// recup du tableau des types de conges (seulement les conges)
$tab_type_conges = recup_tableau_types_conges($DEBUG);
$tab_type_conges_excep = array();
if ($_SESSION['config']['gestion_conges_exceptionnels']) {
$tab_type_conges_excep = recup_tableau_types_conges_exceptionnels($DEBUG);
}
if ($DEBUG) {
echo "tab_new_jours_an = <br>\n";
print_r($tab_new_jours_an);
echo "<br>\n";
echo "tab_new_solde = <br>\n";
print_r($tab_new_solde);
echo "<br>\n";
echo "tab_new_reliquat = <br>\n";
print_r($tab_new_reliquat);
echo "<br>\n";
echo "tab_type_conges = <br>\n";
print_r($tab_type_conges);
echo "<br>\n";
echo "tab_type_conges_excep = <br>\n";
print_r($tab_type_conges_excep);
echo "<br>\n";
}
echo "{$u_login_to_update}---" . $tab_new_user['nom'] . "---" . $tab_new_user['prenom'] . "---" . $tab_new_user['quotite'] . "---" . $tab_new_user['is_resp'] . "---" . $tab_new_user['resp_login'] . "---" . $tab_new_user['is_admin'] . "---" . $tab_new_user['is_hr'] . "---" . $tab_new_user['is_active'] . "---" . $tab_new_user['see_all'] . "---" . $tab_new_user['email'] . "---" . $tab_new_user['login'] . "<br>\n";
$valid_1 = TRUE;
$valid_2 = TRUE;
$valid_3 = TRUE;
$valid_reliquat = TRUE;
// verification de la validite de la saisie du nombre de jours annuels et du solde pour chaque type de conges
foreach ($tab_type_conges as $id_conges => $libelle) {
$valid_1 = $valid_1 && verif_saisie_decimal($tab_new_jours_an[$id_conges], $DEBUG);
//verif la bonne saisie du nombre d?cimal
$valid_2 = $valid_2 && verif_saisie_decimal($tab_new_solde[$id_conges], $DEBUG);
//verif la bonne saisie du nombre d?cimal
$valid_reliquat = $valid_reliquat && verif_saisie_decimal($tab_new_reliquat[$id_conges], $DEBUG);
//verif la bonne saisie du nombre d?cimal
}
// si l'application gere les conges exceptionnels ET si des types de conges exceptionnels ont été définis
if ($_SESSION['config']['gestion_conges_exceptionnels'] && count($tab_type_conges_excep) > 0) {
$valid_3 = TRUE;
// vérification de la validité de la saisie du nombre de jours annuels et du solde pour chaque type de conges exceptionnels
foreach ($tab_type_conges_excep as $id_conges => $libelle) {
$valid_3 = $valid_3 && verif_saisie_decimal($tab_new_solde[$id_conges], $DEBUG);
//verif la bonne saisie du nombre décimal
}
} else {
$valid_3 = TRUE;
}
if ($DEBUG) {
echo "valid_1 = {$valid_1} // valid_2 = {$valid_2} // valid_3 = {$valid_3} // valid_reliquat = {$valid_reliquat} <br>\n";
}
// si aucune erreur de saisie n'a ete commise
if ($valid_1 && $valid_2 && $valid_3 && $valid_reliquat) {
// UPDATE de la table conges_users
$sql = 'UPDATE conges_users SET u_nom=\'' . SQL::quote($tab_new_user['nom']) . '\', u_prenom=\'' . SQL::quote($tab_new_user['prenom']) . '\', u_is_resp=\'' . SQL::quote($tab_new_user['is_resp']) . '\', u_resp_login=\'' . SQL::quote($tab_new_user['resp_login']) . '\',u_is_admin=\'' . SQL::quote($tab_new_user['is_admin']) . '\',u_is_hr=\'' . SQL::quote($tab_new_user['is_hr']) . '\',u_is_active=\'' . SQL::quote($tab_new_user['is_active']) . '\',u_see_all=\'' . SQL::quote($tab_new_user['see_all']) . '\',u_login=\'' . SQL::quote($tab_new_user['login']) . '\',u_quotite=\'' . SQL::quote($tab_new_user['quotite']) . '\',u_email=\'' . SQL::quote($tab_new_user['email']) . '\' WHERE u_login=\'' . SQL::quote($u_login_to_update) . '\'';
SQL::query($sql);
/*************************************/
/* Mise a jour de la table conges_solde_user */
foreach ($tab_type_conges as $id_conges => $libelle) {
$sql = 'REPLACE INTO conges_solde_user SET su_nb_an=\'' . strtr(round_to_half($tab_new_jours_an[$id_conges]), ",", ".") . '\',su_solde=\'' . strtr(round_to_half($tab_new_solde[$id_conges]), ",", ".") . '\',su_reliquat=\'' . strtr(round_to_half($tab_new_reliquat[$id_conges]), ",", ".") . '\',su_login=\'' . SQL::quote($u_login_to_update) . '\',su_abs_id=' . intval($id_conges) . ';';
echo $sql;
SQL::query($sql);
}
if ($_SESSION['config']['gestion_conges_exceptionnels']) {
foreach ($tab_type_conges_excep as $id_conges => $libelle) {
$sql = 'REPLACE INTO conges_solde_user SET su_nb_an=0, su_solde=\'' . strtr(round_to_half($tab_new_solde[$id_conges]), ",", ".") . '\', su_reliquat=\'' . strtr(round_to_half($tab_new_reliquat[$id_conges]), ",", ".") . '\', su_login=\'' . SQL::quote($u_login_to_update) . '\', su_abs_id=' . intval($id_conges) . ';';
echo $sql;
SQL::query($sql);
}
}
/*************************************/
/* Mise a jour de la table artt si besoin : */
$tab_grille_rtt_actuelle = get_current_grille_rtt($u_login_to_update, $DEBUG);
$tab_new_grille_rtt = tab_grille_rtt_from_checkbox($tab_checkbox_sem_imp, $tab_checkbox_sem_p, $DEBUG);
if ($tab_grille_rtt_actuelle != $tab_new_grille_rtt) {
/* if($tab_grille_rtt_actuelle==$tab_new_grille_rtt)
{
// on ne touche pas à la table artt
}
else
{
*/
$new_date_deb_grille = $tab_new_user['year'] . "-" . $tab_new_user['mois'] . "-" . $tab_new_user['jour'];
/****************************/
/*** phase 1 : ***/
// si la derniere grille est ancienne, on l'update (on update la date de fin de grille)
// sinon, si la derniere grille date d'aujourd'hui, on la supprime
// on regarde si la grille artt a deja été modifiée aujourd'hui :
$sql = 'SELECT a_date_fin_grille FROM conges_artt
WHERE a_login=\'' . SQL::quote($u_login_to_update) . '\' AND a_date_debut_grille=\'' . SQL::quote($new_date_deb_grille) . '\';';
$result_grille = SQL::query($sql);
$count_grille = $result_grille->num_rows;
if ($count_grille == 0) {
// date de fin de la grille précedent :
// $new_date_fin_grille = $new_date_deb_grille -1 jour !
$new_jour_num = (int) $tab_new_user['jour'];
$new_mois_num = (int) $tab_new_user['mois'];
$new_year_num = (int) $tab_new_user['year'];
$new_date_fin_grille = date("Y-m-d", mktime(0, 0, 0, $new_mois_num, $new_jour_num - 1, $new_year_num));
// int mktime(int hour, int minute, int second, int month, int day, int year )
// UPDATE de la table conges_artt
// en fait, on update la dernière grille (on update la date de fin de grille), et on ajoute une nouvelle
// grille (avec sa date de début de grille)
// on update la dernière grille (on update la date de fin de grille)
$sql = 'UPDATE conges_artt SET a_date_fin_grille=\'' . SQL::quote($new_date_fin_grille) . '\' WHERE a_login=\'' . SQL::quote($u_login_to_update) . '\' AND a_date_fin_grille=\'9999-12-31\' ';
SQL::query($sql);
} else {
$sql = 'DELETE FROM conges_artt WHERE a_login=\'' . SQL::quote($u_login_to_update) . '\' AND a_date_debut_grille=\'' . SQL::quote($new_date_deb_grille);
SQL::query($sql);
}
/****************************/
/*** phase 2 : ***/
// on Insert la nouvelle grille (celle qui commence aujourd'hui)
// on met à 'Y' les demi-journées de rtt (et seulement celles là)
$list_columns = "";
$list_valeurs = "";
$i = 0;
if ($tab_checkbox_sem_imp != "") {
while (list($key, $val) = each($tab_checkbox_sem_imp)) {
if ($i != 0) {
$list_columns = $list_columns . ", ";
$list_valeurs = $list_valeurs . ", ";
}
$list_columns = $list_columns . " {$key} ";
$list_valeurs = $list_valeurs . " '{$val}' ";
$i = $i + 1;
}
}
if ($tab_checkbox_sem_p != "") {
while (list($key, $val) = each($tab_checkbox_sem_p)) {
if ($i != 0) {
$list_columns = $list_columns . ", ";
$list_valeurs = $list_valeurs . ", ";
}
$list_columns = $list_columns . " {$key} ";
$list_valeurs = $list_valeurs . " '{$val}' ";
$i = $i + 1;
}
}
if ($list_columns != "" && $list_valeurs != "") {
$sql = "INSERT INTO conges_artt (a_login, {$list_columns}, a_date_debut_grille ) VALUES ('{$u_login_to_update}', {$list_valeurs}, '{$new_date_deb_grille}') ";
SQL::query($sql);
}
}
// Si changement du login, (on a dèja updaté la table users (mais pas les responsables !!!)) on update toutes les autres tables
// (les grilles artt, les periodes de conges et les échanges de rtt, etc ....) avec le nouveau login
if ($tab_new_user['login'] != $u_login_to_update) {
// update table artt
$sql = 'UPDATE conges_artt SET a_login=\'' . SQL::quote($tab_new_user['login']) . '\' WHERE a_login=\'' . SQL::quote($u_login_to_update) . '\' ';
SQL::query($sql);
// update table echange_rtt
$sql = 'UPDATE conges_echange_rtt SET e_login=\'' . SQL::quote($tab_new_user['login']) . '\' WHERE e_login=\'' . SQL::quote($u_login_to_update) . '\' ';
SQL::query($sql);
// update table edition_papier
$sql = 'UPDATE conges_edition_papier SET ep_login=\'' . SQL::quote($tab_new_user['login']) . '\' WHERE ep_login=\'' . SQL::quote($u_login_to_update) . '\' ';
SQL::query($sql);
// update table groupe_grd_resp
$sql = 'UPDATE conges_groupe_grd_resp SET ggr_login=\'' . SQL::quote($tab_new_user['login']) . '\' WHERE ggr_login=\'' . SQL::quote($u_login_to_update) . '\' ';
SQL::query($sql);
// update table groupe_resp
$sql = 'UPDATE conges_groupe_resp SET gr_login=\'' . SQL::quote($tab_new_user['login']) . '\' WHERE gr_login=\'' . SQL::quote($u_login_to_update) . '\' ';
SQL::query($sql);
// update table conges_groupe_users
$sql = 'UPDATE conges_groupe_users SET gu_login=\'' . SQL::quote($tab_new_user['login']) . '\' WHERE gu_login=\'' . SQL::quote($u_login_to_update) . '\' ';
SQL::query($sql);
// update table periode
$sql = 'UPDATE conges_periode SET p_login=\'' . SQL::quote($tab_new_user['login']) . '\' WHERE p_login=\'' . SQL::quote($u_login_to_update) . '\' ';
SQL::query($sql);
// update table conges_solde_user
$sql = 'UPDATE conges_solde_user SET su_login=\'' . SQL::quote($tab_new_user['login']) . '\' WHERE su_login=\'' . SQL::quote($u_login_to_update) . '\' ';
SQL::query($sql);
// update table conges_users
$sql = 'UPDATE conges_users SET u_resp_login=\'' . SQL::quote($tab_new_user['login']) . '\' WHERE u_resp_login=\'' . SQL::quote($u_login_to_update) . '\' ';
SQL::query($sql);
}
if ($tab_new_user['login'] != $u_login_to_update) {
$comment_log = "modif_user (old_login = {$u_login_to_update}) new_login = "******"modif_user login = {$u_login_to_update}";
}
log_action(0, "", $u_login_to_update, $comment_log, $DEBUG);
echo _('form_modif_ok') . " !<br><br> \n";
} else {
echo _('form_modif_not_ok') . " !<br><br> \n";
}
}
function commit_saisie($tab_checkbox_j_chome, $DEBUG = FALSE)
{
$PHP_SELF = $_SERVER['PHP_SELF'];
$session = session_id();
if ($DEBUG) {
echo "tab_checkbox_j_chome : <br>\n";
print_r($tab_checkbox_j_chome);
echo "<br>\n";
}
// si l'année est déja renseignée dans la database, on efface ttes les dates de l'année
if (verif_year_deja_saisie($tab_checkbox_j_chome, $DEBUG)) {
$result = delete_year($tab_checkbox_j_chome, $DEBUG);
}
// on insert les nouvelles dates saisies
$result = insert_year($tab_checkbox_j_chome, $DEBUG);
// on recharge les jours feries dans les variables de session
init_tab_jours_feries($DEBUG);
if ($result) {
echo "<div class=\"alert alert-success\">" . _('form_modif_ok') . "</div>\n";
} else {
echo "<div class=\"alert alert-danger\">" . _('form_modif_not_ok') . "</div>\n";
}
$date_1 = key($tab_checkbox_j_chome);
$tab_date = explode('-', $date_1);
$comment_log = "saisie des jours chomés pour " . $tab_date[0];
log_action(0, "", "", $comment_log, $DEBUG);
}
function traite_all_demande_en_cours($tab_bt_radio, $tab_text_refus, $DEBUG = FALSE)
{
$PHP_SELF = $_SERVER['PHP_SELF'];
$session = session_id();
while ($elem_tableau = each($tab_bt_radio)) {
$champs = explode("--", $elem_tableau['value']);
$user_login = $champs[0];
$user_nb_jours_pris = $champs[1];
$type_abs = $champs[2];
// id du type de conges demandé
$date_deb = $champs[3];
$demi_jour_deb = $champs[4];
$date_fin = $champs[5];
$demi_jour_fin = $champs[6];
$reponse = $champs[7];
$numero = $elem_tableau['key'];
$numero_int = (int) $numero;
echo "{$numero}---{$user_login}---{$user_nb_jours_pris}---{$reponse}<br>\n";
/* Modification de la table conges_periode */
if (strcmp($reponse, "VALID") == 0) {
/* UPDATE table "conges_periode" */
$sql1 = "UPDATE conges_periode SET p_etat=\"valid\", p_date_traitement=NOW() WHERE p_num={$numero_int}";
/* On valide l'UPDATE dans la table "conges_periode" ! */
$ReqLog1 = SQL::query($sql1);
// Log de l'action
log_action($numero_int, "valid", $user_login, "traite demande {$numero} ({$user_login}) ({$user_nb_jours_pris} jours) : {$reponse}", $DEBUG);
//envoi d'un mail d'alerte au user et au responsable du resp (pour double validation) (si demandé dans config de php_conges)
if ($_SESSION['config']['mail_prem_valid_conges_alerte_user']) {
alerte_mail($_SESSION['userlogin'], $user_login, $numero_int, "valid_conges", $DEBUG);
}
}
if (strcmp($reponse, "OK") == 0) {
/* UPDATE table "conges_periode" */
$sql1 = "UPDATE conges_periode SET p_etat=\"ok\", p_date_traitement=NOW() WHERE p_num={$numero_int}";
/* On valide l'UPDATE dans la table "conges_periode" ! */
$ReqLog1 = SQL::query($sql1);
// Log de l'action
log_action($numero_int, "ok", $user_login, "traite demande {$numero} ({$user_login}) ({$user_nb_jours_pris} jours) : {$reponse}", $DEBUG);
/* UPDATE table "conges_solde_user" (jours restants) */
soustrait_solde_et_reliquat_user($user_login, $numero_int, $user_nb_jours_pris, $type_abs, $date_deb, $demi_jour_deb, $date_fin, $demi_jour_fin, $DEBUG);
// soustrait_solde_user($user_login, $user_nb_jours_pris, $type_abs, $DEBUG);
//envoi d'un mail d'alerte au user (si demandé dans config de php_conges)
if ($_SESSION['config']['mail_valid_conges_alerte_user']) {
alerte_mail($_SESSION['userlogin'], $user_login, $numero_int, "accept_conges", $DEBUG);
}
} elseif (strcmp($reponse, "not_OK") == 0) {
// recup du motif de refus
$motif_refus = addslashes($tab_text_refus[$numero_int]);
$sql1 = "UPDATE conges_periode SET p_etat=\"refus\", p_motif_refus='{$motif_refus}', p_date_traitement=NOW() WHERE p_num={$numero_int}";
//echo "$sql1<br>\n");
// Log de l'action
log_action($numero_int, "refus", $user_login, "traite demande {$numero} ({$user_login}) ({$user_nb_jours_pris} jours) : refus", $DEBUG);
/* On valide l'UPDATE dans la table ! */
$ReqLog1 = SQL::query($sql1);
//envoi d'un mail d'alerte au user (si demandé dans config de php_conges)
if ($_SESSION['config']['mail_refus_conges_alerte_user']) {
alerte_mail($_SESSION['userlogin'], $user_login, $numero_int, "refus_conges", $DEBUG);
}
}
}
}
}
if (xsrf_guard()) {
init_var($_POST['btn_cancel']);
init_var($_POST['btn_submit']);
require 'components/query_string_standard.php';
require 'subclasses/user_links.php';
$dbh_user_links = new user_links();
$object_name = 'dbh_user_links';
require 'components/create_form_data.php';
extract($arr_form_data);
if ($_POST['btn_cancel']) {
log_action('Pressed cancel button');
redirect("listview_user_links.php?{$query_string}");
}
if ($_POST['btn_submit']) {
log_action('Pressed submit button');
$message .= $dbh_user_links->sanitize($arr_form_data)->lst_error;
extract($arr_form_data);
if ($dbh_user_links->check_uniqueness($arr_form_data)->is_unique) {
//Good, no duplicate in database
} else {
$message = "Record already exists with the same primary identifiers!";
}
if ($message == "") {
$dbh_user_links->add($arr_form_data);
redirect("listview_user_links.php?{$query_string}");
}
}
}
require 'subclasses/user_links_html.php';
$html = new user_links_html();
if ($data_con->num_rows == 1) {
extract($data_con->dump);
$_SESSION['header'] = $header;
$_SESSION['footer'] = $footer;
$_SESSION['skin'] = $skin_name;
$_SESSION['master_css'] = $master_css;
$_SESSION['colors_css'] = $colors_css;
$_SESSION['fonts_css'] = $fonts_css;
$_SESSION['override_css'] = $override_css;
$_SESSION['icon_set'] = $icon_set;
if (trim($_SESSION['icon_set'] == '')) {
$_SESSION['icon_set'] = 'cobalt';
}
}
$data_con->close_db();
log_action('Logged in');
//check if user must rehash his password due to updated method or work factor/iterations
if (cobalt_password_must_rehash($username)) {
$hashed_password = cobalt_password_hash('NEW', $password, $username, $new_salt, $new_iteration, $new_method);
$data_con = new data_abstraction();
$data_con->set_query_type('UPDATE');
$data_con->set_table('user');
$data_con->set_update("`password`=?, `salt`=?, `iteration`=?, `method`=?");
$data_con->set_where("username=?");
$bind_params = array('ssiss', $hashed_password, $new_salt, $new_iteration, $new_method, $username);
$data_con->stmt_prepare($bind_params);
$data_con->stmt_execute();
}
redirect('start.php');
} else {
$error_message = "Check username and password.";
