source: trunk/admin/modules/Elezioni/ele_candidato.php@ 404

Last change on this file since 404 was 360, checked in by roby, 3 years ago

ATTENZIONE: con questa rev viene cambiato il charset che da ora viene impostato su utf8. Fate tutte le vostre verifiche prima di installarla.
Seconda fase di rivisitazione e completamento delle funzioni necessarie per l'accesso al servizio tramite cellulare.
Effettuate alcune sistemazioni per gli avvisi di incongruenza.

File size: 17.3 KB
RevLine 
[2]1<?php
2/************************************************************************/
3/* Eleonline - Raccolta e diffusione dei dati elettorali */
4/* by Roberto Gigli & Luciano Apolito */
5/* http://www.eleonline.it */
6/* info@eleonline.it luciano@aniene.net rgigli@libero.it */
7/************************************************************************/
8/* Modulo Candidati */
9/* Amministrazione */
10/************************************************************************/
11
12if (!defined('ADMIN_FILE')) {
13 die ("You can't access this file directly...");
14}
[257]15global $dbi;
[2]16$aid=$_SESSION['aid'];
17$prefix=$_SESSION['prefix'];
18$currentlang=$_SESSION['lang'];
19$id_comune=$_SESSION['id_comune'];
20$param=strtolower($_SERVER['REQUEST_METHOD']) == 'get' ? $_GET : $_POST;
21$id_cons_gen=$param['id_cons_gen'];
22$perms=ChiSei($id_cons_gen);
23if ($perms<32 or !$id_cons_gen) die("$id_cons_gen -Non hai i permessi per inserire dati, o non hai scelto la consultazione!");
[257]24$sql = "SELECT t1.tipo_cons,t2.id_cons FROM ".$prefix."_ele_consultazione as t1, ".$prefix."_ele_cons_comune as t2 where t1.id_cons_gen=t2.id_cons_gen and t2.id_cons_gen='$id_cons_gen' and t2.id_comune='$id_comune' ";
25$sth = $dbi->prepare("$sql");
26$sth->execute();
27
28list($tipo_cons,$id_cons) = $sth->fetch(PDO::FETCH_NUM);
29$sql = "SELECT genere FROM ".$prefix."_ele_tipo where tipo_cons='$tipo_cons' ";
30$sth = $dbi->prepare("$sql");
31$sth->execute();
32list($genere) = $sth->fetch(PDO::FETCH_NUM);
[2]33include("modules/Elezioni/funzionidata.php");
34include("modules/Elezioni/ele.php");
35
[344]36if (isset($param['do'])) $do=addslashes($param['do']); else $do='';
[2]37if (isset($param['min'])) $min=intval($param['min']); else $min=0;
[344]38if (isset($param['ok'])) $ok=addslashes($param['ok']); else $ok='';
[2]39if (isset($param['id_lista'])) $id_lista=intval($param['id_lista']); else $id_lista='';
40if (isset($param['id_sez'])) $id_sez=intval($param['id_sez']); else $id_sez='';
41if (isset($param['id_circ'])) {$id_circ=intval($param['id_circ']); $_SESSION['id_circ']=$id_circ;} else
42 if (isset($_SESSION['id_circ'])) $id_circ=intval($_SESSION['id_circ']); else $id_circ='';
43if (isset($param['id_gruppo'])) $id_gruppo=intval($param['id_gruppo']); else $id_gruppo='';
44if (isset($param['id_cand'])) $id_cand=intval($param['id_cand']); else $id_cand='';
45if (isset($param['id_cand2'])) $id_cand2=intval($param['id_cand2']); else $id_cand2='';
46if (isset($param['num_lista'])) $num_lista=intval($param['num_lista']); else $num_lista='';
[344]47if (isset($param['cognome'])) $cognome=addslashes($param['cognome']); else $cognome='';
48if (isset($param['simbolo'])) $simbolo=addslashes($param['simbolo']); else $simbolo='';
49if (isset($param['nome'])) $nome=addslashes($param['nome']); else $nome='';
50if (isset($param['note'])) $note=addslashes($param['note']); else $note='';
[2]51if (isset($param['num_cand'])) $num_cand=intval($param['num_cand']); else $num_cand=0;
52
53// Offset - visualizza il numero di elementi per pagina
54$offset=20;
55
[97]56
[2]57/******************************************************/
58/*Funzione di visualizzazione globale */
59/*****************************************************/
60
61
62function all() {
[258]63 global $do, $param, $bgcolor1, $bgcolor2, $prefix, $dbi, $offset, $min, $tipo_cons, $id_cons,$tipo_cons,$id_lista,$genere,$id_cons_gen,$id_comune,$id_cand,$id_circ,$id_gruppo;
[97]64#patch per bloccare il submit se non e' stata scelta la lista. Proposta da margottid
65echo "<script language=\"Javascript\">\n
66<!--\n
67 function presenza_lista() {\n
68 if (!document.candidato2.id_lista.value) {\n
69 alert('"._SCELTA_LISTA."');\n
70 document.candidato2.id_lista.focus();\n
71 return false;\n
72 }else if(!document.candidato2.cognome.value) {\n
73 alert('"._SCELTA_COGNO."');\n
74 document.candidato2.cognome.focus();\n
75 return false;\n
76
77 }\n
78 return true;\n
79}\n
80//-->\n
81</script>\n";
[2]82 $circo='';$circo2='';
83 $currentlang=$_SESSION['lang'];
[257]84 $sql = "SELECT circo FROM ".$prefix."_ele_tipo where tipo_cons='$tipo_cons' and lingua='$currentlang'";
85 $sth = $dbi->prepare("$sql");
86 $sth->execute();
87 list($cons_circ)= $sth->fetch(PDO::FETCH_NUM);
[2]88 if($cons_circ) //elezioni circoscrizionali
89 {
90 echo "<form name=\"circo\" action=\"admin.php\" method=\"post\">";
91 echo "<br><br><table border=\"1\" width=\"50%\" ><tr bgcolor=\"$bgcolor1\"><td>"._SCEGLI_CIRCO.": </td>";
92 echo "<input type=\"hidden\" name=\"pag\" value=\"admin.php?op=candidato&amp;id_cons_gen=$id_cons_gen&amp;id_circ=\">";
93 echo "<td><select name=\"id_circ\" onChange=\"top.location.href=this.form.pag.value+this.form.id_circ.options[this.form.id_circ.selectedIndex].value;return false\">";
94 echo "<option value=\"\">";
[257]95 $sql = "SELECT * FROM ".$prefix."_ele_circoscrizione where id_cons='$id_cons'";
96 $sth = $dbi->prepare("$sql");
97 $sth->execute();
98 while($arr=$sth->fetch(PDO::FETCH_BOTH)){
[2]99 if (!$id_circ) $id_circ=$arr['id_circ'];
100 $sel= ($arr['id_circ'] == $id_circ) ? "selected":"";
101 echo "<option value=\"".$arr['id_circ']."\" $sel>".$arr['descrizione'];
102 }
103 echo "</select></td></tr></table></form>";
[338]104 $circo="and id_circ=$id_circ";
105 $circo2="and t2.id_circ=$id_circ";
[2]106 }
107 if($id_cand)
108 {
[257]109 $sql = "SELECT * FROM ".$prefix."_ele_candidati where id_cand='$id_cand'";
110 $sth = $dbi->prepare("$sql");
111 $sth->execute();
112 $pro= $sth->fetch(PDO::FETCH_BOTH);
[2]113 }else{
114 $pro['cognome']='';$pro['num_cand']='';$pro['nome']='';
115 }
116 if (!isset($id_lista)) {
[257]117 $sql="SELECT id_lista from ".$prefix."_ele_lista where id_cons=$id_cons $circo and num_lista=1";
118 $sth = $dbi->prepare("$sql");
119 $sth->execute();
120 list($id_lista)=$sth->fetch(PDO::FETCH_NUM);
[2]121 }
122 $cond=($id_lista>0) ? "and t1.id_lista=".$id_lista :'';
123 echo "<center><font class=\"title\"><br><b>"._CANDIDATO."</b></font><br><br><table border=\"0\" width=\"100%\"><tr>"
124 ."<td bgcolor=\"$bgcolor1\" align=\"center\"><b>"._NUM."</b></td>"
125 ."<td bgcolor=\"$bgcolor1\" align=\"center\"><b>"._COGNOME."</b></td>"
126 ."<td bgcolor=\"$bgcolor1\" align=\"center\"><b>"._NOME."</b></td>";
127 echo "<td bgcolor=\"$bgcolor1\" align=\"center\"><b>"._LISTA."</b></td>";
128
129 if ($genere==3 or $genere==5) {
130 $query= "SELECT
131 t1.id_cand,t1.id_lista,t1.num_cand,t1.cognome,t1.nome, t1.simbolo,
132 t2.simbolo as sim_lista,t2.descrizione, t3.simbolo as sim_gruppo, t3.descrizione
133 FROM ".$prefix."_ele_candidati as t1,
134 ".$prefix."_ele_lista as t2,
135 ".$prefix."_ele_gruppo as t3
136 WHERE t1.id_lista=t2.id_lista
137 and t2.id_gruppo=t3.id_gruppo
138 and t1.id_cons=t2.id_cons
139 and t1.id_cons=$id_cons $circo2
140 $cond
141 order by t2.num_lista, t1.num_cand
142 limit $min,$offset";
143 } else {
144 $query= "SELECT
145 t1.id_cand,t1.id_lista,t1.num_cand,t1.cognome,t1.nome, t1.simbolo,
146 t2.simbolo as sim_lista,t2.descrizione, '', ''
147 FROM ".$prefix."_ele_candidati as t1,
148 ".$prefix."_ele_lista as t2
149 WHERE t1.id_cons=$id_cons
150 and t1.id_cons=t2.id_cons
151 and t1.id_lista=t2.id_lista $circo2
152 $cond
153 order by t2.num_lista,t1.num_cand
154 limit $min,$offset";
155 }
156 echo "<td bgcolor=\"$bgcolor1\" align=\"center\"><b>"._FUNZIONI."</b></td></tr>";
[257]157 $result = $dbi->prepare("$query");
158 $result->execute();
[2]159 if($cons_circ)
[257]160 $sql = "SELECT count(0) FROM ".$prefix."_ele_candidati as t1,".$prefix."_ele_lista as t2 where t1.id_cons='$id_cons' and t1.id_cons=t2.id_cons and t2.id_circ=$id_circ and t1.id_lista=t2.id_lista $cond ";
[2]161 else
[257]162 $sql = "SELECT count(0) FROM ".$prefix."_ele_candidati as t1 where t1.id_cons='$id_cons' $cond ";
163 $sth = $dbi->prepare("$sql");
164 $sth->execute();
[258]165 list($max) = $sth->fetch(PDO::FETCH_NUM);
[2]166 if($id_lista){
167 $numero=$max+1;} else $numero='';
168 //-----------------------lo stemma e la circoscrizione devono essere associati alla lista -
[97]169 echo "<form name=\"candidato2\" action=\"admin.php\" onSubmit=\"return presenza_lista();\">"
[2]170 ."<input type=\"hidden\" name=\"op\" value=\"candidato\">";
171 if ($pro['cognome']) {
172 echo "<input type=\"hidden\" name=\"do\" value=\"update\">";
173 echo "<tr><td><input type=\"text\" name=\"num_cand\" value=\"".$pro['num_cand']."\" size=\"5\"></td>";
174 }else{
175 echo "<input type=\"hidden\" name=\"do\" value=\"add\">";
176 echo "<tr><td><input type=\"text\" name=\"num_cand\" value=\"$numero\" size=\"5\"></td>";
177 }
178 echo "<td><input type=\"text\" name=\"cognome\" maxlength=\"50\" value=\"".$pro['cognome']."\"></td>";
179 echo "<td><input type=\"text\" name=\"nome\" maxlength=\"50\" value=\"".$pro['nome']."\"></td>";
180 //."<td><input type=\"text\" name=\"foto\" maxlength=\"20\"></td>";
181 echo "<input type=\"hidden\" name=\"pag\" value=\"admin.php?op=candidato&amp;id_cons=$id_cons&amp;id_cons_gen=$id_cons_gen&amp;id_comune=$id_comune&amp;id_circ=$id_circ&amp;id_lista=\">";
182 echo "<td width=\"10%\"><select width=\"10\" name=\"id_lista\" onChange=\"aggiorna()\">";
[257]183 $sql= "SELECT id_lista,num_lista,descrizione FROM ".$prefix."_ele_lista where id_cons='$id_cons' $circo order by num_lista";
184 $lis = $dbi->prepare("$sql");
185 $lis->execute();
[2]186 echo "<option value=\"\">";
[257]187
188 while(list($id,$numlist,$descr) = $lis->fetch(PDO::FETCH_NUM)) {
[2]189 if (!isset($id_lista)){$id_lista=$id;}
190 $sel= ($id == $id_lista) ? "selected":"";
[37]191 echo "<option width=\"10\" value=\"$id\" $sel>".$numlist.") ".$descr;
192# echo "<option width=\"10\" value=\"$id\" $sel>".$numlist.") ".substr($descr,0,25);
[2]193 }
194 echo "</select></td>";
195 echo "<input type=\"hidden\" name=\"id_cons_gen\" value=\"$id_cons_gen\">";
196 echo "<input type=\"hidden\" name=\"id_circ\" value=\"$id_circ\">";
197 echo "<input type=\"hidden\" name=\"min\" value=\"$min\">";
198 if ($pro['cognome']) {
199 echo "<td align=\"center\"><input type=\"submit\" name=\"update\" value=\""._MODIFY."\"></td>";
200 echo "<input type=\"hidden\" name=\"id_cand\" value=\"".$pro['id_cand']."\">";
201 }else{
202 echo "<td align=\"center\"><input type=\"submit\" name=\"add\" value=\""._ADD."\"></td>";
203 echo "<input type=\"hidden\" name=\"id_cand\" value=\"$id_cand\">";
204 }
205 echo "</form>";
206 echo "<SCRIPT type=\"text/javascript\">\n\n<!--\n"
207 ."document.candidato2.cognome.focus()\n"
208 ."//-->\n";
209 echo "function vai_a() {\n";
210 echo "window.document.location.href=document.candidato2.pag.value+document.candidato2.id_lista.value\n";
211 echo "}\n";
212 echo "function aggiorna(id_ele) {\n";
213 echo "if (document.candidato2.cognome.value==\"\") {vai_a()}\n";
214 echo "}\n";
215 echo "</script>\n";
216 if ($result)
217 while(list($id_cand,$id_lista2,$num_cand,$cognome, $nome,$simbolo,$simb_lista,
[257]218 $descr_lista,$simb_gruppo,$descr_gruppo) = $result->fetch(PDO::FETCH_NUM)) {
[2]219 $bgcolor1=($bgcolor1==$_SESSION['bgcolor1'])?$_SESSION['bgcolor2']:$_SESSION['bgcolor1'];
220 echo "<tr bgcolor=\"$bgcolor1\"><td align=\"center\"><b>$num_cand</b>"
221 ."</td><td align=\"left\"><b>$cognome</b>"
222 ."</td><td align=\"left\"><b>$nome</b>";
223 echo "</td><td align=\"center\"><b>$descr_lista </b>";
224 echo "</td><td align=\"center\" nowrap>[<a
225 href=\"admin.php?op=candidato&amp;do=modify&amp;id_cand=$id_cand&amp;id_circ=$id_circ&amp;id_lista=$id_lista2&amp;id_gruppo=$id_gruppo&amp;id_cons_gen=$id_cons_gen&amp;min=$min\"><img src=\"modules/Elezioni/images/edit.gif\"
226 border=\"0\" align=\"center\"> "._EDIT."</a>]";
227 echo "[<a href=\"admin.php?op=candidato&amp;do=delete&amp;id_cand=$id_cand&amp;id_circ=$id_circ&amp;id_lista=$id_lista2&amp;id_gruppo=$id_gruppo&amp;cognome=$cognome&amp;nome=$nome&amp;id_cons_gen=$id_cons_gen&amp;min=$min\">"._DELETE." <img src=\"modules/Elezioni/images/delete.gif\"
228 border=\"0\" align=\"center\"></a>]";
229 echo "</td></tr>";
230 }
231 echo "</table></center>";
232
233 #'Pagina precedente' e 'Pagina Successiva'
234 echo"<table align=\"center\" width=\"100%\" ><tr>";
235 $prev=$min-$offset;
236 if ($prev>=0) {
237 echo "<td colspan=\"5\" align=\"center\" bgcolor=\"$bgcolor1\"><a href=\"admin.php?op=candidato&amp;id_cand=$id_cand&amp;id_gruppo=$id_gruppo&amp;id_cons=$id_cons&amp;id_circ=$id_circ&amp;id_lista=$id_lista&amp;min=$prev&amp;id_cons_gen=$id_cons_gen&amp;id_comune=$id_comune\">";
238 echo "<b>$offset "._PREV_MATCH."</b></a></td>";
239 }
240
241 $next=$min+$offset;
242 if ($next>=($offset-1)) {
243 if($next>=$max) $next = $max;
244 else {
245
246 echo "<td colspan=\"5\" align=\"center\" bgcolor=\"$bgcolor1\"><a href=\"admin.php?op=candidato&amp;id_cand=$id_cand&amp;id_gruppo=$id_gruppo&amp;id_cons=$id_cons&amp;id_lista=$id_lista&amp;min=$next&amp;id_cons_gen=$id_cons_gen&amp;id_comune=$id_comune\">";
247 echo "<b>$offset "._NEXT_MATCH."</b></a></td>";
248 }
249 }
250 echo "</tr></table><br>";
251
252}
253
254////////////////////////////////////////////////////////
255// Aggiunge candidato
256////////////////////////////////////////////////////////
257
258
259function candidato($ok, $do,$id_cand, $id_lista,$id_circ, $id_gruppo,$cognome, $nome, $note, $simbolo,$id_cand2,$num_cand) {
260 global $param, $bgcolor1, $bgcolor2, $prefix, $dbi, $descr_cons, $id_cons,$simbolo2,$min,$id_cons_gen,$id_comune,$id_sez;
[307]261 if(!$id_sez) $id_sez=0;
[2]262$aid=$_SESSION['aid'];
263$perms=ChiSei($id_cons_gen);
264if ($perms >16) {
265 if($id_cand) {
[257]266 $sql = "SELECT * FROM ".$prefix."_ele_candidati where id_cand='$id_cand'";
[2]267 }else{
[257]268 $sql="SELECT * FROM ".$prefix."_ele_candidati where id_lista='$id_lista'
269 and id_cons='$id_cons' and cognome='$cognome' and nome='$nome'";
[2]270 }
[257]271 $sthcan = $dbi->prepare("$sql");
272 $sthcan->execute();
273
[2]274 $username=$aid;
275 $data=date("Y/m/d");
276 $tempo=date("H:i:s");
277
278 if ($do == "delete") {
279 if ($ok !="1") {
280 ele();
281 echo "<center><br><br>"._DOMCANCELLA." "._CANDIDATO." $cognome $nome ?<br>";
[87]282 echo "[ <a href=\"admin.php?op=candidato&amp;id_cons_gen=$id_cons_gen\">"._NO."</a> ] - [<a href=\"admin.php?op=candidato&amp;do=delete&amp;id_cand=$id_cand&amp;id_gruppo=$id_gruppo&amp;id_cons=$id_cons&amp;id_circ=$id_circ&amp;ok=1&amp;id_cons_gen=$id_cons_gen&amp;id_lista=$id_lista&amp;id_comune=$id_comune&amp;min=$min\">"._YES."</a> ]";
[2]283 }else{
[257]284 $pro= $sthcan->fetch(PDO::FETCH_BOTH);
[360]285 $dati = htmlentities($_pro['cognome'], ENT_QUOTES, "UTF-8");
[257]286 $sql="delete from ".$prefix."_ele_candidati where id_cand='$id_cand'";
287 $sth = $dbi->prepare("$sql");
288 $sth->execute();
289 $result=$sth->rowCount();
[360]290 $sql="insert into ".$prefix."_ele_log values ('$id_cons','$id_sez','$username','$data','$tempo','DELETE:id_lista:$pro[id_lista],cognome:$dati,nome:$codifica:$pro[nome]','','".$prefix."_ele_candidati')";
[257]291 $sth = $dbi->prepare("$sql");
292 $sth->execute();
[87]293 Header("Location: admin.php?op=candidato&id_cons=$id_cons&id_cons_gen=$id_cons_gen&id_comune=$id_comune&id_circ=$id_circ&id_lista=$id_lista&min=$min");
[2]294 }
295 }elseif ($do == "add") {
296 if ($cognome) {
297 // dati gruppo
298 if (!$num_cand){
[257]299 $sql="select max(num_cand) from ".$prefix."_ele_candidati where id_lista='$id_lista'";
300 $result = $dbi->prepare("$sql");
301 $result->execute();
302 if ($result->rowCount()) list($num_cand)=$result->fetch(PDO::FETCH_NUM);
[2]303 else $num_cand=0;
304 $num_cand++;
305 }
[358]306 ###################
[352]307 $sql="select id_gruppo,num_lista from ".$prefix."_ele_lista where id_lista='$id_lista'";
[257]308 $sth = $dbi->prepare("$sql");
309 $sth->execute();
[352]310 list($id_gruppo,$num_lista)=$sth->fetch(PDO::FETCH_NUM);
311 $sql="insert into ".$prefix."_ele_candidati(id_cons,id_lista,num_lista,cognome,nome,note,simbolo,num_cand) values ('$id_cons','$id_lista','$num_lista','$cognome','$nome','$note','$simbolo','$num_cand')";
[257]312 $sth = $dbi->prepare("$sql");
313 $sth->execute();
314 $result=$sth->rowCount();
[358]315 $sql="insert into ".$prefix."_ele_log values ('$id_cons','$id_sez','$username','$data','$tempo','','ADD:id_lista:$id_lista,num_lista:$num_lista,cognome:$cognome,nome:$nome','".$prefix."_ele_candidati')";
316#########
[257]317 $sth = $dbi->prepare("$sql");
318 $sth->execute();
[258]319 Header("Location: admin.php?op=candidato&id_cons=$id_cons&id_lista=$id_lista&id_cons_gen=$id_cons_gen&id_comune=$id_comune&id_circ=$id_circ&min=$min");
[2]320 } else {
321 ele();
322 OpenTable();
323 echo "<center>"._GESTIONE." "._CANDIDATO." ";
[87]324 echo "<br><br><a href=\"admin.php?op=candidato&amp;id_cons=$id_cons&amp;id_lista=$id_lista&amp;id_cons_gen=$id_cons_gen&amp;id_comune=$id_comune&amp;id_circ=$id_circ&amp;min=$min\">"._IMM." "._CANDIDATO."</a></center>";
[2]325 CloseTable();exit;
326 }
327 }elseif ($do == "update") {
[257]328 $pro= $sthcan->fetch(PDO::FETCH_BOTH);
[358]329 ################
[352]330 $sql="select id_gruppo,num_lista from ".$prefix."_ele_lista where id_lista='$id_lista'";
[257]331 $sth = $dbi->prepare("$sql");
332 $sth->execute();
[352]333 list($id_gruppo,$num_lista)=$sth->fetch(PDO::FETCH_NUM);
[2]334 $cond='';
335 if (isset($note)) {$cond=", note='$note'";}
336 if (isset($simbolo)) {$cond.=", simbolo='$simbolo'";}
[352]337 $sql="update ".$prefix."_ele_candidati set id_lista='$id_lista', num_lista='$num_lista', cognome='$cognome', nome='$nome', num_cand='$num_cand' $cond where id_cand='$id_cand' ";
[358]338######
[257]339 $sth = $dbi->prepare("$sql");
340 $sth->execute();
341 $result=$sth->rowCount();
342 $sql="insert into ".$prefix."_ele_log values ('$id_cons','$id_sez','$username','$data','$tempo','UPDATE:id_lista:$pro[id_lista],cognome:$pro[cognome],nome:$pro[nome],num_cand:$pro[num_cand]','id_lista:$id_lista,cognome:$cognome,nome:$nome,num_cand:$num_cand','".$prefix."_ele_candidati')";
343 $sth = $dbi->prepare("$sql");
344 $sth->execute();
[258]345 Header("Location: admin.php?op=candidato&id_cons=$id_cons&id_lista=$id_lista&id_cons_gen=$id_cons_gen&id_comune=$id_comune&id_circ=$id_circ&min=$min");
[2]346 }
347
348}
349}
350
351
[258]352if ($do and $do!='modify'){
[2]353 candidato($ok, $do,$id_cand, $id_lista,$id_circ, $id_gruppo,$cognome, $nome, $note, $simbolo,$id_cand2,$num_cand);
[257]354 } else { ele(); }
[258]355
[2]356all();
357echo"</td></tr></table>";
358include("footer.php");
359
360?>
Note: See TracBrowser for help on using the repository browser.