// 9 [8] Area (HTML) -> a.area_name // 10 [9] Room (HTML) -> r.room_name // 11 [10] Room description -> r.description // 12 [11] id de l'area -> a.id // 13 [12] les champs additionnele -> e.overload_desc // Tableau des ressources invisibles pour l'utilisateur $sql = "SELECT distinct e.id, e.start_time, e.end_time, e.name, e.description, " . "e.type, e.beneficiaire, " . grr_sql_syntax_timestamp_to_unix("e.timestamp") . ", a.area_name, r.room_name, r.description, a.id, e.overload_desc" . " FROM " . TABLE_PREFIX . "_entry e, " . TABLE_PREFIX . "_area a, " . TABLE_PREFIX . "_room r, " . TABLE_PREFIX . "_type_area t"; // Si l'utilisateur n'est pas administrateur, seuls les domaines auxquels il a accès sont pris en compte if (authGetUserLevel(getUserName(), -1) < 6) { if ($test_grr_j_user_area != 0) { $sql .= ", " . TABLE_PREFIX . "_j_user_area j "; } } $sql .= " WHERE e.room_id = r.id AND r.area_id = a.id"; // on ne cherche pas parmi les ressources invisibles pour l'utilisateur $tab_rooms_noaccess = verif_acces_ressource(getUserName(), 'all'); foreach ($tab_rooms_noaccess as $key) { $sql .= " and r.id != {$key} "; } // Si l'utilisateur n'est pas administrateur, seuls les domaines auxquels il a accès sont pris en compte if (authGetUserLevel(getUserName(), -1) < 6) { if ($test_grr_j_user_area == 0) { $sql .= " and a.access='a' "; } else { $sql .= " and ((j.login='******' and j.id_area=a.id and a.access='r') or (a.access='a')) "; } } $sql .= " AND e.start_time < {$report_end} AND e.end_time > {$report_start}"; $k = 0; if (isset($champ[0])) { $sql .= " AND (";
if (!isset($retour_page)) { $retour_page = $back; // on nettoie la chaine : $long_chaine_a_supprimer = strlen(strstr($retour_page, "&msg=")); // longueur de la chaine e partir de la premiere occurence de &msg= if ($long_chaine_a_supprimer == 0) { $long_chaine_a_supprimer = strlen(strstr($retour_page, "?msg=")); } $long = strlen($retour_page) - $long_chaine_a_supprimer; $retour_page = substr($retour_page, 0, $long); } // modification d'une resource : admin ou gestionnaire if (authGetUserLevel(getUserName(), -1) < 6) { if (isset($room)) { // Il s'agit d'une modif de ressource if (authGetUserLevel(getUserName(), $room) < 3 || !verif_acces_ressource(getUserName(), $room)) { showAccessDenied($back); exit; } } else { if (isset($area_id)) { // On verifie que le domaine $area_id existe $test = grr_sql_query1("SELECT id FROM " . TABLE_PREFIX . "_area WHERE id='" . $area_id . "'"); if ($test == -1) { showAccessDenied($back); exit; } // Il s'agit de l'ajout d'une ressource // On verifie que l'utilisateur a le droit d'ajouter des ressources if (authGetUserLevel(getUserName(), $area_id, 'area') < 4) { showAccessDenied($back);
echo '<tr>' . PHP_EOL; if ($iii % 2 == 1) { tdcell("cell_hours"); } else { tdcell("cell_hours2"); } $iii++; if ($enable_periods == 'y') { $time_t = date("i", $t); $time_t_stripped = preg_replace("/^0/", "", $time_t); echo $periods_name[$time_t_stripped] . '</td>' . PHP_EOL; } else { echo affiche_heure_creneau($t, $resolution) . '</td>' . PHP_EOL; } while (list($key, $room) = each($rooms)) { if (verif_acces_ressource(getUserName(), $room)) { if (isset($today[$room][$t]["id"])) { $id = $today[$room][$t]["id"]; $color = $today[$room][$t]["color"]; $descr = $today[$room][$t]["data"]; } else { unset($id); } if (isset($id) && !est_hors_reservation(mktime(0, 0, 0, $month, $day, $year), $area)) { $c = $color; } else { if ($statut_room[$room] == "0") { $c = "avertissement"; } else { $c = "empty_cell"; }
/** * Affichage des rooms sous la forme d'un input * * @param string $link * @param string $current_area * @param string $current_room * @param string $year * @param string $month * @param string $day * @return string */ function make_room_item_html($link, $current_area, $current_room, $year, $month, $day) { global $vocab; $out_html = '<br />' . PHP_EOL . '<div class="panel panel-default">' . PHP_EOL . '<div class="panel-heading">' . get_vocab("rooms") . get_vocab("deux_points") . '</div>' . PHP_EOL . '<div class="panel-body">' . PHP_EOL . '<form class="ressource" id="room_001" action="' . $_SERVER['PHP_SELF'] . '">' . PHP_EOL; $sql = "SELECT id, room_name, description FROM " . TABLE_PREFIX . "_room WHERE area_id='" . protect_data_sql($current_area) . "' ORDER BY order_display,room_name"; $res = grr_sql_query($sql); if ($res) { for ($i = 0; $row = grr_sql_row($res, $i); $i++) { if (verif_acces_ressource(getUserName(), $row[0])) { $link2 = $link . '.php?year=' . $year . '&month=' . $month . '&day=' . $day . '&room=' . $row[0]; $link_all_room = 'week_all.php?year=' . $year . '&month=' . $month . '&day=' . $day . '&area=' . $current_area; if (!isset($_GET['room'])) { if (isset($all_ressource) && $all_ressource == 0) { $out_html .= '<div class="panel-body">' . PHP_EOL . '<input id="item_select" class="btn btn-primary btn-lg btn-block" name="all_room" value="Toutes les ressources" onclick="location.href=\'' . $link_all_room . '\' ;charger();"/>' . PHP_EOL; } $out_html .= '<input class="btn btn-default btn-lg btn-block item" type="button" name="' . $row[0] . '" value="' . htmlspecialchars($row[1]) . '" onclick="location.href=\'' . $link2 . '\' ;charger();"/>' . PHP_EOL; $all_ressource = 1; } else { if (isset($all_ressource) && $all_ressource == 0) { $out_html .= '<input class="btn btn-primary btn-lg btn-block item" type="button" name="all_room" value="Toutes les ressources" onclick="location.href=\'' . $link_all_room . '\' ;charger();"/>' . PHP_EOL; } $all_ressource = 1; if ($current_room == $row[0]) { $out_html .= '<input class="btn btn-primary btn-lg btn-block item_select" type="button" name="' . $row[0] . '" value="' . htmlspecialchars($row[1]) . '" onclick="location.href=\'' . $link2 . '\';charger();"/>' . PHP_EOL; } else { $out_html .= '<input class="btn btn-default btn-lg btn-block item" type="button" name="' . $row[0] . '" value="' . htmlspecialchars($row[1]) . '" onclick="location.href=\'' . $link2 . '\' ;charger();"/>' . PHP_EOL; } } } } } $out_html .= '</form>' . PHP_EOL . '</div>' . PHP_EOL . '</div>' . PHP_EOL; return $out_html; }
* sorti de la boucle for */ $tplArray['vocab']['ressource_temporairement_indisponible'] = get_vocab('ressource_temporairement_indisponible'); $tplArray['vocab']['fiche_ressource'] = get_vocab('fiche_ressource'); $tplArray['vocab']['ressource_actuellement_empruntee'] = get_vocab('ressource actuellement empruntee'); $tplArray['vocab']['reservation_a_confirmer_au_plus_tard_le'] = get_vocab('reservation_a_confirmer_au_plus_tard_le'); $tplArray['vocab']['en_attente_moderation'] = get_vocab('en_attente_moderation'); $tplArray['vocab']['reservation_impossible'] = get_vocab('reservation_impossible'); $tplArray['vocab']['cliquez_pour_effectuer_une_reservation'] = get_vocab('cliquez_pour_effectuer_une_reservation'); $tplArray['vocab']['top_of_page'] = get_vocab('top_of_page'); $li = 0; /* incrément des room accessibles, todo peut faire dvoublon avec $li, à refactoriser */ $incrementRoomAccessible = 0; for ($ir = 0; $row = grr_sql_row($res, $ir); $ir++) { /* un tour de boucle par room */ $verif_acces_ressource = verif_acces_ressource(getUserName(), $row['2']); if ($verif_acces_ressource) { /* l'incrément est différent de celui de la boucle si certaines room ne sont pas accessibles */ $acces_fiche_reservation = verif_acces_fiche_reservation(getUserName(), $row['2']); $UserRoomMaxBooking = UserRoomMaxBooking(getUserName(), $row['2'], 1); $authGetUserLevel = authGetUserLevel(getUserName(), -1); $auth_visiteur = auth_visiteur(getUserName(), $row['2']); $tplArray['rooms'][$incrementRoomAccessible]['id'] = $row[2]; $tplArray['rooms'][$incrementRoomAccessible]['capacity'] = $row[1]; $tplArray['rooms'][$incrementRoomAccessible]['description'] = $row[3]; //echo '<tr>'.PHP_EOL; /* remplacé par la class "table_stripped de bootstrap */ /*if ($ir % 2 == 1) { echo tdcell('cell_hours'); } else { echo tdcell('cell_hours2');
} echo '<h4 class="titre">' . ucfirst($this_area_name) . ' - ' . get_vocab("all_areas") . '<br>' . ucfirst(utf8_strftime("%B %Y", $month_start)) . ' </h4>' . PHP_EOL; if ($_GET['pview'] != 1) { echo ' <a href="month_all2.php?year=' . $year . '&month=' . $month . '&area=' . $area . '"><img src="img_grr/change_view.png" alt="' . get_vocab("change_view") . '" title="' . get_vocab("change_view") . '" class="image" /></a>' . PHP_EOL; } echo '</div>' . PHP_EOL; if (isset($_GET['precedent'])) { if ($_GET['pview'] == 1 && $_GET['precedent'] == 1) { echo '<span id="lienPrecedent">' . PHP_EOL; echo '<button class="btn btn-default btn-xs" onclick="charger();javascript:history.back();">Précedent</button>' . PHP_EOL; echo '</span>' . PHP_EOL; } } echo '<div class="contenu_planning">' . PHP_EOL; for ($i = 0; $row = grr_sql_row($res, $i); $i++) { $verif_acces_ressource[$row[10]] = verif_acces_ressource(getUserName(), $row[10]); $acces_fiche_reservation[$row[10]] = verif_acces_fiche_reservation(getUserName(), $row[10]); $t = max((int) $row[0], $month_start); $end_t = min((int) $row[1], $month_end); $day_num = date("j", $t); if ($enable_periods == 'y') { $midnight = mktime(12, 0, 0, $month, $day_num, $year); } else { $midnight = mktime(0, 0, 0, $month, $day_num, $year); } while ($t < $end_t) { $d[$day_num]["id"][] = $row[2]; $d[$day_num]["id_room"][] = $row[10]; if (Settings::get("display_info_bulle") == 1) { $d[$day_num]["who"][] = get_vocab("reservee au nom de") . affiche_nom_prenom_email($row[4], $row[9], "nomail"); } else {
} if (!verif_qui_peut_reserver_pour($room_id, getUserName(), $beneficiaire)) { $error_qui_peut_reserver_pour = 'yes'; } if (!verif_heure_debut_fin($starttime, $endtime, $area)) { $error_heure_debut_fin = 'yes'; } if (resa_est_hors_reservation2($starttime, $endtime, $area)) { $error_heure_debut_fin = 'yes'; } } $statut_room = grr_sql_query1('SELECT statut_room from ' . TABLE_PREFIX . "_room where id = '{$room_id}'"); if ($statut_room == '0' && authGetUserLevel(getUserName(), $room_id) < 3) { $error_booking_room_out = 'yes'; } if (!verif_acces_ressource(getUserName(), $room_id)) { $error_booking_room_out = 'yes'; } } $err = ''; if ($error_booking_in_past == 'no' && $error_chevaussement == 'no' && $error_duree_max_resa_area == 'no' && $error_delais_max_resa_room == 'no' && $error_delais_min_resa_room == 'no' && $error_date_option_reservation == 'no' && $error_qui_peut_reserver_pour == 'no' && $error_heure_debut_fin == 'no') { foreach ($_GET['rooms'] as $room_id) { if ($rep_type != 0 && !empty($reps)) { if (count($reps) < $max_rep_entrys) { $diff = $endtime - $starttime; for ($i = 0; $i < count($reps); ++$i) { if (isset($_GET['del_entry_in_conflict']) && $_GET['del_entry_in_conflict'] == 'yes') { grrDelEntryInConflict($room_id, $reps[$i], $reps[$i] + $diff, $ignore_id, $repeat_id, 0); } if ($i == count($reps) - 1) { $tmp = mrbsCheckFree($room_id, $reps[$i], $reps[$i] + $diff, $ignore_id, $repeat_id);
/** * Menu gauche affichage des room via select. * * @param string $link * @param string $current_area * @param string $current_room * @param string $year * @param string $month * @param string $day * * @return string */ function make_room_selection_fields($link, $current_area, $current_room, $year, $month, $day, $fieldType) { global $twig; $tplArray['fieldType'] = $fieldType; $tplArray['vocab']['rooms'] = get_vocab('rooms'); $tplArray['vocab']['all_rooms'] = get_vocab('all_rooms'); $tplArray['formAction'] = urlencode(strip_tags($_SERVER['PHP_SELF'])); $tplArray['linkToAllRoom'] = $link . '_all.php?year=' . $year . '&month=' . $month . '&day=' . $day . '&area=' . $current_area; /*$out_html = '<b><i>'.get_vocab('rooms').get_vocab('deux_points').'</i></b><br /><form id="room_001" action="'.$_SERVER['PHP_SELF'].'"><div><select class="form-control" name="room" onchange="room_go()">'; $out_html .= '<option value="'.$link."_all.php?year=$year&month=$month&day=$day&area=$current_area\">".get_vocab('all_rooms').'</option>';*/ $sql = 'select id, room_name, description from ' . TABLE_PREFIX . "_room WHERE area_id='" . protect_data_sql($current_area) . "' order by order_display,room_name"; $res = grr_sql_query($sql); if ($res) { for ($i = 0; $row = grr_sql_row($res, $i); ++$i) { if (verif_acces_ressource(getUserName(), $row[0])) { if ($row[2]) { $temp = ' (' . mb_substr($row[2], 0, 10) . '... )'; } else { $temp = ''; } $tplArray['rooms'][$i]['linkToRoom'] = $link . '.php?year=' . $year . '&month=' . $month . '&day=' . $day . '&room=' . $row[0]; $tplArray['rooms'][$i]['txtOption'] = htmlspecialchars(strip_tags($row[1] . $temp)); /*if ($row[0] == $current_area) {*/ $tplArray['rooms'][$i]['current'] = $row[0] == $current_area ? true : false; //$selected = ($row[0] == $current_room) ? 'selected="selected"' : ''; //$link2 = $link.'.php?year='.$year.'&month='.$month.'&day='.$day.'&room='.$row[0]; //$out_html .= "<option $selected value=\"$link2\">".htmlspecialchars($row[1].$temp).'</option>'.PHP_EOL; } } } /*$out_html .= '</select>'.PHP_EOL; $out_html .= '</div>'.PHP_EOL; $out_html .= '<script type="text/javascript">'.PHP_EOL; $out_html .= 'function room_go()'.PHP_EOL; $out_html .= ' {'.PHP_EOL; $out_html .= 'box = document.getElementById("room_001").room;'.PHP_EOL; $out_html .= 'destination = box.options[box.selectedIndex].value;'.PHP_EOL; $out_html .= 'if (destination) location.href = destination;'.PHP_EOL; $out_html .= '}'.PHP_EOL; $out_html .= '</script>'.PHP_EOL; $out_html .= '<noscript>'.PHP_EOL; $out_html .= '<div>'.PHP_EOL; $out_html .= '<input type="submit" value="Change" />'.PHP_EOL; $out_html .= '</div>'.PHP_EOL; $out_html .= '</noscript>'.PHP_EOL; $out_html .= '</form>'.PHP_EOL;*/ return $tplArray; //return $twig->render('forms/roomFields.html.twig', $tplArray); //return $out_html; }
// Resume session include "include/resume_session.php"; // Paramètres langage include "include/language.inc.php"; $id_room = isset($_GET["id_room"]) ? $_GET["id_room"] : NULL; if (isset($id_room)) { settype($id_room, "integer"); } else { $print = "all"; } if (Settings::get("authentification_obli") == 0 && getUserName() == '') { $type_session = "no_session"; } else { $type_session = "with_session"; } if (authGetUserLevel(getUserName(), -1) < 1 && Settings::get("authentification_obli") == 1 || !verif_acces_ressource(getUserName(), $id_room)) { showAccessDenied(''); exit; } echo begin_page(get_vocab("mrbs") . get_vocab("deux_points") . Settings::get("company")); $res = grr_sql_query("SELECT * FROM " . TABLE_PREFIX . "_room WHERE id={$id_room}"); if (!$res) { fatal_error(0, get_vocab('error_room') . $id_room . get_vocab('not_found')); } $row = grr_sql_row_keyed($res, 0); grr_sql_free($res); echo "<h3 style=\"text-align:center;\">"; echo get_vocab("room") . get_vocab("deux_points") . " " . htmlspecialchars($row["room_name"]); $id_area = mrbsGetRoomArea($id_room); $area_name = grr_sql_query1("select area_name from " . TABLE_PREFIX . "_area where id='" . $id_area . "'"); $area_access = grr_sql_query1("select access from " . TABLE_PREFIX . "_area where id='" . $id_area . "'");
$long_chaine_a_supprimer = strlen(strstr($retour_page,"&msg=")); // longueur de la chaine à partir de la première occurence de &msg= if ($long_chaine_a_supprimer==0) $long_chaine_a_supprimer = strlen(strstr($retour_page,"?msg=")); $long = strlen($retour_page) - $long_chaine_a_supprimer; $retour_page = substr($retour_page,0,$long); } $day = date("d"); $month = date("m"); $year = date("Y"); // modification d'une resource : admin ou gestionnaire if (authGetUserLevel(getUserName(),-1) < 6) { if (isset($room)) { // Il s'agit d'une modif de ressource if (((authGetUserLevel(getUserName(),$room) < 3)) or (!verif_acces_ressource(getUserName(), $room))) { showAccessDenied($day, $month, $year, '',$back); exit(); } } else { if (isset($area_id)) { // On vérifie que le domaine $area_id existe $test = grr_sql_query1("select id from ".TABLE_PREFIX."_area where id='".$area_id."'"); if ($test == -1) { showAccessDenied($day, $month, $year, '',$back); exit(); } // Il s'agit de l'ajout d'une ressource // On vérifie que l'utilisateur a le droit d'ajouter des ressources if ((authGetUserLevel(getUserName(),$area_id,'area') < 4)) { showAccessDenied($day, $month, $year, '',$back);
} }; // Paramètres langage include "include/language.inc.php"; if ((getSettingValue("authentification_obli")==0) and (getUserName()=='')) { $type_session = "no_session"; } else { $type_session = "with_session"; } $id_room = isset($_GET["id_room"]) ? $_GET["id_room"] : NULL; if (isset($id_room)) settype($id_room,"integer"); if ((authGetUserLevel(getUserName(),$id_room) < 4) or (!verif_acces_ressource(getUserName(), $id_room))) { $day = date("d"); $month = date("m"); $year = date("Y"); showAccessDenied($day, $month, $year, '',''); exit(); } echo begin_page(getSettingValue("company").get_vocab("deux_points").get_vocab("mrbs")); $res = grr_sql_query("SELECT * FROM ".TABLE_PREFIX."_room WHERE id=$id_room"); if (! $res) fatal_error(0, get_vocab('error_room') . $id_room . get_vocab('not_found')); $row = grr_sql_row_keyed($res, 0); grr_sql_free($res);
// Paramètres langage include "include/language.inc.php"; $id_room = isset($_GET["id_room"]) ? $_GET["id_room"] : NULL; if (isset($id_room)) settype($id_room,"integer"); else $print = "all"; if ((getSettingValue("authentification_obli")==0) and (getUserName()=='')) { $type_session = "no_session"; } else { $type_session = "with_session"; } if(((authGetUserLevel(getUserName(),-1) < 1) and (getSettingValue("authentification_obli")==1)) or (!verif_acces_ressource(getUserName(), $id_room))) { $day = date("d"); $month = date("m"); $year = date("Y"); showAccessDenied($day, $month, $year, '',''); exit(); } echo begin_page(get_vocab("mrbs").get_vocab("deux_points").getSettingValue("company")); $res = grr_sql_query("SELECT * FROM ".TABLE_PREFIX."_room WHERE id=$id_room"); if (! $res) fatal_error(0, get_vocab('error_room') . $id_room . get_vocab('not_found')); $row = grr_sql_row_keyed($res, 0); grr_sql_free($res);
function make_room_list_html($link,$current_area, $current_room, $year, $month, $day) { global $vocab; echo "<b><i><span class=\"bground\">".get_vocab("rooms").get_vocab("deux_points")."</span></i></b><br />"; $sql = "select id, room_name, description from ".TABLE_PREFIX."_room where area_id='".protect_data_sql($current_area)."' order by order_display,room_name"; $res = grr_sql_query($sql); if ($res) for ($i = 0; ($row = grr_sql_row($res, $i)); $i++) { // On affiche uniquement les ressources autorisées if (verif_acces_ressource(getUserName(), $row[0])) { if ($row[0] == $current_room) { echo "<b><span class=\"week\">> ".grr_htmlSpecialChars($row[1])."</span></b><br />\n"; } else { echo "<a href=\"".$link."?year=$year&month=$month&day=$day&&room=$row[0]\">".grr_htmlSpecialChars($row[1]). "</a><br />\n"; } } } }
} else { echo affiche_heure_creneau($t,$resolution)."</td>\n"; $tab[$tab_ligne][] = affiche_heure_creneau($t,$resolution); } echo "</tr>\n"; reset($rooms); $tab_ligne++; } // répétition de la ligne d'en-tête echo "<tr>\n<th> </th>"; for ($i = 0; $i < $nbcol; $i++) { // On affiche pas toutes les ressources if (verif_acces_ressource(getUserName(), $id_room[$i])) { echo "<th"; if ($statut_room[$id_room[$i]] == "0") echo " class='avertissement' "; echo ">" . grr_htmlSpecialChars($room_name[$i])."</th>"; } } echo "<th> </th></tr>\n"; echo "</table>"; show_colour_key($area); } grr_sql_free($res); /* echo "<table border=\"1\">"; foreach ($tab as $cle => $value) { echo "<tr>";