prepare("$sql"); $res->execute(); list($tipo_cons,$id_cons) = $res->fetch(PDO::FETCH_NUM); if (isset($_GET['aid2'])) $aid2=addslashes($param['aid2']); else {if ($perms==256) $aid2='admin'; else $aid2='';} if (isset($_GET['id_sede'])) $id_sede=intval($_GET['id_sede']); else $id_sede=''; if (isset($_GET['do'])) $do=addslashes($param['do']); else $do=''; if (isset($_GET['name'])) $name=addslashes($param['name']); else $name=''; if (isset($_GET['email'])) $email=addslashes($param['email']); else $email=''; if (isset($_GET['passwd'])) $passwd=addslashes($param['passwd']); else $passwd=''; if (isset($_GET['passwd2'])) $passwd2=addslashes($param['passwd2']); else $passwd2=''; if (isset($_GET['stato']) && $aid2!='admin') $stato=intval($param['stato']); else $stato=0; include("modules/Elezioni/funzionidata.php"); include("modules/Elezioni/ele.php"); /******************************************************/ /*Funzione di visualizzazione globale */ /*****************************************************/ //crea la pagina delle affluenze function all() { global $aid, $offset, $prefix, $dbi,$id_cons,$aid2,$id_sede,$id_cons_gen,$mex,$perms; //echo $perms;die(); $bgcolor1=$_SESSION['bgcolor1']; $id_comune=$_SESSION['id_comune']; $user=$aid; $sql="select descrizione from ".$prefix."_ele_comuni where id_comune=$id_comune"; $rescom = $dbi->prepare("$sql"); $rescom->execute(); list($descr_com) = $rescom->fetch(PDO::FETCH_NUM); $sql="SELECT aid,name,email,adminop FROM ".$prefix."_authors where aid='$aid2' and id_comune='$id_comune'"; $resmod = $dbi->prepare("$sql"); $resmod->execute(); list ($aid2,$name,$email,$attivo) = $resmod->fetch(PDO::FETCH_NUM); if (isset($_GET['mex'])){ echo "

"; echo $_GET['mex']; echo "

"; } # OpenTable(); echo ""; $esiste=0; echo "

"; echo " "; echo ""; echo ""; $sql="select aid from ".$prefix."_authors where id_comune='$id_comune' order by aid"; $resins = $dbi->prepare("$sql"); $resins->execute(); echo ""; echo ""; echo " "._UTENTE." "; echo ""; echo "Nuovo Utente"; while(list($utente)=$resins->fetch(PDO::FETCH_NUM)){ $sel= ($utente == $aid2) ? "selected":""; echo "$utente"; if($utente=="admin") $esiste=1; } echo " "; # $sql="SELECT * FROM ".$prefix."_authors where id_cons='$id_cons' and id_comune='$id_comune'"; # $resmod = $dbi->prepare("$sql"); # $resmod->execute(); echo " "; echo ""; if ($perms==256) echo ""; echo ""; echo ""; echo ""; echo ""; echo "" .""; echo ""; echo ""; echo ""; }else echo ""; echo ""; echo ""; echo ""; echo ""; if($attivo==0) {$sel2="selected"; $sel3='';} else {$sel2=''; $sel3="selected";} echo ""; if ($aid2) { echo ""; }else{ echo ""; } echo " "._NOTAOP." $descr_com "._UTENTE." "._PASSWORD." "._RIPETI." "._NOME." "._EMAIL." "._STATO." "._FUNZIONI." "; echo "" .""; if ($perms==256 and $aid2==''){ if($esiste) $supadm=''; else $supadm='admin'; echo " AttivoDisattivoElimina"; echo ""; echo " "; echo " "; echo " "; CloseTable(); } function operatori($do,$aid2,$name,$email,$passwd,$passwd2,$id_comune,$stato) { global $aid, $prefix, $dbi, $id_cons,$id_cons_gen,$currentlang; $perms=ChiSei($id_cons_gen); if($passwd!=$passwd2) { $mex="- Le password non coincidono! - "; header("location:admin.php?op=operatori&id_cons_gen=$id_cons_gen&aid2=$aid2&name=$name&email=$email&mex=$mex&stato=$stato"); } if ($perms!=256) $id_comune=$_SESSION['id_comune']; if ($perms>32 and $aid2) { if ($do == "add") { $sql="select * from ".$prefix."_authors where aid='$aid2' and id_comune=$id_comune"; $res = $dbi->prepare("$sql"); $res->execute(); $max=$res->rowCount(); if ($max==0){ if ($aid2=='admin') $super='0,1,0,'; else $super = '0,0,0,'; $sql="insert into ".$prefix."_authors (aid,name,id_comune,email,pwd,counter,adminop,admincomune,adminsuper,admlanguage) values ('$aid2','$name','$id_comune' , '$email','".md5($passwd)."','0',$super'$currentlang')"; $res = $dbi->prepare("$sql"); $res->execute(); if ($perms==256 and $aid2=='admin'){ $sql="insert into ".$prefix."_ele_operatori (id_cons,id_sede,id_comune,permessi,aid) values ('0','0','$id_comune','64','$aid2')"; $res = $dbi->prepare("$sql"); $res->execute(); } Header("Location: admin.php?op=operatori&id_cons_gen=$id_cons_gen&aid2=$aid2"); }else{ $mex=''; if($max>0) $mex.=" - Utente $aid2 presente in archivio! - "; } } elseif ($do == "update") { if($passwd!='') $mexpwd="pwd='".md5($passwd)."',"; else $mexpwd=''; if($stato==2){ $sql="delete from ".$prefix."_authors where aid='$aid2' and id_comune=$id_comune"; $res = $dbi->prepare("$sql"); $res->execute(); }else{ $sql="update ".$prefix."_authors set name='$name', $mexpwd email='$email', adminop='$stato' where id_comune='$id_comune' and aid='$aid2' "; $res = $dbi->prepare("$sql"); $res->execute(); } $result=$res->rowCount(); if($stato!=0){ $sql="delete from ".$prefix."_ele_operatori where id_comune='$id_comune' and aid='$aid2' "; $res = $dbi->prepare("$sql"); $res->execute(); } if (!$result) return; if ($aid2==$aid) $_SESSION['pwd']=md5($passwd); Header("Location: admin.php?op=operatori&id_cons_gen=$id_cons_gen"); } } } //**************************** // switch //**************************** if ($do) operatori($do,$aid2,$name,$email,$passwd,$passwd2,$id_comune,$stato); ele(); all(); echo"

"; include("footer.php"); ?>