/**
* Controleur page d'index admin
* Permet l'affichage de la page d'administration des droits d'accès.
*/
function admin_index()
{
global $pdo, $tpl;
$sql = $pdo->prepare('SELECT * FROM acces WHERE acl_action != "index" AND acl_action != "admin" ORDER BY acl_action ASC, acl_page ASC');
$sql->execute();
$conf = array();
while ($line = $sql->fetch()) {
if (!isset($conf[$line['acl_action']])) {
$conf[$line['acl_action']] = array();
}
$conf[$line['acl_action']][] = $line;
}
$groups = new Modele('sections');
$groups->find();
while ($groups->next()) {
$tpl->append('grps', $groups->toArray());
}
$aclGrps = new Modele('access_groups');
$aclGrps->find();
$aclGrpsRslt = array();
while ($aclGrps->next()) {
if (!isset($aclGrpsRslt[$aclGrps->raw_ag_access])) {
$aclGrpsRslt[$aclGrps->raw_ag_access] = array();
}
$aclGrpsRslt[$aclGrps->raw_ag_access][] = $aclGrps->raw_ag_group;
}
$tpl->assign('aclGrps', $aclGrpsRslt);
$tpl->assign('acls', $conf);
$tpl->display('admin_index.tpl');
quit();
}
function compta_index()
{
global $tpl;
$mdl = new Modele('user_accounts');
$mdl->find(array('ua_user' => $_SESSION['user']['user_id']));
$accounts = array(array('ua_id' => 0, 'ua_identifier' => 'Chèque', 'ua_type' => 'cheq', 'ua_number' => ''));
while ($mdl->next()) {
$accounts[] = $mdl->toArray();
}
$tpl->assign('accounts', $accounts);
display();
}
/**
* Fichier administration du wifi
*/
function wifi_tokens()
{
global $pdo, $tpl;
$mdl = new Modele('wifi_tokenGroup');
$mdl->find();
while ($mdl->next()) {
$line = $mdl->toArray();
$stmt = $pdo->prepare('SELECT COUNT(*) FROM wifi_tokens WHERE wt_group = ?');
$stmt->bindValue(1, $mdl->wtg_id);
$stmt->execute();
$rst = $stmt->fetch();
$line['sum'] = $rst[0];
$stmt = $pdo->prepare('SELECT COUNT(*) FROM wifi_tokens WHERE wt_group = ? AND wt_assign IS NOT NULL');
$stmt->bindValue(1, $mdl->wtg_id);
$stmt->execute();
$rst = $stmt->fetch();
$line['used'] = $rst[0];
$tpl->append("lines", $line);
}
display();
}
function index_password_change()
{
global $tpl;
if (!isset($_GET['valid']) || $_GET['valid'] != $_SESSION['index_password_code']) {
$tpl->assign('hsuccess', false);
modexec('index');
}
$mdl = new Modele('users');
$mdl->find(array('user_email' => $_SESSION['index_password_email']));
$mdl->next();
if (isset($_POST['pwd1'])) {
$success = $mdl->modFrom(array('user_pass' => $_POST['pwd1']), false);
$tpl->assign('hsuccess', $success);
if ($success) {
unset($_SESSION['index_password_code']);
$_SESSION['user'] = $mdl->toArray();
$_SESSION['user']['role'] = aclFromText($mdl->raw_user_role);
$tpl->assign('_user', $_SESSION['user']);
modexec('index');
}
}
$tpl->assign('user', $mdl);
display();
}
/**
* Détails d'un utilisateur
* Et optionnellement sa vie.
*/
function user_view()
{
global $pdo, $tpl, $srcdir;
$utime = microtime(true);
$sql = $pdo->prepare('SELECT * FROM users LEFT JOIN user_types ON ut_id = user_type WHERE user_id = ?');
$sql->bindValue(1, $_REQUEST['user']);
$sql->execute();
$user = $sql->fetch();
$tpl->assign('user', $user);
$sql = $pdo->prepare('SELECT * FROM user_sections LEFT JOIN sections ON section_id = us_section WHERE us_user = ?');
$sql->bindValue(1, $user['user_id']);
$sql->execute();
$sections = array();
while ($line = $sql->fetch()) {
$sections[] = $line['section_id'];
$tpl->append('sections', $line);
}
//List events
$sql = $pdo->prepare('SELECT * FROM event_staff' . ' LEFT JOIN events ON event_id = est_event' . ' LEFT JOIN sections ON section_id = est_section' . ' WHERE est_user = ?' . ' ORDER BY event_start DESC');
$sql->bindValue(1, $user['user_id']);
$sql->execute();
while ($event = $sql->fetch(PDO::FETCH_ASSOC)) {
$tpl->append('events', $event);
}
$sql = $pdo->prepare('SELECT * FROM sections WHERE section_type = "primary"');
$sql->execute();
while ($line = $sql->fetch()) {
if (!in_array($line['section_id'], $sections)) {
$tpl->append('section_list', $line);
}
}
$mdt = new Modele('user_mandate');
$mdt->find(array('um_user' => $_REQUEST['user']));
while ($mdt->next()) {
$tpl->append('mandates', $mdt->um_mandate);
}
$mdl = new Modele('card');
$mdl->find(array('card_user' => $_REQUEST['user']));
while ($l = $mdl->next()) {
$o = new Modele('card');
$o->fetch($mdl->card_id);
$tpl->append('cards', $o);
}
require_once $srcdir . '/libs/GoogleApi.php';
$api = new GoogleApi();
$mls = $api->findUserGroups($user['user_email']);
$groups = array();
if (isset($mls->groups)) {
$tpl->assign('groups', $mls->groups);
foreach ($mls->groups as $group) {
$groups[] = $group->email;
}
}
$allGroups = $api->getGroupsList();
foreach ($allGroups->groups as $group) {
if (!in_array($group->email, $groups)) {
$tpl->append('otherGroups', $group);
}
}
//Get Bocal data
if ($user['user_login']) {
include_once $srcdir . '/libs/bocal.php';
$bocal = new Bocal();
$bdata = $bocal->getUser($user['user_login']);
$tpl->assign('bocal', $bdata);
if ($bdata !== false) {
include_once $srcdir . '/libs/intra.php';
$intra = new EIntranet();
$tpl->assign('intra', $intra->getUserInfos($user['user_login']));
}
}
//Get activities
$sql = $pdo->prepare('SELECT * FROM marks ' . 'LEFT JOIN participations ON part_id = mark_participation ' . 'LEFT JOIN sections ON part_section = section_id ' . 'LEFT JOIN events ON part_event = event_id ' . 'WHERE mark_user = ? ' . 'ORDER BY part_attribution_date DESC');
$sql->bindValue(1, $user['user_id']);
$sql->execute();
while ($line = $sql->fetch()) {
$tpl->append('activities', $line);
}
//Compta
$mdl = new Modele('user_accounts');
$mdl->find(array('ua_user' => $user['user_id']));
$accounts = array(array('ua_id' => 0, 'ua_identifier' => 'Chèque', 'ua_type' => 'cheq', 'ua_number' => ''));
while ($mdl->next()) {
$accounts[] = $mdl->toArray();
}
$tpl->assign('accounts', $accounts);
//Fin compta
$tpl->assign('time', microtime(true) - $utime);
$tpl->display('user_details.tpl');
quit();
}
function ml_autoUpdate()
{
global $tpl;
$section = new Modele('sections');
$section->find('section_ml != ""');
$api = new GoogleApi();
$toAdd = array();
$toDelete = array();
$sections = array();
while ($section->next()) {
$toAdd[$section->getKey()] = array();
$toDelete[$section->getKey()] = array();
$sections[$section->getKey()] = $section->toArray();
$Lmembers = new Modele('user_sections');
$Lmembers->find(array('us_section' => $section->getKey(), 'us_type' => 'manager'));
while ($Lmembers->next()) {
$toAdd[$section->getKey()][] = strtolower($Lmembers->us_user->user_email);
}
$reelMembers = $api->getGroupMembers($section->section_ml);
foreach ($reelMembers->members as $member) {
$key = array_keys($toAdd[$section->getKey()], strtolower($member->email));
if (strpos($member->email, 'save_') !== 0) {
//Skip sauvegarde
if ($member->type == "GROUP") {
continue;
} elseif (count($key) == 0) {
$toDelete[$section->getKey()][] = strtolower($member->email);
} else {
unset($toAdd[$section->getKey()][$key[0]]);
}
}
}
}
$tpl->assign('sections', $sections);
$tpl->assign('toDelete', $toDelete);
$tpl->assign('toAdd', $toAdd);
display();
}
function ftp_add()
{
global $tpl, $pdo;
$grp = new Modele('sections');
$grp->find();
while ($grp->next()) {
if (hasAcl(ACL_ADMINISTRATOR) || isset($_SESSION['user']['sections'][$grp->section_id]) && $_SESSION['user']['sections'][$grp->section_id]['us_type'] == 'manager') {
$tpl->append('groups', $grp->toArray());
}
}
if (isset($_POST['user'])) {
$sqlUsr = $pdo->prepare('SELECT * FROM users WHERE user_name LIKE ?');
$sqlUsr->bindValue(1, $_POST['member']);
$sqlUsr->execute();
if ($sqlUsr->rowCount() == 0) {
$tpl->assign('error', 'Utilisateur INTRA introuveable.');
display();
} elseif (!hasAcl(ACL_ADMINISTRATOR) && (!isset($_SESSION['user']['sections'][$_POST['section']]) || $_SESSION['user']['sections'][$_POST['section']]['us_type'] != 'manager')) {
$tpl->assign('error', 'Groupe introuveable.');
display();
} elseif (strlen($_POST['pass']) < 8) {
$tpl->assign('error', 'Le mot de passe doit faire au moins 8 caractères.');
display();
} else {
$add = new Modele('ftp_users');
$user = $sqlUsr->fetch();
$tpl->assign('hsuccess', $add->addFrom(array('fu_user' => 'toy_' . $_POST['user'], 'fu_pass' => $_POST['pass'], 'fu_section' => $_POST['section'], 'fu_member' => $user['user_id'], 'fu_path' => '/home/ftp/toyunda/timeurs/')));
$usr = escapeshellarg($_POST['user']);
$pwd = escapeshellarg($_POST['pass']);
_ftp_exec("sudo /opt/scripts/adduser.sh {$usr} {$pwd}");
display();
}
}
display();
}
/**
* Détails d'un événement
* Cette page permet de voir les informations détaillés d'une section. Nous pouvons aussi utiliser cette page pour ajouter ou retirer la participation d'une section à un événement.
*/
function event_view()
{
global $tpl, $pdo;
$sql = $pdo->prepare('SELECT * FROM events LEFT JOIN users ON event_owner = user_id LEFT JOIN sections ON section_id = event_section WHERE event_id = ?');
$sql->bindValue(1, $_GET['event']);
$sql->execute();
$event = $sql->fetch();
if (!$event) {
modexec('syscore', 'notfound');
}
$sql = $pdo->prepare('SELECT * FROM event_sections LEFT JOIN sections ON es_section = section_id WHERE es_event = ?');
$sql->bindValue(1, $event['event_id']);
$sql->execute();
$es = array();
while ($line = $sql->fetch()) {
$es[$line['section_id']] = $line;
$es[$line['section_id']]['cdat'] = false;
$es[$line['section_id']]['staffs'] = new Modele('event_staff');
$es[$line['section_id']]['staffs']->find(array('est_event' => $event['event_id'], 'est_section' => $line['section_id']));
}
$mdl = new Modele('event_staff');
$mdl->find(array('est_event' => $event['event_id'], 'est_user' => $_SESSION['user']['user_id']));
while ($mdl->next()) {
if (isset($es[$mdl->raw_est_section])) {
$es[$mdl->raw_est_section]['cdat'] = $mdl->toArray();
} else {
// Réparation de table a la volé
$mdl->delete();
}
}
$tpl->assign('es', $es);
$sql = $pdo->prepare('SELECT * FROM sections');
$sql->execute();
while ($line = $sql->fetch()) {
if (!in_array($line['section_id'], array_keys($es))) {
$tpl->append('sections', $line);
}
}
$tpl->assign('event', $event);
$tpl->display('event_view.tpl');
quit();
}
