function printOrder() { $desk_id = getValue('desk_id', 'int', 'POST', 0); check_desk_exist($desk_id); $list_menu = getValue('list_menu', 'arr', 'POST', array()); //cập nhật số lượng thực đơn đã in bếp vào trường cdm_printed_number $array_menu_success = array(); foreach ($list_menu as $menu) { $sql = 'UPDATE current_desk_menu SET cdm_printed_number = cdm_printed_number + ' . $menu['print_number'] . ' WHERE cdm_menu_id = ' . $menu['men_id'] . ' AND cdm_desk_id = ' . $desk_id; $db_update = new db_execute($sql); if ($db_update->total) { $array_menu_success[] = $menu; } } if (!$array_menu_success) { return; } else { $array_return = array('success' => 1, 'list_menu' => $array_menu_success); } //log action log_action(ACTION_LOG_PRINT_ORDER, 'In chế biến xuống bếp - bàn ID ' . $desk_id); die(json_encode($array_return)); }
function debitRequest() { global $app; #http://83.138.190.170/skyeapi/debitrequest?msisdn=2347062385282&sessionid=435654257&endofsesssion=false&userdata=*336*9*750*07062385281#&op=MTNmain #msisdn=2348134197100&sessionid=435654257&endofsesssion=false&userdata=*336*5# $req = $app->request(); #$userdata= '*336*9#'; $userdata = $req->get('userdata'); $use = explode('*', $userdata); if ($use[4]) { $amt = $use[3]; $destMsisdn = $use[4]; $destMsisdn = rtrim($destMsisdn, "#"); } else { $amt = $use[3]; $amt = rtrim($amt, '#'); $destMsisdn = $req->get('msisdn'); } $actMsisdn = $req->get('msisdn'); $msisdn = $actMsisdn; $sessionid = $req->get('sessionid') ? $req->get('sessionid') : time(); #$amt = $amt * 100; $op = $req->get('op'); $stat_id = 1; $length = 15; $transId = getToken($length); //Log action: $logFile = "transaction.log"; log_action("Logging USSD Request@" . date('Y-m-d h:i:s') . ">> Session id ({$sessionid}), MSISDN ({$actMsisdn})," . "UserData ({$userdata})\n", $logFile); #$transId = db_query("select TRANSID_SEQ.NEXTVAL from dual"); #$log_req = "insert into top_request (transaction_id,act_msisdn,dest_msisdn,status_id,amt,operator) values (TRANSID_SEQ.NEXTVAL,'$actMsisdn','$destMsisdn','$amt','$op' )"; $log_req = "insert into top_request (transaction_id,act_msisdn,dest_msisdn,status_id,amt,operator,sessionid) values ('{$transId}','{$actMsisdn}','{$destMsisdn}',{$stat_id},'{$amt}','{$op}','{$sessionid}' )"; $sql = db_execute($log_req); if ($sql) { $response = array('response' => 'Transaction Successfull:', 'endofsession' => 'true', 'msisdn' => $msisdn); #echo '{"success": ' . json_encode($sql) . '}'; } else { $response = array('response' => 'Registration Failed:', 'endofsession' => 'true', 'msisdn' => $msisdn); #echo '{"failure":{"text":'. Failed .'}}'; } header('Content-Type: application/json'); echo json_encode($response); }
function change_passwd($new_passwd1, $new_passwd2, $DEBUG = FALSE) { $PHP_SELF = $_SERVER['PHP_SELF']; $session = session_id(); if (strlen($new_passwd1) == 0 || strlen($new_passwd2) == 0 || $new_passwd1 != $new_passwd2) { echo _('user_passwd_error') . "<br>\n"; } else { $passwd_md5 = md5($new_passwd1); $sql1 = 'UPDATE conges_users SET u_passwd=\'' . $passwd_md5 . '\' WHERE u_login=\'' . $_SESSION['userlogin'] . '\' '; $result = SQL::query($sql1); if ($result) { echo _('form_modif_ok') . " <br><br> \n"; } else { echo _('form_mofif_not_ok') . "<br><br> \n"; } } $comment_log = 'changement Password'; log_action(0, '', $_SESSION['userlogin'], $comment_log, $DEBUG); }
function procesaXmlV32($factura, &$resultado) { global $SITE_URL, $KEYS_DIR; //,$CODIFICACION_UTF8,$DECODIFICACION_UTF8,$CODIFICACION_XML_UTF8, $DECODIFICACION_XML_UTF8; $xml = ""; $resultado = array(); //version sat 3.2 $xml = domSATV32($factura); if ($xml == null) { log_action("ERROR GENERANDO XML ", 0); return -1; } $codifxml = mb_detect_encoding($xml, 'UTF-8', true); $cadenaOriginal = cadenaSATV3_2($xml); //Version cfdi $codifCadena = mb_detect_encoding($cadenaOriginal, 'UTF-8', true); if ($codifxml != 'UTF-8' || $codifCadena != 'UTF-8') { $msg = "codificacon utf8 invalida "; log_action($msg); $resultado['error'] = $msg; return -1; } $resultado['cadena'] = $cadenaOriginal; //SELLO $facej = new Java('cc.lab.SignatureMgmt'); $pkeyfile = $SITE_URL . $KEYS_DIR . $factura->sello['llavedec']; $sello = $facej->sign($cadenaOriginal, $pkeyfile); log_action(print_r("*********************** S E L L O **********************", TRUE)); log_action($cadenaOriginal); log_action(print_r($pkeyfile, TRUE)); if (!(strpos($sello, "ERROR") === false)) { log_action("ERROR GENERANDO SELLO: " . $sello, 0); $resultado['error'] = "ERROR GENERANDO SELLO: " . $sello; return -1; } $xml = str_replace("%SELLO%", $sello, $xml); $resultado['sello'] = $sello; $XMLBODY = $xml; $resultado['xmlutf8'] = $XMLBODY; $resultado['xml'] = $xml; return 0; }
function SOAP_client($client_id, $cfdistring) { // URL del Webservice del PAC - viene de constantes.php global $PAC_URL; $client_id = 'MCO000823CK3'; // Crea objeto SoapClient try { $client = new SoapClient($PAC_URL, array('trace' => 1, 'connection_timeout' => 15)); } catch (Exception $e) { log_action("Error creando SoapClient:" . $e->getMessage()); return 'exception error'; } // Envia peticion de timbrado al PAC try { $params = array('client_id' => $client_id, 'cfdiString' => $cfdistring); $resultado = $client->__soapCall('requestPacCertification', array('parameters' => $params)); } catch (Exception $e) { log_action("Error creando accesando PAC 1:" . $e->getMessage()); echo "Error creando accesando PAC 1:"; sleep(10); try { $params = array('client_id' => $client_id, 'cfdiString' => $cfdistring); $resultado = $client->__soapCall('requestPacCertification', array('parameters' => $params)); } catch (Exception $e) { log_action("Error creando accesando PAC 2:" . $e->getMessage()); echo "Error creando accesando PAC 2:"; sleep(30); try { $params = array('client_id' => $client_id, 'cfdiString' => $cfdistring); $resultado = $client->__soapCall('requestPacCertification', array('parameters' => $params)); } catch (Exception $e) { log_action("Error creando accesando PAC 3:" . $e->getMessage()); echo "Error creando accesando PAC 3:"; return 'exception error'; } } } // Regresa el XML de la factura de $cfdi_xml = base64_decode($resultado->return); return $cfdi_xml; }
//Cobalt on the web: http://cobalt.jvroig.com //****************************************************************** require 'path.php'; init_cobalt('Delete refstudent'); if (isset($_GET['student_id'])) { $student_id = urldecode($_GET['student_id']); require_once 'form_data_refstudent.php'; } elseif (xsrf_guard()) { init_var($_POST['btn_cancel']); init_var($_POST['btn_delete']); require 'components/query_string_standard.php'; if ($_POST['btn_cancel']) { log_action('Pressed cancel button', $_SERVER['PHP_SELF']); redirect("listview_refstudent.php?{$query_string}"); } elseif ($_POST['btn_delete']) { log_action('Pressed delete button', $_SERVER['PHP_SELF']); require_once 'subclasses/refstudent.php'; $dbh_refstudent = new refstudent(); $object_name = 'dbh_refstudent'; require 'components/create_form_data.php'; $dbh_refstudent->del($arr_form_data); redirect("listview_refstudent.php?{$query_string}"); } } require 'subclasses/refstudent_html.php'; $html = new refstudent_html(); $html->draw_header('Delete Refstudent', $message, $message_type); $html->draw_listview_referrer_info($filter_field_used, $filter_used, $page_from, $filter_sort_asc, $filter_sort_desc); $html->draw_hidden('student_id'); $html->detail_view = TRUE; $html->draw_controls('delete');
function commit_modif($tab_new_values, $session, $DEBUG = FALSE) { $PHP_SELF = $_SERVER['PHP_SELF']; if ($session == "") { $URL = "{$PHP_SELF}"; } else { $URL = "{$PHP_SELF}?session={$session}"; } // update de la table foreach ($tab_new_values as $nom_mail => $tab_mail) { $subject = addslashes($tab_mail['subject']); $body = addslashes($tab_mail['body']); $req_update = 'UPDATE conges_mail SET mail_subject=\'' . $subject . '\', mail_body=\'' . $body . '\' WHERE mail_nom=\'' . SQL::quote($nom_mail) . '\' '; $result1 = SQL::query($req_update); } echo "<span class = \"messages\">" . _('form_modif_ok') . "</span><br>"; $comment_log = "configuration des mails d\\'alerte"; log_action(0, "", "", $comment_log, $DEBUG); if ($DEBUG) { echo "<a href=\"{$URL}\" method=\"POST\">" . _('form_retour') . "</a><br>\n"; } else { echo "<META HTTP-EQUIV=REFRESH CONTENT=\"2; URL={$URL}\">"; } }
$target_file = basename($_FILES['file_upload']['name']); $upload_dir = SITE_ROOT . DS . "uploads"; $path_filenme = $upload_dir . "/" . $target_file; chmod($upload_dir, 0777); chmod($path_filenme, 0777); chmod($tmp_file, 0777); // You will probably want to first use file_exists() to make sure // there isn't already a file by the same name. // move_uploaded_file will return false if $tmp_file is not a valid upload file // or if it cannot be moved for any other reason if (move_uploaded_file($tmp_file, $upload_dir . "/" . $target_file)) { log_action('Upload file success', "{$_SESSION['username']} uploaded file {$path_filenme} " . $temp_file . " - " . $target_file); $message = "File uploaded successfully."; chmod($path_filenme, 0777); } else { log_action('Upload file error', "{$_SESSION['username']} uploaded file {$path_filenme} " . $temp_file . " - " . $target_file); $error = $_FILES['file_upload']['error']; $message = $upload_errors[$error]; } } ?> <?php // The maximum file size (in bytes) must be declared before the file input field // and can't be larger than the setting for upload_max_filesize in php.ini. // // This form value can be manipulated. You should still use it, but you rely // on upload_max_filesize as the absolute limit. // // Think of it as a polite declaration: "Hey PHP, here comes a file less than X..."
<?php //****************************************************************** //This file was generated by Cobalt, a rapid application development //framework developed by JV Roig (jvroig@jvroig.com). // //Cobalt on the web: http://cobalt.jvroig.com //****************************************************************** require 'path.php'; init_cobalt('View eval dtl'); if (isset($_GET['id'])) { $id = urldecode($_GET['id']); require 'form_data_eval_dtl.php'; } elseif (xsrf_guard()) { init_var($_POST['btn_back']); if ($_POST['btn_back']) { log_action('Pressed cancel button', $_SERVER['PHP_SELF']); require 'components/query_string_standard.php'; redirect("listview_eval_dtl.php?{$query_string}"); } } require 'subclasses/eval_dtl_html.php'; $html = new eval_dtl_html(); $html->draw_header('Detail View: Eval Dtl', $message, $message_type); $html->draw_listview_referrer_info($filter_field_used, $filter_used, $page_from, $filter_sort_asc, $filter_sort_desc); $html->detail_view = TRUE; $html->draw_controls('view'); $html->draw_footer();
//**************************************************************************************** require 'path.php'; init_cobalt('View sub doc'); if (xsrf_guard()) { init_var($_POST['btn_cancel']); init_var($_POST['btn_submit']); if ($_POST['btn_cancel']) { log_action('Pressed cancel button'); redirect("listview_sub_doc.php"); } if ($_POST['btn_submit']) { log_action('Pressed submit button'); require 'subclasses/sub_doc.php'; $dbh_sub_doc = new sub_doc(); if ($message == "") { log_action('Exported table data to CSV'); $timestamp = date('Y-m-d'); $token = generate_token(0, 'fs'); $csv_name = $token . $_SESSION['user'] . '_sub_doc_' . $timestamp . '.csv'; $filename = TMP_DIRECTORY . '/' . $csv_name; $csv_contents = $dbh_sub_doc->export_to_csv(); $csv_file = fopen($filename, "wb"); fwrite($csv_file, $csv_contents); fclose($csv_file); chmod($filename, 0755); $csv_name = urlencode($csv_name); $message = 'CSV file successfully generated: <a href="/' . BASE_DIRECTORY . '/download_generic.php?filename=' . $csv_name . '">Download the CSV file.</a>'; $message_type = 'system'; } } }
//****************************************************************** require 'path.php'; init_cobalt('View accomplishment'); if (xsrf_guard()) { init_var($_POST['btn_cancel']); init_var($_POST['btn_submit']); if ($_POST['btn_cancel']) { log_action('Pressed cancel button', $_SERVER['PHP_SELF']); redirect("listview_accomplishment.php"); } if ($_POST['btn_submit']) { log_action('Pressed submit button', $_SERVER['PHP_SELF']); require 'subclasses/accomplishment.php'; $dbh_accomplishment = new accomplishment(); if ($message == "") { log_action("Exported table data to CSV", $_SERVER['PHP_SELF']); $timestamp = date('Y-m-d'); $token = generate_token(0, 'fs'); $csv_name = $token . $_SESSION['user'] . '_accomplishment_' . $timestamp . '.csv'; $filename = TMP_DIRECTORY . '/' . $csv_name; $csv_contents = $dbh_accomplishment->export_to_csv(); $csv_file = fopen($filename, "wb"); fwrite($csv_file, $csv_contents); fclose($csv_file); chmod($filename, 0755); $csv_name = urlencode($csv_name); $message = 'CSV file successfully generated: <a href="/' . BASE_DIRECTORY . '/download_generic.php?filename=' . $csv_name . '">Download the CSV file.</a>'; $message_type = 'system'; } } }
function commit_vider_table_logs($session, $DEBUG = FALSE) { //$DEBUG=TRUE; $PHP_SELF = $_SERVER['PHP_SELF']; $sql_delete = "TRUNCATE TABLE conges_logs "; $ReqLog_delete = SQL::query($sql_delete); // ecriture de cette action dans les logs $comment_log = "effacement des logs de php_conges "; log_action(0, "", "", $comment_log, $DEBUG); echo "<span class = \"messages\">" . _('form_modif_ok') . "</span><br>"; if ($session == "") { redirect(ROOT_PATH . 'config/config_logs.php'); } else { redirect(ROOT_PATH . 'config/config_logs.php?session=' . $session); } }
<?php require_once '../../includes/initialize.php'; if (!$session->is_logged_in()) { redirect_to('login.php'); } include_once '../layouts/admin-header.php'; $logfile = SITE_ROOT . DS . 'logs' . DS . 'log.txt'; if (!empty($_GET['clear']) == 'true') { file_put_contents($logfile, ''); /** Add the first log entry */ log_action('Logs cleared', "by User ID {$session->user_id}"); /** redirect tp this same page so that the URL won't have "clear=true" anymore */ redirect_to('logfile.php'); } ?> <a href="index.php">« Back</a> <h2>Log File</h2> <p><a href="logfile.php?clear=true">Clear log file</a></p> <?php if (file_exists($logfile) && is_readable($logfile) && ($handle = fopen($logfile, 'r'))) { /** read */ echo "<ul class='side-nav'>"; while (!feof($handle)) { $entry = fgets($handle); if (trim($entry) != "") { echo "<li>{$entry}</li>"; } } echo "</ul>"; fclose($handle);
function ajout_global_groupe($choix_groupe, $tab_new_nb_conges_all, $tab_calcul_proportionnel, $tab_new_comment_all, $DEBUG = FALSE) { $PHP_SELF = $_SERVER['PHP_SELF']; $session = session_id(); // recup de la liste des users d'un groupe donné $list_users = get_list_users_du_groupe($choix_groupe, $DEBUG); foreach ($tab_new_nb_conges_all as $id_conges => $nb_jours) { if ($nb_jours != 0) { $comment = $tab_new_comment_all[$id_conges]; $sql1 = "SELECT u_login, u_quotite FROM conges_users WHERE u_login IN ({$list_users}) ORDER BY u_login "; $ReqLog1 = SQL::query($sql1); while ($resultat1 = $ReqLog1->fetch_array()) { $current_login = $resultat1["u_login"]; $current_quotite = $resultat1["u_quotite"]; if (!isset($tab_calcul_proportionnel[$id_conges]) || $tab_calcul_proportionnel[$id_conges] != TRUE) { $nb_conges = $nb_jours; } else { // pour arrondir au 1/2 le + proche on fait x 2, on arrondit, puis on divise par 2 $nb_conges = ROUND($nb_jours * ($current_quotite / 100) * 2) / 2; } $valid = verif_saisie_decimal($nb_conges, $DEBUG); if ($valid) { // 1 : on update conges_solde_user $req_update = 'UPDATE conges_solde_user SET su_solde = su_solde+ ' . intval($nb_conges) . ' WHERE su_login = \'' . SQL::quote($current_login) . '\' AND su_abs_id = ' . intval($id_conges) . ';'; $ReqLog_update = SQL::query($req_update); // 2 : on insert l'ajout de conges dans la table periode // recup du nom du groupe $groupename = get_group_name_from_id($choix_groupe, $DEBUG); $commentaire = _('resp_ajout_conges_comment_periode_groupe') . " {$groupename}"; // ajout conges insert_ajout_dans_periode($DEBUG, $current_login, $nb_conges, $id_conges, $commentaire); } } $group_name = get_group_name_from_id($choix_groupe, $DEBUG); if (!isset($tab_calcul_proportionnel[$id_conges]) || $tab_calcul_proportionnel[$id_conges] != TRUE) { $comment_log = "ajout conges pour groupe {$group_name} ({$nb_jours} jour(s)) ({$comment}) (calcul proportionnel : No)"; } else { $comment_log = "ajout conges pour groupe {$group_name} ({$nb_jours} jour(s)) ({$comment}) (calcul proportionnel : Yes)"; } log_action(0, "ajout", "groupe", $comment_log, $DEBUG); } } }
message("Bestätigung", ' <form name="theform" method="post" action="' . build_link("postops.php") . '"> Möchten Sie diesen Post wirklich löschen?<br><br> <input type="hidden" name="do_delete" value="1"> <input type="hidden" name="action" value="delete"> <input type="hidden" name="post[postid]" value="' . $post['postid'] . '"> <input class="tbbutton" type="submit" name="Submit" value="Löschen >>"> </form>'); } } else { // re-get $post $post = $HTTP_POST_VARS['post']; if (!($post['postid'] = intval($post['postid']))) { exit('nix da'); } // decrease thread reply count thwb_query("UPDATE " . $pref . "thread SET threadreplies=threadreplies-1 WHERE threadid={$thread['threadid']}"); // decrease board post count thwb_query("UPDATE " . $pref . "board SET boardposts=boardposts-1 WHERE boardid={$board['boardid']}"); // remove post thwb_query("DELETE FROM " . $pref . "post WHERE postid={$post['postid']}"); // display stuff updatethread($thread['threadid']); updateboard($board['boardid']); log_action('delete post'); message("Post wurde gelöscht", "Post wurde gelöscht.<br><a href=\"" . build_link("showtopic.php?thread[threadid]={$thread['threadid']}") . "\">Zurück zum Thread</a>"); } } else { message("Fehler", "Sie haben keine Erlaubnis diesen Post zu löschen"); } }
<?php require 'path.php'; init_cobalt('ALLOW_ALL', FALSE); //Create a log entry that user logged out. log_action('Logged out', $_SERVER['PHP_SELF']); /********** Start of session cleanup. **********/ //First, unset all session variables. $_SESSION = array(); //Second, delete the session cookie. if (isset($_COOKIE[session_name()])) { setcookie(session_name(), "", time() - 86400); } //Third and last step, destroy the session. session_destroy(); /********** End of session cleanup. **********/ redirect('index.php');
if (isset($_GET['clear']) && $_GET['clear'] == 'true') { // This works OK.. // U R repeating urself here.... // if (file_exists($file) && is_readable($file)) { // if ($handle = fopen($file, 'w')) { // $content = "Logs were cleared...\n"; // fwrite($handle, $content); // fclose($handle); // } else { // echo "file could not be accessed.."; // } // Smaller --DRY-- way // reset the logfile. file_put_contents($file, ""); // Add the first log file enrty log_action("Logs Cleared", "by {$session->username}"); // redirect the same page, so url won't have // "clear=true" query anymore.. redirect_to('logfile.php'); } ?> <?php include '../layouts/admin_header.php'; ?> <div class="navbar navbar-inverse navbar-fixed-top"> <div class="container"> <p><a class="navbar-brand text-muted" href="index.php">Photo Gallery: Admin</a></p> <div> <ul class="nav navbar-nav navbar-right"> <li><a href="admin/index.php">Home</a></li>
function insert_dans_periode($login, $date_deb, $demi_jour_deb, $date_fin, $demi_jour_fin, $nb_jours, $commentaire, $id_type_abs, $etat, $id_fermeture) { // Récupération du + grand p_num (+ grand numero identifiant de conges) $sql1 = "SELECT max(p_num) FROM conges_periode"; $ReqLog1 = \includes\SQL::query($sql1); if ($num_new_demande = $ReqLog1->fetch_row()) { $num_new_demande = $num_new_demande[0] + 1; } else { $num_new_demande = 1; } $sql2 = "INSERT INTO conges_periode SET p_login='******',p_date_deb='{$date_deb}', p_demi_jour_deb='{$demi_jour_deb}',p_date_fin='{$date_fin}', p_demi_jour_fin='{$demi_jour_fin}', p_nb_jours='{$nb_jours}', p_commentaire='{$commentaire}', p_type='{$id_type_abs}', p_etat='{$etat}', "; if ($id_fermeture != 0) { $sql2 = $sql2 . " p_fermeture_id='{$id_fermeture}' ,"; } if ($etat == "demande") { $sql2 = $sql2 . " p_date_demande=NOW() ,"; } else { $sql2 = $sql2 . " p_date_traitement=NOW() ,"; } $sql2 = $sql2 . " p_num='{$num_new_demande}' "; $result = \includes\SQL::query($sql2); if ($id_fermeture != 0) { $comment_log = "saisie de fermeture num {$num_new_demande} (type {$id_type_abs}) pour {$login} ({$nb_jours} jours) (de {$date_deb} {$demi_jour_deb} à {$date_fin} {$demi_jour_fin})"; } elseif ($etat == "demande") { $comment_log = "demande de conges num {$num_new_demande} (type {$id_type_abs}) pour {$login} ({$nb_jours} jours) (de {$date_deb} {$demi_jour_deb} à {$date_fin} {$demi_jour_fin})"; } else { $comment_log = "saisie de conges num {$num_new_demande} (type {$id_type_abs}) pour {$login} ({$nb_jours} jours) (de {$date_deb} {$demi_jour_deb} à {$date_fin} {$demi_jour_fin})"; } log_action($num_new_demande, $etat, $login, $comment_log); if ($result) { return $num_new_demande; } else { return 0; } }
<?php require_once "../../includes/initialize.php"; if ($session->is_logged_in()) { redirect_to("index.php"); } // Remember to give your form's submit tag a name="submit" attribute! if (isset($_POST['submit'])) { // Form has been submitted. $username = trim($_POST['username']); $password = trim($_POST['password']); // Check database to see if username/password exist. $found_user = User::authenticate($username, $password); if ($found_user) { $session->login($found_user); log_action('Login', "{$found_user->username} logged in."); redirect_to("index.php"); } else { // username/password combo was not found in the database $message = "Username/password combination incorrect."; } } else { // Form has not been submitted. $username = ""; $password = ""; $message = ""; } include_layout_template('header.php'); ?> <div id="form"> <h2>Login</h2>
function stmt_execute($log = TRUE) { $this->stmt->execute() or error_handler('Database error. ', $this->stmt->error); if ($this->query_type == "SELECT") { $this->stmt->store_result(); $this->error = $this->stmt->error; $this->num_rows = $this->stmt->num_rows; $log = LOG_SELECT_QUERIES; } elseif ($this->query_type == "INSERT") { $this->auto_id = $this->stmt->insert_id; $this->error = $this->stmt->error; } else { $this->affected_rows = $this->mysqli->affected_rows; } if ($log) { log_action('Query Executed: ' . $this->query . "\r\n" . print_r($this->stmt_bind_args, TRUE)); } return $this; }
//**************************************************************************************** require 'path.php'; init_cobalt('Delete department'); if (isset($_GET['department_id'])) { $department_id = urldecode($_GET['department_id']); require_once 'form_data_department.php'; } if (xsrf_guard()) { init_var($_POST['btn_cancel']); init_var($_POST['btn_delete']); require 'components/query_string_standard.php'; if ($_POST['btn_cancel']) { log_action('Pressed cancel button'); redirect("listview_department.php?{$query_string}"); } elseif ($_POST['btn_delete']) { log_action('Pressed delete button'); require_once 'subclasses/department.php'; $dbh_department = new department(); $object_name = 'dbh_department'; require 'components/create_form_data.php'; $dbh_department->delete($arr_form_data); redirect("listview_department.php?{$query_string}"); } } require 'subclasses/department_html.php'; $html = new department_html(); $html->draw_header('Delete Department', $message, $message_type); $html->draw_listview_referrer_info($filter_field_used, $filter_used, $page_from, $filter_sort_asc, $filter_sort_desc); $html->draw_hidden('department_id'); $html->detail_view = TRUE; $html->draw_controls('delete');
function ajout_user(&$tab_new_user, $tab_checkbox_sem_imp, $tab_checkbox_sem_p, &$tab_new_jours_an, &$tab_new_solde, $checkbox_user_groups, $DEBUG = FALSE) { $PHP_SELF = $_SERVER['PHP_SELF']; $session = session_id(); if ($DEBUG) { echo "tab_new_jours_an = "; print_r($tab_new_jours_an); echo "<br>\n"; echo "tab_new_solde = "; print_r($tab_new_solde); echo "<br>\n"; } // si pas d'erreur de saisie : if (verif_new_param($tab_new_user, $tab_new_jours_an, $tab_new_solde, $DEBUG) == 0) { echo $tab_new_user['login'] . "---" . $tab_new_user['nom'] . "---" . $tab_new_user['prenom'] . "---" . $tab_new_user['quotite'] . "\n"; echo "---" . $tab_new_user['is_resp'] . "---" . $tab_new_user['resp_login'] . "---" . $tab_new_user['is_admin'] . "---" . $tab_new_user['is_hr'] . "---" . $tab_new_user['see_all'] . "---" . $tab_new_user['email'] . "<br>\n"; foreach ($tab_new_jours_an as $id_cong => $jours_an) { echo $tab_new_jours_an[$id_cong] . "---" . $tab_new_solde[$id_cong] . "<br>\n"; } $new_date_deb_grille = $tab_new_user['new_year'] . "-" . $tab_new_user['new_mois'] . "-" . $tab_new_user['new_jour']; echo "{$new_date_deb_grille}<br>\n"; /*****************************/ /* INSERT dans conges_users */ if ($_SESSION['config']['how_to_connect_user'] == "dbconges") { $motdepasse = md5($tab_new_user['password1']); } else { $motdepasse = "none"; } $sql1 = "INSERT INTO conges_users SET "; $sql1 = $sql1 . "u_login='******'login'] . "', "; $sql1 = $sql1 . "u_nom='" . addslashes($tab_new_user['nom']) . "', "; $sql1 = $sql1 . "u_prenom='" . addslashes($tab_new_user['prenom']) . "', "; $sql1 = $sql1 . "u_is_resp='" . $tab_new_user['is_resp'] . "', "; if ($tab_new_user['resp_login'] == 'no_resp') { $sql1 = $sql1 . "u_resp_login= NULL , "; } else { $sql1 = $sql1 . "u_resp_login='******'resp_login'] . "', "; } $sql1 = $sql1 . "u_is_admin='" . $tab_new_user['is_admin'] . "', "; $sql1 = $sql1 . "u_is_hr='" . $tab_new_user['is_hr'] . "', "; $sql1 = $sql1 . "u_see_all='" . $tab_new_user['see_all'] . "', "; $sql1 = $sql1 . "u_passwd='{$motdepasse}', "; $sql1 = $sql1 . "u_quotite=" . $tab_new_user['quotite'] . ","; $sql1 = $sql1 . " u_email='" . $tab_new_user['email'] . "' "; $result1 = SQL::query($sql1); /**********************************/ /* INSERT dans conges_solde_user */ foreach ($tab_new_jours_an as $id_cong => $jours_an) { $sql3 = "INSERT INTO conges_solde_user (su_login, su_abs_id, su_nb_an, su_solde, su_reliquat) "; $sql3 = $sql3 . "VALUES ('" . $tab_new_user['login'] . "' , {$id_cong}, " . $tab_new_jours_an[$id_cong] . ", " . $tab_new_solde[$id_cong] . ", 0) "; $result3 = SQL::query($sql3); } /*****************************/ /* INSERT dans conges_artt */ $list_colums_to_insert = "a_login"; $list_values_to_insert = "'" . $tab_new_user['login'] . "'"; // on parcours le tableau des jours d'absence semaine impaire if ($tab_checkbox_sem_imp != "") { while (list($key, $val) = each($tab_checkbox_sem_imp)) { //echo "$key => $val<br>\n"; $list_colums_to_insert = "{$list_colums_to_insert}, {$key}"; $list_values_to_insert = "{$list_values_to_insert}, '{$val}'"; } } if ($tab_checkbox_sem_p != "") { while (list($key, $val) = each($tab_checkbox_sem_p)) { //echo "$key => $val<br>\n"; $list_colums_to_insert = "{$list_colums_to_insert}, {$key}"; $list_values_to_insert = "{$list_values_to_insert}, '{$val}'"; } } $sql2 = "INSERT INTO conges_artt ({$list_colums_to_insert}, a_date_debut_grille) VALUES ({$list_values_to_insert}, '{$new_date_deb_grille}')"; $result2 = SQL::query($sql2); /***********************************/ /* ajout du user dans ses groupes */ $result4 = TRUE; if ($_SESSION['config']['gestion_groupes'] && $checkbox_user_groups != "") { $result4 = commit_modif_user_groups($tab_new_user['login'], $checkbox_user_groups, $DEBUG); } /*****************************/ if ($result1 && $result2 && $result3 && $result4) { echo _('form_modif_ok') . "<br><br> \n"; } else { echo _('form_modif_not_ok') . "<br><br> \n"; } $comment_log = "ajout_user : "******" / " . addslashes($tab_new_user['nom']) . " " . addslashes($tab_new_user['prenom']) . " (" . $tab_new_user['quotite'] . " %)"; log_action(0, "", $tab_new_user['login'], $comment_log, $DEBUG); /* APPEL D'UNE AUTRE PAGE */ echo " <form action=\"{$PHP_SELF}?session={$session}&onglet=admin-users\" method=\"POST\"> \n"; echo "<input type=\"submit\" value=\"" . _('form_retour') . "\">\n"; echo " </form> \n"; } }
require 'form_data_industrysector.php'; } elseif (xsrf_guard()) { init_var($_POST['btn_cancel']); init_var($_POST['btn_submit']); require 'components/query_string_standard.php'; require 'subclasses/industrysector.php'; $dbh_industrysector = new industrysector(); $object_name = 'dbh_industrysector'; require 'components/create_form_data.php'; extract($arr_form_data); if ($_POST['btn_cancel']) { log_action('Pressed cancel button', $_SERVER['PHP_SELF']); redirect("listview_industrysector.php?{$query_string}"); } if ($_POST['btn_submit']) { log_action('Pressed submit button', $_SERVER['PHP_SELF']); $message .= $dbh_industrysector->sanitize($arr_form_data)->lst_error; extract($arr_form_data); if ($dbh_industrysector->check_uniqueness_for_editing($arr_form_data)->is_unique) { //Good, no duplicate in database } else { $message = "Record already exists with the same primary identifiers!"; } if ($message == "") { $dbh_industrysector->edit($arr_form_data); redirect("listview_industrysector.php?{$query_string}"); } } } require 'subclasses/industrysector_html.php'; $html = new industrysector_html();
$IPAddressOptions = $_GET['IPAddressOptions']; $TimeStart = $_GET['TimeStart']; $TimeEnd = $_GET['TimeEnd']; $Username = $_GET['Username']; $Module = $_GET['Module']; $Keyword = $_GET['Keyword']; $IPAddress = $_GET['IPAddress']; if (isset($_GET['current_page'])) { $current_page = $_GET['current_page']; } $CREATE_FILTERS = TRUE; } if (xsrf_guard()) { init_var($_POST['btn_cancel']); if ($_POST['btn_cancel']) { log_action("Pressed cancel button", $_SERVER['PHP_SELF']); echo "<script>window.close()</script>"; } if (isset($_POST['start'])) { $start = $_POST['start']; } $DateTimeOptions = $_POST['DateTimeOptions']; $UserOptions = $_POST['UserOptions']; $ModuleOptions = $_POST['ModuleOptions']; $KeywordSearch = $_POST['KeywordSearch']; $IPAddressOptions = $_POST['IPAddressOptions']; $TimeStart = $_POST['TimeStart']; $TimeEnd = $_POST['TimeEnd']; $Username = $_POST['Username']; $Module = $_POST['Module']; $Keyword = $_POST['Keyword'];
<?php //****************************************************************** //This file was generated by Cobalt, a rapid application development //framework developed by JV Roig (jvroig@jvroig.com). // //Cobalt on the web: http://cobalt.jvroig.com //****************************************************************** require 'path.php'; init_cobalt('View user passport groups'); if (isset($_GET['passport_group_id'])) { $passport_group_id = urldecode($_GET['passport_group_id']); require 'form_data_user_passport_groups.php'; } if (xsrf_guard()) { init_var($_POST['btn_back']); if ($_POST['btn_back']) { log_action('Pressed cancel button'); require 'components/query_string_standard.php'; redirect("listview_user_passport_groups.php?{$query_string}"); } } require 'subclasses/user_passport_groups_html.php'; $html = new user_passport_groups_html(); $html->draw_header('Detail View: User Passport Groups', $message, $message_type); $html->draw_listview_referrer_info($filter_field_used, $filter_used, $page_from, $filter_sort_asc, $filter_sort_desc); $html->detail_view = TRUE; $html->draw_controls('view'); $html->draw_footer();
function commit_update($u_login_to_update, &$tab_new_user, &$tab_new_jours_an, &$tab_new_solde, &$tab_new_reliquat, $tab_checkbox_sem_imp, $tab_checkbox_sem_p, $DEBUG = FALSE) { //$DEBUG=TRUE; $PHP_SELF = $_SERVER['PHP_SELF']; $session = session_id(); $result = TRUE; // recup du tableau des types de conges (seulement les conges) $tab_type_conges = recup_tableau_types_conges($DEBUG); $tab_type_conges_excep = array(); if ($_SESSION['config']['gestion_conges_exceptionnels']) { $tab_type_conges_excep = recup_tableau_types_conges_exceptionnels($DEBUG); } if ($DEBUG) { echo "tab_new_jours_an = <br>\n"; print_r($tab_new_jours_an); echo "<br>\n"; echo "tab_new_solde = <br>\n"; print_r($tab_new_solde); echo "<br>\n"; echo "tab_new_reliquat = <br>\n"; print_r($tab_new_reliquat); echo "<br>\n"; echo "tab_type_conges = <br>\n"; print_r($tab_type_conges); echo "<br>\n"; echo "tab_type_conges_excep = <br>\n"; print_r($tab_type_conges_excep); echo "<br>\n"; } echo "{$u_login_to_update}---" . $tab_new_user['nom'] . "---" . $tab_new_user['prenom'] . "---" . $tab_new_user['quotite'] . "---" . $tab_new_user['is_resp'] . "---" . $tab_new_user['resp_login'] . "---" . $tab_new_user['is_admin'] . "---" . $tab_new_user['is_hr'] . "---" . $tab_new_user['is_active'] . "---" . $tab_new_user['see_all'] . "---" . $tab_new_user['email'] . "---" . $tab_new_user['login'] . "<br>\n"; $valid_1 = TRUE; $valid_2 = TRUE; $valid_3 = TRUE; $valid_reliquat = TRUE; // verification de la validite de la saisie du nombre de jours annuels et du solde pour chaque type de conges foreach ($tab_type_conges as $id_conges => $libelle) { $valid_1 = $valid_1 && verif_saisie_decimal($tab_new_jours_an[$id_conges], $DEBUG); //verif la bonne saisie du nombre d?cimal $valid_2 = $valid_2 && verif_saisie_decimal($tab_new_solde[$id_conges], $DEBUG); //verif la bonne saisie du nombre d?cimal $valid_reliquat = $valid_reliquat && verif_saisie_decimal($tab_new_reliquat[$id_conges], $DEBUG); //verif la bonne saisie du nombre d?cimal } // si l'application gere les conges exceptionnels ET si des types de conges exceptionnels ont été définis if ($_SESSION['config']['gestion_conges_exceptionnels'] && count($tab_type_conges_excep) > 0) { $valid_3 = TRUE; // vérification de la validité de la saisie du nombre de jours annuels et du solde pour chaque type de conges exceptionnels foreach ($tab_type_conges_excep as $id_conges => $libelle) { $valid_3 = $valid_3 && verif_saisie_decimal($tab_new_solde[$id_conges], $DEBUG); //verif la bonne saisie du nombre décimal } } else { $valid_3 = TRUE; } if ($DEBUG) { echo "valid_1 = {$valid_1} // valid_2 = {$valid_2} // valid_3 = {$valid_3} // valid_reliquat = {$valid_reliquat} <br>\n"; } // si aucune erreur de saisie n'a ete commise if ($valid_1 && $valid_2 && $valid_3 && $valid_reliquat) { // UPDATE de la table conges_users $sql = 'UPDATE conges_users SET u_nom=\'' . SQL::quote($tab_new_user['nom']) . '\', u_prenom=\'' . SQL::quote($tab_new_user['prenom']) . '\', u_is_resp=\'' . SQL::quote($tab_new_user['is_resp']) . '\', u_resp_login=\'' . SQL::quote($tab_new_user['resp_login']) . '\',u_is_admin=\'' . SQL::quote($tab_new_user['is_admin']) . '\',u_is_hr=\'' . SQL::quote($tab_new_user['is_hr']) . '\',u_is_active=\'' . SQL::quote($tab_new_user['is_active']) . '\',u_see_all=\'' . SQL::quote($tab_new_user['see_all']) . '\',u_login=\'' . SQL::quote($tab_new_user['login']) . '\',u_quotite=\'' . SQL::quote($tab_new_user['quotite']) . '\',u_email=\'' . SQL::quote($tab_new_user['email']) . '\' WHERE u_login=\'' . SQL::quote($u_login_to_update) . '\''; SQL::query($sql); /*************************************/ /* Mise a jour de la table conges_solde_user */ foreach ($tab_type_conges as $id_conges => $libelle) { $sql = 'REPLACE INTO conges_solde_user SET su_nb_an=\'' . strtr(round_to_half($tab_new_jours_an[$id_conges]), ",", ".") . '\',su_solde=\'' . strtr(round_to_half($tab_new_solde[$id_conges]), ",", ".") . '\',su_reliquat=\'' . strtr(round_to_half($tab_new_reliquat[$id_conges]), ",", ".") . '\',su_login=\'' . SQL::quote($u_login_to_update) . '\',su_abs_id=' . intval($id_conges) . ';'; echo $sql; SQL::query($sql); } if ($_SESSION['config']['gestion_conges_exceptionnels']) { foreach ($tab_type_conges_excep as $id_conges => $libelle) { $sql = 'REPLACE INTO conges_solde_user SET su_nb_an=0, su_solde=\'' . strtr(round_to_half($tab_new_solde[$id_conges]), ",", ".") . '\', su_reliquat=\'' . strtr(round_to_half($tab_new_reliquat[$id_conges]), ",", ".") . '\', su_login=\'' . SQL::quote($u_login_to_update) . '\', su_abs_id=' . intval($id_conges) . ';'; echo $sql; SQL::query($sql); } } /*************************************/ /* Mise a jour de la table artt si besoin : */ $tab_grille_rtt_actuelle = get_current_grille_rtt($u_login_to_update, $DEBUG); $tab_new_grille_rtt = tab_grille_rtt_from_checkbox($tab_checkbox_sem_imp, $tab_checkbox_sem_p, $DEBUG); if ($tab_grille_rtt_actuelle != $tab_new_grille_rtt) { /* if($tab_grille_rtt_actuelle==$tab_new_grille_rtt) { // on ne touche pas à la table artt } else { */ $new_date_deb_grille = $tab_new_user['year'] . "-" . $tab_new_user['mois'] . "-" . $tab_new_user['jour']; /****************************/ /*** phase 1 : ***/ // si la derniere grille est ancienne, on l'update (on update la date de fin de grille) // sinon, si la derniere grille date d'aujourd'hui, on la supprime // on regarde si la grille artt a deja été modifiée aujourd'hui : $sql = 'SELECT a_date_fin_grille FROM conges_artt WHERE a_login=\'' . SQL::quote($u_login_to_update) . '\' AND a_date_debut_grille=\'' . SQL::quote($new_date_deb_grille) . '\';'; $result_grille = SQL::query($sql); $count_grille = $result_grille->num_rows; if ($count_grille == 0) { // date de fin de la grille précedent : // $new_date_fin_grille = $new_date_deb_grille -1 jour ! $new_jour_num = (int) $tab_new_user['jour']; $new_mois_num = (int) $tab_new_user['mois']; $new_year_num = (int) $tab_new_user['year']; $new_date_fin_grille = date("Y-m-d", mktime(0, 0, 0, $new_mois_num, $new_jour_num - 1, $new_year_num)); // int mktime(int hour, int minute, int second, int month, int day, int year ) // UPDATE de la table conges_artt // en fait, on update la dernière grille (on update la date de fin de grille), et on ajoute une nouvelle // grille (avec sa date de début de grille) // on update la dernière grille (on update la date de fin de grille) $sql = 'UPDATE conges_artt SET a_date_fin_grille=\'' . SQL::quote($new_date_fin_grille) . '\' WHERE a_login=\'' . SQL::quote($u_login_to_update) . '\' AND a_date_fin_grille=\'9999-12-31\' '; SQL::query($sql); } else { $sql = 'DELETE FROM conges_artt WHERE a_login=\'' . SQL::quote($u_login_to_update) . '\' AND a_date_debut_grille=\'' . SQL::quote($new_date_deb_grille); SQL::query($sql); } /****************************/ /*** phase 2 : ***/ // on Insert la nouvelle grille (celle qui commence aujourd'hui) // on met à 'Y' les demi-journées de rtt (et seulement celles là) $list_columns = ""; $list_valeurs = ""; $i = 0; if ($tab_checkbox_sem_imp != "") { while (list($key, $val) = each($tab_checkbox_sem_imp)) { if ($i != 0) { $list_columns = $list_columns . ", "; $list_valeurs = $list_valeurs . ", "; } $list_columns = $list_columns . " {$key} "; $list_valeurs = $list_valeurs . " '{$val}' "; $i = $i + 1; } } if ($tab_checkbox_sem_p != "") { while (list($key, $val) = each($tab_checkbox_sem_p)) { if ($i != 0) { $list_columns = $list_columns . ", "; $list_valeurs = $list_valeurs . ", "; } $list_columns = $list_columns . " {$key} "; $list_valeurs = $list_valeurs . " '{$val}' "; $i = $i + 1; } } if ($list_columns != "" && $list_valeurs != "") { $sql = "INSERT INTO conges_artt (a_login, {$list_columns}, a_date_debut_grille ) VALUES ('{$u_login_to_update}', {$list_valeurs}, '{$new_date_deb_grille}') "; SQL::query($sql); } } // Si changement du login, (on a dèja updaté la table users (mais pas les responsables !!!)) on update toutes les autres tables // (les grilles artt, les periodes de conges et les échanges de rtt, etc ....) avec le nouveau login if ($tab_new_user['login'] != $u_login_to_update) { // update table artt $sql = 'UPDATE conges_artt SET a_login=\'' . SQL::quote($tab_new_user['login']) . '\' WHERE a_login=\'' . SQL::quote($u_login_to_update) . '\' '; SQL::query($sql); // update table echange_rtt $sql = 'UPDATE conges_echange_rtt SET e_login=\'' . SQL::quote($tab_new_user['login']) . '\' WHERE e_login=\'' . SQL::quote($u_login_to_update) . '\' '; SQL::query($sql); // update table edition_papier $sql = 'UPDATE conges_edition_papier SET ep_login=\'' . SQL::quote($tab_new_user['login']) . '\' WHERE ep_login=\'' . SQL::quote($u_login_to_update) . '\' '; SQL::query($sql); // update table groupe_grd_resp $sql = 'UPDATE conges_groupe_grd_resp SET ggr_login=\'' . SQL::quote($tab_new_user['login']) . '\' WHERE ggr_login=\'' . SQL::quote($u_login_to_update) . '\' '; SQL::query($sql); // update table groupe_resp $sql = 'UPDATE conges_groupe_resp SET gr_login=\'' . SQL::quote($tab_new_user['login']) . '\' WHERE gr_login=\'' . SQL::quote($u_login_to_update) . '\' '; SQL::query($sql); // update table conges_groupe_users $sql = 'UPDATE conges_groupe_users SET gu_login=\'' . SQL::quote($tab_new_user['login']) . '\' WHERE gu_login=\'' . SQL::quote($u_login_to_update) . '\' '; SQL::query($sql); // update table periode $sql = 'UPDATE conges_periode SET p_login=\'' . SQL::quote($tab_new_user['login']) . '\' WHERE p_login=\'' . SQL::quote($u_login_to_update) . '\' '; SQL::query($sql); // update table conges_solde_user $sql = 'UPDATE conges_solde_user SET su_login=\'' . SQL::quote($tab_new_user['login']) . '\' WHERE su_login=\'' . SQL::quote($u_login_to_update) . '\' '; SQL::query($sql); // update table conges_users $sql = 'UPDATE conges_users SET u_resp_login=\'' . SQL::quote($tab_new_user['login']) . '\' WHERE u_resp_login=\'' . SQL::quote($u_login_to_update) . '\' '; SQL::query($sql); } if ($tab_new_user['login'] != $u_login_to_update) { $comment_log = "modif_user (old_login = {$u_login_to_update}) new_login = "******"modif_user login = {$u_login_to_update}"; } log_action(0, "", $u_login_to_update, $comment_log, $DEBUG); echo _('form_modif_ok') . " !<br><br> \n"; } else { echo _('form_modif_not_ok') . " !<br><br> \n"; } }
function commit_saisie($tab_checkbox_j_chome, $DEBUG = FALSE) { $PHP_SELF = $_SERVER['PHP_SELF']; $session = session_id(); if ($DEBUG) { echo "tab_checkbox_j_chome : <br>\n"; print_r($tab_checkbox_j_chome); echo "<br>\n"; } // si l'année est déja renseignée dans la database, on efface ttes les dates de l'année if (verif_year_deja_saisie($tab_checkbox_j_chome, $DEBUG)) { $result = delete_year($tab_checkbox_j_chome, $DEBUG); } // on insert les nouvelles dates saisies $result = insert_year($tab_checkbox_j_chome, $DEBUG); // on recharge les jours feries dans les variables de session init_tab_jours_feries($DEBUG); if ($result) { echo "<div class=\"alert alert-success\">" . _('form_modif_ok') . "</div>\n"; } else { echo "<div class=\"alert alert-danger\">" . _('form_modif_not_ok') . "</div>\n"; } $date_1 = key($tab_checkbox_j_chome); $tab_date = explode('-', $date_1); $comment_log = "saisie des jours chomés pour " . $tab_date[0]; log_action(0, "", "", $comment_log, $DEBUG); }
function traite_all_demande_en_cours($tab_bt_radio, $tab_text_refus, $DEBUG = FALSE) { $PHP_SELF = $_SERVER['PHP_SELF']; $session = session_id(); while ($elem_tableau = each($tab_bt_radio)) { $champs = explode("--", $elem_tableau['value']); $user_login = $champs[0]; $user_nb_jours_pris = $champs[1]; $type_abs = $champs[2]; // id du type de conges demandé $date_deb = $champs[3]; $demi_jour_deb = $champs[4]; $date_fin = $champs[5]; $demi_jour_fin = $champs[6]; $reponse = $champs[7]; $numero = $elem_tableau['key']; $numero_int = (int) $numero; echo "{$numero}---{$user_login}---{$user_nb_jours_pris}---{$reponse}<br>\n"; /* Modification de la table conges_periode */ if (strcmp($reponse, "VALID") == 0) { /* UPDATE table "conges_periode" */ $sql1 = "UPDATE conges_periode SET p_etat=\"valid\", p_date_traitement=NOW() WHERE p_num={$numero_int}"; /* On valide l'UPDATE dans la table "conges_periode" ! */ $ReqLog1 = SQL::query($sql1); // Log de l'action log_action($numero_int, "valid", $user_login, "traite demande {$numero} ({$user_login}) ({$user_nb_jours_pris} jours) : {$reponse}", $DEBUG); //envoi d'un mail d'alerte au user et au responsable du resp (pour double validation) (si demandé dans config de php_conges) if ($_SESSION['config']['mail_prem_valid_conges_alerte_user']) { alerte_mail($_SESSION['userlogin'], $user_login, $numero_int, "valid_conges", $DEBUG); } } if (strcmp($reponse, "OK") == 0) { /* UPDATE table "conges_periode" */ $sql1 = "UPDATE conges_periode SET p_etat=\"ok\", p_date_traitement=NOW() WHERE p_num={$numero_int}"; /* On valide l'UPDATE dans la table "conges_periode" ! */ $ReqLog1 = SQL::query($sql1); // Log de l'action log_action($numero_int, "ok", $user_login, "traite demande {$numero} ({$user_login}) ({$user_nb_jours_pris} jours) : {$reponse}", $DEBUG); /* UPDATE table "conges_solde_user" (jours restants) */ soustrait_solde_et_reliquat_user($user_login, $numero_int, $user_nb_jours_pris, $type_abs, $date_deb, $demi_jour_deb, $date_fin, $demi_jour_fin, $DEBUG); // soustrait_solde_user($user_login, $user_nb_jours_pris, $type_abs, $DEBUG); //envoi d'un mail d'alerte au user (si demandé dans config de php_conges) if ($_SESSION['config']['mail_valid_conges_alerte_user']) { alerte_mail($_SESSION['userlogin'], $user_login, $numero_int, "accept_conges", $DEBUG); } } elseif (strcmp($reponse, "not_OK") == 0) { // recup du motif de refus $motif_refus = addslashes($tab_text_refus[$numero_int]); $sql1 = "UPDATE conges_periode SET p_etat=\"refus\", p_motif_refus='{$motif_refus}', p_date_traitement=NOW() WHERE p_num={$numero_int}"; //echo "$sql1<br>\n"); // Log de l'action log_action($numero_int, "refus", $user_login, "traite demande {$numero} ({$user_login}) ({$user_nb_jours_pris} jours) : refus", $DEBUG); /* On valide l'UPDATE dans la table ! */ $ReqLog1 = SQL::query($sql1); //envoi d'un mail d'alerte au user (si demandé dans config de php_conges) if ($_SESSION['config']['mail_refus_conges_alerte_user']) { alerte_mail($_SESSION['userlogin'], $user_login, $numero_int, "refus_conges", $DEBUG); } } } }
} if (xsrf_guard()) { init_var($_POST['btn_cancel']); init_var($_POST['btn_submit']); require 'components/query_string_standard.php'; require 'subclasses/user_links.php'; $dbh_user_links = new user_links(); $object_name = 'dbh_user_links'; require 'components/create_form_data.php'; extract($arr_form_data); if ($_POST['btn_cancel']) { log_action('Pressed cancel button'); redirect("listview_user_links.php?{$query_string}"); } if ($_POST['btn_submit']) { log_action('Pressed submit button'); $message .= $dbh_user_links->sanitize($arr_form_data)->lst_error; extract($arr_form_data); if ($dbh_user_links->check_uniqueness($arr_form_data)->is_unique) { //Good, no duplicate in database } else { $message = "Record already exists with the same primary identifiers!"; } if ($message == "") { $dbh_user_links->add($arr_form_data); redirect("listview_user_links.php?{$query_string}"); } } } require 'subclasses/user_links_html.php'; $html = new user_links_html();
if ($data_con->num_rows == 1) { extract($data_con->dump); $_SESSION['header'] = $header; $_SESSION['footer'] = $footer; $_SESSION['skin'] = $skin_name; $_SESSION['master_css'] = $master_css; $_SESSION['colors_css'] = $colors_css; $_SESSION['fonts_css'] = $fonts_css; $_SESSION['override_css'] = $override_css; $_SESSION['icon_set'] = $icon_set; if (trim($_SESSION['icon_set'] == '')) { $_SESSION['icon_set'] = 'cobalt'; } } $data_con->close_db(); log_action('Logged in'); //check if user must rehash his password due to updated method or work factor/iterations if (cobalt_password_must_rehash($username)) { $hashed_password = cobalt_password_hash('NEW', $password, $username, $new_salt, $new_iteration, $new_method); $data_con = new data_abstraction(); $data_con->set_query_type('UPDATE'); $data_con->set_table('user'); $data_con->set_update("`password`=?, `salt`=?, `iteration`=?, `method`=?"); $data_con->set_where("username=?"); $bind_params = array('ssiss', $hashed_password, $new_salt, $new_iteration, $new_method, $username); $data_con->stmt_prepare($bind_params); $data_con->stmt_execute(); } redirect('start.php'); } else { $error_message = "Check username and password.";