source: trunk/admin/modules/Elezioni/ele_candidato.php@ 282

Last change on this file since 282 was 258, checked in by roby, 6 years ago
File size: 17.3 KB
RevLine 
[2]1<?php
2/************************************************************************/
3/* Eleonline - Raccolta e diffusione dei dati elettorali */
4/* by Roberto Gigli & Luciano Apolito */
5/* http://www.eleonline.it */
6/* info@eleonline.it luciano@aniene.net rgigli@libero.it */
7/************************************************************************/
8/* Modulo Candidati */
9/* Amministrazione */
10/************************************************************************/
11
12if (!defined('ADMIN_FILE')) {
13 die ("You can't access this file directly...");
14}
[257]15global $dbi;
[2]16$aid=$_SESSION['aid'];
17$prefix=$_SESSION['prefix'];
18$currentlang=$_SESSION['lang'];
19$id_comune=$_SESSION['id_comune'];
20$param=strtolower($_SERVER['REQUEST_METHOD']) == 'get' ? $_GET : $_POST;
21$id_cons_gen=$param['id_cons_gen'];
22$perms=ChiSei($id_cons_gen);
23if ($perms<32 or !$id_cons_gen) die("$id_cons_gen -Non hai i permessi per inserire dati, o non hai scelto la consultazione!");
[257]24$sql = "SELECT t1.tipo_cons,t2.id_cons FROM ".$prefix."_ele_consultazione as t1, ".$prefix."_ele_cons_comune as t2 where t1.id_cons_gen=t2.id_cons_gen and t2.id_cons_gen='$id_cons_gen' and t2.id_comune='$id_comune' ";
25$sth = $dbi->prepare("$sql");
26$sth->execute();
27
28list($tipo_cons,$id_cons) = $sth->fetch(PDO::FETCH_NUM);
29$sql = "SELECT genere FROM ".$prefix."_ele_tipo where tipo_cons='$tipo_cons' ";
30$sth = $dbi->prepare("$sql");
31$sth->execute();
32list($genere) = $sth->fetch(PDO::FETCH_NUM);
[2]33include("modules/Elezioni/funzionidata.php");
34include("modules/Elezioni/ele.php");
35
36if (isset($param['do'])) get_magic_quotes_gpc() ? $do=$param['do']:$do=addslashes($param['do']); else $do='';
37if (isset($param['min'])) $min=intval($param['min']); else $min=0;
38if (isset($param['ok'])) get_magic_quotes_gpc() ? $ok=$param['ok']:$ok=addslashes($param['ok']); else $ok='';
39if (isset($param['id_lista'])) $id_lista=intval($param['id_lista']); else $id_lista='';
40if (isset($param['id_sez'])) $id_sez=intval($param['id_sez']); else $id_sez='';
41if (isset($param['id_circ'])) {$id_circ=intval($param['id_circ']); $_SESSION['id_circ']=$id_circ;} else
42 if (isset($_SESSION['id_circ'])) $id_circ=intval($_SESSION['id_circ']); else $id_circ='';
43if (isset($param['id_gruppo'])) $id_gruppo=intval($param['id_gruppo']); else $id_gruppo='';
44if (isset($param['id_cand'])) $id_cand=intval($param['id_cand']); else $id_cand='';
45if (isset($param['id_cand2'])) $id_cand2=intval($param['id_cand2']); else $id_cand2='';
46if (isset($param['num_lista'])) $num_lista=intval($param['num_lista']); else $num_lista='';
47if (isset($param['cognome'])) get_magic_quotes_gpc() ? $cognome=$param['cognome']:$cognome=addslashes($param['cognome']); else $cognome='';
48if (isset($param['simbolo'])) get_magic_quotes_gpc() ? $simbolo=$param['simbolo']:$simbolo=addslashes($param['simbolo']); else $simbolo='';
49if (isset($param['nome'])) get_magic_quotes_gpc() ? $nome=$param['nome']:$nome=addslashes($param['nome']); else $nome='';
50if (isset($param['note'])) get_magic_quotes_gpc() ? $note=$param['note']:$note=addslashes($param['note']); else $note='';
51if (isset($param['num_cand'])) $num_cand=intval($param['num_cand']); else $num_cand=0;
52
53// Offset - visualizza il numero di elementi per pagina
54$offset=20;
55
[97]56
[2]57/******************************************************/
58/*Funzione di visualizzazione globale */
59/*****************************************************/
60
61
62function all() {
[258]63 global $do, $param, $bgcolor1, $bgcolor2, $prefix, $dbi, $offset, $min, $tipo_cons, $id_cons,$tipo_cons,$id_lista,$genere,$id_cons_gen,$id_comune,$id_cand,$id_circ,$id_gruppo;
[97]64#patch per bloccare il submit se non e' stata scelta la lista. Proposta da margottid
65echo "<script language=\"Javascript\">\n
66<!--\n
67 function presenza_lista() {\n
68 if (!document.candidato2.id_lista.value) {\n
69 alert('"._SCELTA_LISTA."');\n
70 document.candidato2.id_lista.focus();\n
71 return false;\n
72 }else if(!document.candidato2.cognome.value) {\n
73 alert('"._SCELTA_COGNO."');\n
74 document.candidato2.cognome.focus();\n
75 return false;\n
76
77 }\n
78 return true;\n
79}\n
80//-->\n
81</script>\n";
[2]82 $circo='';$circo2='';
83 $currentlang=$_SESSION['lang'];
[257]84 $sql = "SELECT circo FROM ".$prefix."_ele_tipo where tipo_cons='$tipo_cons' and lingua='$currentlang'";
85 $sth = $dbi->prepare("$sql");
86 $sth->execute();
87 list($cons_circ)= $sth->fetch(PDO::FETCH_NUM);
[2]88 if($cons_circ) //elezioni circoscrizionali
89 {
90 echo "<form name=\"circo\" action=\"admin.php\" method=\"post\">";
91 echo "<br><br><table border=\"1\" width=\"50%\" ><tr bgcolor=\"$bgcolor1\"><td>"._SCEGLI_CIRCO.": </td>";
92 echo "<input type=\"hidden\" name=\"pag\" value=\"admin.php?op=candidato&amp;id_cons_gen=$id_cons_gen&amp;id_circ=\">";
93 echo "<td><select name=\"id_circ\" onChange=\"top.location.href=this.form.pag.value+this.form.id_circ.options[this.form.id_circ.selectedIndex].value;return false\">";
94 echo "<option value=\"\">";
[257]95 $sql = "SELECT * FROM ".$prefix."_ele_circoscrizione where id_cons='$id_cons'";
96 $sth = $dbi->prepare("$sql");
97 $sth->execute();
98 while($arr=$sth->fetch(PDO::FETCH_BOTH)){
[2]99 if (!$id_circ) $id_circ=$arr['id_circ'];
100 $sel= ($arr['id_circ'] == $id_circ) ? "selected":"";
101 echo "<option value=\"".$arr['id_circ']."\" $sel>".$arr['descrizione'];
102 }
103 echo "</select></td></tr></table></form>";
104 $circo="and id_circ='$id_circ'";
105 $circo2="and t2.id_circ='$id_circ'";
106 }
107 if($id_cand)
108 {
[257]109 $sql = "SELECT * FROM ".$prefix."_ele_candidati where id_cand='$id_cand'";
110 $sth = $dbi->prepare("$sql");
111 $sth->execute();
112 $pro= $sth->fetch(PDO::FETCH_BOTH);
[2]113 }else{
114 $pro['cognome']='';$pro['num_cand']='';$pro['nome']='';
115 }
116 if (!isset($id_lista)) {
[257]117 $sql="SELECT id_lista from ".$prefix."_ele_lista where id_cons=$id_cons $circo and num_lista=1";
118 $sth = $dbi->prepare("$sql");
119 $sth->execute();
120 list($id_lista)=$sth->fetch(PDO::FETCH_NUM);
[2]121 }
122 $cond=($id_lista>0) ? "and t1.id_lista=".$id_lista :'';
123 echo "<center><font class=\"title\"><br><b>"._CANDIDATO."</b></font><br><br><table border=\"0\" width=\"100%\"><tr>"
124 ."<td bgcolor=\"$bgcolor1\" align=\"center\"><b>"._NUM."</b></td>"
125 ."<td bgcolor=\"$bgcolor1\" align=\"center\"><b>"._COGNOME."</b></td>"
126 ."<td bgcolor=\"$bgcolor1\" align=\"center\"><b>"._NOME."</b></td>";
127 echo "<td bgcolor=\"$bgcolor1\" align=\"center\"><b>"._LISTA."</b></td>";
128
129 if ($genere==3 or $genere==5) {
130 $query= "SELECT
131 t1.id_cand,t1.id_lista,t1.num_cand,t1.cognome,t1.nome, t1.simbolo,
132 t2.simbolo as sim_lista,t2.descrizione, t3.simbolo as sim_gruppo, t3.descrizione
133 FROM ".$prefix."_ele_candidati as t1,
134 ".$prefix."_ele_lista as t2,
135 ".$prefix."_ele_gruppo as t3
136 WHERE t1.id_lista=t2.id_lista
137 and t2.id_gruppo=t3.id_gruppo
138 and t1.id_cons=t2.id_cons
139 and t1.id_cons=$id_cons $circo2
140 $cond
141 order by t2.num_lista, t1.num_cand
142 limit $min,$offset";
143 } else {
144 $query= "SELECT
145 t1.id_cand,t1.id_lista,t1.num_cand,t1.cognome,t1.nome, t1.simbolo,
146 t2.simbolo as sim_lista,t2.descrizione, '', ''
147 FROM ".$prefix."_ele_candidati as t1,
148 ".$prefix."_ele_lista as t2
149 WHERE t1.id_cons=$id_cons
150 and t1.id_cons=t2.id_cons
151 and t1.id_lista=t2.id_lista $circo2
152 $cond
153 order by t2.num_lista,t1.num_cand
154 limit $min,$offset";
155 }
156 echo "<td bgcolor=\"$bgcolor1\" align=\"center\"><b>"._FUNZIONI."</b></td></tr>";
[257]157 $result = $dbi->prepare("$query");
158 $result->execute();
[2]159 if($cons_circ)
[257]160 $sql = "SELECT count(0) FROM ".$prefix."_ele_candidati as t1,".$prefix."_ele_lista as t2 where t1.id_cons='$id_cons' and t1.id_cons=t2.id_cons and t2.id_circ=$id_circ and t1.id_lista=t2.id_lista $cond ";
[2]161 else
[257]162 $sql = "SELECT count(0) FROM ".$prefix."_ele_candidati as t1 where t1.id_cons='$id_cons' $cond ";
163 $sth = $dbi->prepare("$sql");
164 $sth->execute();
[258]165 list($max) = $sth->fetch(PDO::FETCH_NUM);
[2]166 if($id_lista){
167 $numero=$max+1;} else $numero='';
168 //-----------------------lo stemma e la circoscrizione devono essere associati alla lista -
[97]169 echo "<form name=\"candidato2\" action=\"admin.php\" onSubmit=\"return presenza_lista();\">"
[2]170 ."<input type=\"hidden\" name=\"op\" value=\"candidato\">";
171 if ($pro['cognome']) {
172 echo "<input type=\"hidden\" name=\"do\" value=\"update\">";
173 echo "<tr><td><input type=\"text\" name=\"num_cand\" value=\"".$pro['num_cand']."\" size=\"5\"></td>";
174 }else{
175 echo "<input type=\"hidden\" name=\"do\" value=\"add\">";
176 echo "<tr><td><input type=\"text\" name=\"num_cand\" value=\"$numero\" size=\"5\"></td>";
177 }
178 echo "<td><input type=\"text\" name=\"cognome\" maxlength=\"50\" value=\"".$pro['cognome']."\"></td>";
179 echo "<td><input type=\"text\" name=\"nome\" maxlength=\"50\" value=\"".$pro['nome']."\"></td>";
180 //."<td><input type=\"text\" name=\"foto\" maxlength=\"20\"></td>";
181 echo "<input type=\"hidden\" name=\"pag\" value=\"admin.php?op=candidato&amp;id_cons=$id_cons&amp;id_cons_gen=$id_cons_gen&amp;id_comune=$id_comune&amp;id_circ=$id_circ&amp;id_lista=\">";
182 echo "<td width=\"10%\"><select width=\"10\" name=\"id_lista\" onChange=\"aggiorna()\">";
[257]183 $sql= "SELECT id_lista,num_lista,descrizione FROM ".$prefix."_ele_lista where id_cons='$id_cons' $circo order by num_lista";
184 $lis = $dbi->prepare("$sql");
185 $lis->execute();
[2]186 echo "<option value=\"\">";
[257]187
188 while(list($id,$numlist,$descr) = $lis->fetch(PDO::FETCH_NUM)) {
[2]189 if (!isset($id_lista)){$id_lista=$id;}
190 $sel= ($id == $id_lista) ? "selected":"";
[37]191 echo "<option width=\"10\" value=\"$id\" $sel>".$numlist.") ".$descr;
192# echo "<option width=\"10\" value=\"$id\" $sel>".$numlist.") ".substr($descr,0,25);
[2]193 }
194 echo "</select></td>";
195 echo "<input type=\"hidden\" name=\"id_cons_gen\" value=\"$id_cons_gen\">";
196 echo "<input type=\"hidden\" name=\"id_circ\" value=\"$id_circ\">";
197 echo "<input type=\"hidden\" name=\"min\" value=\"$min\">";
198 if ($pro['cognome']) {
199 echo "<td align=\"center\"><input type=\"submit\" name=\"update\" value=\""._MODIFY."\"></td>";
200 echo "<input type=\"hidden\" name=\"id_cand\" value=\"".$pro['id_cand']."\">";
201 }else{
202 echo "<td align=\"center\"><input type=\"submit\" name=\"add\" value=\""._ADD."\"></td>";
203 echo "<input type=\"hidden\" name=\"id_cand\" value=\"$id_cand\">";
204 }
205 echo "</form>";
206 echo "<SCRIPT type=\"text/javascript\">\n\n<!--\n"
207 ."document.candidato2.cognome.focus()\n"
208 ."//-->\n";
209 echo "function vai_a() {\n";
210 echo "window.document.location.href=document.candidato2.pag.value+document.candidato2.id_lista.value\n";
211 echo "}\n";
212 echo "function aggiorna(id_ele) {\n";
213 echo "if (document.candidato2.cognome.value==\"\") {vai_a()}\n";
214 echo "}\n";
215 echo "</script>\n";
216 if ($result)
217 while(list($id_cand,$id_lista2,$num_cand,$cognome, $nome,$simbolo,$simb_lista,
[257]218 $descr_lista,$simb_gruppo,$descr_gruppo) = $result->fetch(PDO::FETCH_NUM)) {
[2]219 $bgcolor1=($bgcolor1==$_SESSION['bgcolor1'])?$_SESSION['bgcolor2']:$_SESSION['bgcolor1'];
220 echo "<tr bgcolor=\"$bgcolor1\"><td align=\"center\"><b>$num_cand</b>"
221 ."</td><td align=\"left\"><b>$cognome</b>"
222 ."</td><td align=\"left\"><b>$nome</b>";
223 echo "</td><td align=\"center\"><b>$descr_lista </b>";
224 echo "</td><td align=\"center\" nowrap>[<a
225 href=\"admin.php?op=candidato&amp;do=modify&amp;id_cand=$id_cand&amp;id_circ=$id_circ&amp;id_lista=$id_lista2&amp;id_gruppo=$id_gruppo&amp;id_cons_gen=$id_cons_gen&amp;min=$min\"><img src=\"modules/Elezioni/images/edit.gif\"
226 border=\"0\" align=\"center\"> "._EDIT."</a>]";
227 echo "[<a href=\"admin.php?op=candidato&amp;do=delete&amp;id_cand=$id_cand&amp;id_circ=$id_circ&amp;id_lista=$id_lista2&amp;id_gruppo=$id_gruppo&amp;cognome=$cognome&amp;nome=$nome&amp;id_cons_gen=$id_cons_gen&amp;min=$min\">"._DELETE." <img src=\"modules/Elezioni/images/delete.gif\"
228 border=\"0\" align=\"center\"></a>]";
229 echo "</td></tr>";
230 }
231 echo "</table></center>";
232
233 #'Pagina precedente' e 'Pagina Successiva'
234 echo"<table align=\"center\" width=\"100%\" ><tr>";
235 $prev=$min-$offset;
236 if ($prev>=0) {
237 echo "<td colspan=\"5\" align=\"center\" bgcolor=\"$bgcolor1\"><a href=\"admin.php?op=candidato&amp;id_cand=$id_cand&amp;id_gruppo=$id_gruppo&amp;id_cons=$id_cons&amp;id_circ=$id_circ&amp;id_lista=$id_lista&amp;min=$prev&amp;id_cons_gen=$id_cons_gen&amp;id_comune=$id_comune\">";
238 echo "<b>$offset "._PREV_MATCH."</b></a></td>";
239 }
240
241 $next=$min+$offset;
242 if ($next>=($offset-1)) {
243 if($next>=$max) $next = $max;
244 else {
245
246 echo "<td colspan=\"5\" align=\"center\" bgcolor=\"$bgcolor1\"><a href=\"admin.php?op=candidato&amp;id_cand=$id_cand&amp;id_gruppo=$id_gruppo&amp;id_cons=$id_cons&amp;id_lista=$id_lista&amp;min=$next&amp;id_cons_gen=$id_cons_gen&amp;id_comune=$id_comune\">";
247 echo "<b>$offset "._NEXT_MATCH."</b></a></td>";
248 }
249 }
250 echo "</tr></table><br>";
251
252}
253
254////////////////////////////////////////////////////////
255// Aggiunge candidato
256////////////////////////////////////////////////////////
257
258
259function candidato($ok, $do,$id_cand, $id_lista,$id_circ, $id_gruppo,$cognome, $nome, $note, $simbolo,$id_cand2,$num_cand) {
260 global $param, $bgcolor1, $bgcolor2, $prefix, $dbi, $descr_cons, $id_cons,$simbolo2,$min,$id_cons_gen,$id_comune,$id_sez;
261$aid=$_SESSION['aid'];
262$perms=ChiSei($id_cons_gen);
263if ($perms >16) {
264 if($id_cand) {
[257]265 $sql = "SELECT * FROM ".$prefix."_ele_candidati where id_cand='$id_cand'";
[2]266 }else{
[257]267 $sql="SELECT * FROM ".$prefix."_ele_candidati where id_lista='$id_lista'
268 and id_cons='$id_cons' and cognome='$cognome' and nome='$nome'";
[2]269 }
[257]270 $sthcan = $dbi->prepare("$sql");
271 $sthcan->execute();
272
[2]273 $username=$aid;
274 $data=date("Y/m/d");
275 $tempo=date("H:i:s");
276
277 if ($do == "delete") {
278 if ($ok !="1") {
279 ele();
280 echo "<center><br><br>"._DOMCANCELLA." "._CANDIDATO." $cognome $nome ?<br>";
[87]281 echo "[ <a href=\"admin.php?op=candidato&amp;id_cons_gen=$id_cons_gen\">"._NO."</a> ] - [<a href=\"admin.php?op=candidato&amp;do=delete&amp;id_cand=$id_cand&amp;id_gruppo=$id_gruppo&amp;id_cons=$id_cons&amp;id_circ=$id_circ&amp;ok=1&amp;id_cons_gen=$id_cons_gen&amp;id_lista=$id_lista&amp;id_comune=$id_comune&amp;min=$min\">"._YES."</a> ]";
[2]282 }else{
[257]283 $pro= $sthcan->fetch(PDO::FETCH_BOTH);
284 $sql="delete from ".$prefix."_ele_candidati where id_cand='$id_cand'";
285 $sth = $dbi->prepare("$sql");
286 $sth->execute();
287 $result=$sth->rowCount();
288 $sql="insert into ".$prefix."_ele_log values ('$id_cons','$id_sez','$username','$data','$tempo','DELETE:id_lista:$pro[id_lista],cognome:$pro[cognome],nome:$pro[nome]','','".$prefix."_ele_candidati')";
289 $sth = $dbi->prepare("$sql");
290 $sth->execute();
[87]291 Header("Location: admin.php?op=candidato&id_cons=$id_cons&id_cons_gen=$id_cons_gen&id_comune=$id_comune&id_circ=$id_circ&id_lista=$id_lista&min=$min");
[2]292 }
293 }elseif ($do == "add") {
294 if ($cognome) {
295 // dati gruppo
296 if (!$num_cand){
[257]297 $sql="select max(num_cand) from ".$prefix."_ele_candidati where id_lista='$id_lista'";
298 $result = $dbi->prepare("$sql");
299 $result->execute();
300 if ($result->rowCount()) list($num_cand)=$result->fetch(PDO::FETCH_NUM);
[2]301 else $num_cand=0;
302 $num_cand++;
303 }
[257]304 $sql="select id_gruppo from ".$prefix."_ele_lista where id_lista='$id_lista'";
305 $sth = $dbi->prepare("$sql");
306 $sth->execute();
307 list($id_gruppo)=$sth->fetch(PDO::FETCH_NUM);
308 $sql="insert into ".$prefix."_ele_candidati(id_cons,id_lista,cognome,nome,note,simbolo,num_cand) values ('$id_cons','$id_lista','$cognome','$nome','$note','$simbolo','$num_cand')";
309 $sth = $dbi->prepare("$sql");
310 $sth->execute();
311 $result=$sth->rowCount();
312 $sql="insert into ".$prefix."_ele_log values ('$id_cons','$id_sez','$username','$data','$tempo','','ADD:id_lista:$id_lista,cognome:$cognome,nome:$nome','".$prefix."_ele_candidati')";
313 $sth = $dbi->prepare("$sql");
314 $sth->execute();
[258]315 Header("Location: admin.php?op=candidato&id_cons=$id_cons&id_lista=$id_lista&id_cons_gen=$id_cons_gen&id_comune=$id_comune&id_circ=$id_circ&min=$min");
[2]316 } else {
317 ele();
318 OpenTable();
319 echo "<center>"._GESTIONE." "._CANDIDATO." ";
[87]320 echo "<br><br><a href=\"admin.php?op=candidato&amp;id_cons=$id_cons&amp;id_lista=$id_lista&amp;id_cons_gen=$id_cons_gen&amp;id_comune=$id_comune&amp;id_circ=$id_circ&amp;min=$min\">"._IMM." "._CANDIDATO."</a></center>";
[2]321 CloseTable();exit;
322 }
323 }elseif ($do == "update") {
[257]324 $pro= $sthcan->fetch(PDO::FETCH_BOTH);
[2]325
[257]326 $sql="select id_gruppo from ".$prefix."_ele_lista where id_lista='$id_lista'";
327 $sth = $dbi->prepare("$sql");
328 $sth->execute();
329 list($id_gruppo)=$sth->fetch(PDO::FETCH_NUM);
[2]330 $cond='';
331 if (isset($note)) {$cond=", note='$note'";}
332 if (isset($simbolo)) {$cond.=", simbolo='$simbolo'";}
[257]333 $sql="update ".$prefix."_ele_candidati set id_lista='$id_lista', cognome='$cognome', nome='$nome', num_cand='$num_cand' $cond where id_cand='$id_cand' ";
334 $sth = $dbi->prepare("$sql");
335 $sth->execute();
336 $result=$sth->rowCount();
337 $sql="insert into ".$prefix."_ele_log values ('$id_cons','$id_sez','$username','$data','$tempo','UPDATE:id_lista:$pro[id_lista],cognome:$pro[cognome],nome:$pro[nome],num_cand:$pro[num_cand]','id_lista:$id_lista,cognome:$cognome,nome:$nome,num_cand:$num_cand','".$prefix."_ele_candidati')";
338 $sth = $dbi->prepare("$sql");
339 $sth->execute();
[258]340 Header("Location: admin.php?op=candidato&id_cons=$id_cons&id_lista=$id_lista&id_cons_gen=$id_cons_gen&id_comune=$id_comune&id_circ=$id_circ&min=$min");
[2]341 }
342
343}
344}
345
346
[258]347if ($do and $do!='modify'){
[2]348 candidato($ok, $do,$id_cand, $id_lista,$id_circ, $id_gruppo,$cognome, $nome, $note, $simbolo,$id_cand2,$num_cand);
[257]349 } else { ele(); }
[258]350
[2]351all();
352echo"</td></tr></table>";
353include("footer.php");
354
355?>
Note: See TracBrowser for help on using the repository browser.