source: trunk/admin/modules/Elezioni/ele_candidato.php@ 257

Last change on this file since 257 was 257, checked in by roby, 6 years ago
File size: 17.5 KB
Line 
1<?php
2/************************************************************************/
3/* Eleonline - Raccolta e diffusione dei dati elettorali */
4/* by Roberto Gigli & Luciano Apolito */
5/* http://www.eleonline.it */
6/* info@eleonline.it luciano@aniene.net rgigli@libero.it */
7/************************************************************************/
8/* Modulo Candidati */
9/* Amministrazione */
10/************************************************************************/
11
12if (!defined('ADMIN_FILE')) {
13 die ("You can't access this file directly...");
14}
15global $dbi;
16$aid=$_SESSION['aid'];
17$prefix=$_SESSION['prefix'];
18$currentlang=$_SESSION['lang'];
19$id_comune=$_SESSION['id_comune'];
20$param=strtolower($_SERVER['REQUEST_METHOD']) == 'get' ? $_GET : $_POST;
21$id_cons_gen=$param['id_cons_gen'];
22$perms=ChiSei($id_cons_gen);
23if ($perms<32 or !$id_cons_gen) die("$id_cons_gen -Non hai i permessi per inserire dati, o non hai scelto la consultazione!");
24$sql = "SELECT t1.tipo_cons,t2.id_cons FROM ".$prefix."_ele_consultazione as t1, ".$prefix."_ele_cons_comune as t2 where t1.id_cons_gen=t2.id_cons_gen and t2.id_cons_gen='$id_cons_gen' and t2.id_comune='$id_comune' ";
25$sth = $dbi->prepare("$sql");
26$sth->execute();
27
28list($tipo_cons,$id_cons) = $sth->fetch(PDO::FETCH_NUM);
29$sql = "SELECT genere FROM ".$prefix."_ele_tipo where tipo_cons='$tipo_cons' ";
30$sth = $dbi->prepare("$sql");
31$sth->execute();
32list($genere) = $sth->fetch(PDO::FETCH_NUM);
33include("modules/Elezioni/funzionidata.php");
34include("modules/Elezioni/ele.php");
35
36if (isset($param['do'])) get_magic_quotes_gpc() ? $do=$param['do']:$do=addslashes($param['do']); else $do='';
37if (isset($param['min'])) $min=intval($param['min']); else $min=0;
38if (isset($param['ok'])) get_magic_quotes_gpc() ? $ok=$param['ok']:$ok=addslashes($param['ok']); else $ok='';
39if (isset($param['id_lista'])) $id_lista=intval($param['id_lista']); else $id_lista='';
40if (isset($param['id_sez'])) $id_sez=intval($param['id_sez']); else $id_sez='';
41if (isset($param['id_circ'])) {$id_circ=intval($param['id_circ']); $_SESSION['id_circ']=$id_circ;} else
42 if (isset($_SESSION['id_circ'])) $id_circ=intval($_SESSION['id_circ']); else $id_circ='';
43if (isset($param['id_gruppo'])) $id_gruppo=intval($param['id_gruppo']); else $id_gruppo='';
44if (isset($param['id_cand'])) $id_cand=intval($param['id_cand']); else $id_cand='';
45if (isset($param['id_cand2'])) $id_cand2=intval($param['id_cand2']); else $id_cand2='';
46if (isset($param['num_lista'])) $num_lista=intval($param['num_lista']); else $num_lista='';
47if (isset($param['cognome'])) get_magic_quotes_gpc() ? $cognome=$param['cognome']:$cognome=addslashes($param['cognome']); else $cognome='';
48if (isset($param['simbolo'])) get_magic_quotes_gpc() ? $simbolo=$param['simbolo']:$simbolo=addslashes($param['simbolo']); else $simbolo='';
49if (isset($param['nome'])) get_magic_quotes_gpc() ? $nome=$param['nome']:$nome=addslashes($param['nome']); else $nome='';
50if (isset($param['note'])) get_magic_quotes_gpc() ? $note=$param['note']:$note=addslashes($param['note']); else $note='';
51if (isset($param['num_cand'])) $num_cand=intval($param['num_cand']); else $num_cand=0;
52
53// Offset - visualizza il numero di elementi per pagina
54$offset=20;
55
56
57/******************************************************/
58/*Funzione di visualizzazione globale */
59/*****************************************************/
60
61
62function all() {
63 global $param, $bgcolor1, $bgcolor2, $prefix, $dbi, $offset, $min, $tipo_cons, $id_cons,$tipo_cons,$id_lista,$genere,$id_cons_gen,$id_comune,$id_cand,$id_circ,$id_gruppo;
64#patch per bloccare il submit se non e' stata scelta la lista. Proposta da margottid
65echo "<script language=\"Javascript\">\n
66<!--\n
67 function presenza_lista() {\n
68 if (!document.candidato2.id_lista.value) {\n
69 alert('"._SCELTA_LISTA."');\n
70 document.candidato2.id_lista.focus();\n
71 return false;\n
72 }else if(!document.candidato2.cognome.value) {\n
73 alert('"._SCELTA_COGNO."');\n
74 document.candidato2.cognome.focus();\n
75 return false;\n
76
77 }\n
78 return true;\n
79}\n
80//-->\n
81</script>\n";
82 $circo='';$circo2='';
83 $currentlang=$_SESSION['lang'];
84 $sql = "SELECT circo FROM ".$prefix."_ele_tipo where tipo_cons='$tipo_cons' and lingua='$currentlang'";
85 $sth = $dbi->prepare("$sql");
86 $sth->execute();
87 list($cons_circ)= $sth->fetch(PDO::FETCH_NUM);
88 if($cons_circ) //elezioni circoscrizionali
89 {
90 echo "<form name=\"circo\" action=\"admin.php\" method=\"post\">";
91 echo "<br><br><table border=\"1\" width=\"50%\" ><tr bgcolor=\"$bgcolor1\"><td>"._SCEGLI_CIRCO.": </td>";
92 echo "<input type=\"hidden\" name=\"pag\" value=\"admin.php?op=candidato&amp;id_cons_gen=$id_cons_gen&amp;id_circ=\">";
93 echo "<td><select name=\"id_circ\" onChange=\"top.location.href=this.form.pag.value+this.form.id_circ.options[this.form.id_circ.selectedIndex].value;return false\">";
94 echo "<option value=\"\">";
95 $sql = "SELECT * FROM ".$prefix."_ele_circoscrizione where id_cons='$id_cons'";
96 $sth = $dbi->prepare("$sql");
97 $sth->execute();
98 while($arr=$sth->fetch(PDO::FETCH_BOTH)){
99 if (!$id_circ) $id_circ=$arr['id_circ'];
100 $sel= ($arr['id_circ'] == $id_circ) ? "selected":"";
101 echo "<option value=\"".$arr['id_circ']."\" $sel>".$arr['descrizione'];
102 }
103 echo "</select></td></tr></table></form>";
104 $circo="and id_circ='$id_circ'";
105 $circo2="and t2.id_circ='$id_circ'";
106 }
107 if($id_cand)
108 {
109 $sql = "SELECT * FROM ".$prefix."_ele_candidati where id_cand='$id_cand'";
110 $sth = $dbi->prepare("$sql");
111 $sth->execute();
112 $pro= $sth->fetch(PDO::FETCH_BOTH);
113 }else{
114 $pro['cognome']='';$pro['num_cand']='';$pro['nome']='';
115 }
116 if (!isset($id_lista)) {
117 $sql="SELECT id_lista from ".$prefix."_ele_lista where id_cons=$id_cons $circo and num_lista=1";
118 $sth = $dbi->prepare("$sql");
119 $sth->execute();
120 list($id_lista)=$sth->fetch(PDO::FETCH_NUM);
121 }
122 $cond=($id_lista>0) ? "and t1.id_lista=".$id_lista :'';
123 echo "<center><font class=\"title\"><br><b>"._CANDIDATO."</b></font><br><br><table border=\"0\" width=\"100%\"><tr>"
124 ."<td bgcolor=\"$bgcolor1\" align=\"center\"><b>"._NUM."</b></td>"
125 ."<td bgcolor=\"$bgcolor1\" align=\"center\"><b>"._COGNOME."</b></td>"
126 ."<td bgcolor=\"$bgcolor1\" align=\"center\"><b>"._NOME."</b></td>";
127 echo "<td bgcolor=\"$bgcolor1\" align=\"center\"><b>"._LISTA."</b></td>";
128
129 if ($genere==3 or $genere==5) {
130 $query= "SELECT
131 t1.id_cand,t1.id_lista,t1.num_cand,t1.cognome,t1.nome, t1.simbolo,
132 t2.simbolo as sim_lista,t2.descrizione, t3.simbolo as sim_gruppo, t3.descrizione
133 FROM ".$prefix."_ele_candidati as t1,
134 ".$prefix."_ele_lista as t2,
135 ".$prefix."_ele_gruppo as t3
136 WHERE t1.id_lista=t2.id_lista
137 and t2.id_gruppo=t3.id_gruppo
138 and t1.id_cons=t2.id_cons
139 and t1.id_cons=$id_cons $circo2
140 $cond
141 order by t2.num_lista, t1.num_cand
142 limit $min,$offset";
143 } else {
144 $query= "SELECT
145 t1.id_cand,t1.id_lista,t1.num_cand,t1.cognome,t1.nome, t1.simbolo,
146 t2.simbolo as sim_lista,t2.descrizione, '', ''
147 FROM ".$prefix."_ele_candidati as t1,
148 ".$prefix."_ele_lista as t2
149 WHERE t1.id_cons=$id_cons
150 and t1.id_cons=t2.id_cons
151 and t1.id_lista=t2.id_lista $circo2
152 $cond
153 order by t2.num_lista,t1.num_cand
154 limit $min,$offset";
155 }
156 echo "<td bgcolor=\"$bgcolor1\" align=\"center\"><b>"._FUNZIONI."</b></td></tr>";
157 $result = $dbi->prepare("$query");
158 $result->execute();
159# list($id_lista)=$result->fetch(PDO::FETCH_NUM);
160 if($cons_circ)
161 $sql = "SELECT count(0) FROM ".$prefix."_ele_candidati as t1,".$prefix."_ele_lista as t2 where t1.id_cons='$id_cons' and t1.id_cons=t2.id_cons and t2.id_circ=$id_circ and t1.id_lista=t2.id_lista $cond ";
162 else
163 $sql = "SELECT count(0) FROM ".$prefix."_ele_candidati as t1 where t1.id_cons='$id_cons' $cond ";
164 $sth = $dbi->prepare("$sql");
165 $sth->execute();
166 list($max) = $sth->rowCount();
167 if($id_lista){
168 $numero=$max+1;} else $numero='';
169 //-----------------------lo stemma e la circoscrizione devono essere associati alla lista -
170 echo "<form name=\"candidato2\" action=\"admin.php\" onSubmit=\"return presenza_lista();\">"
171 ."<input type=\"hidden\" name=\"op\" value=\"candidato\">";
172 if ($pro['cognome']) {
173 echo "<input type=\"hidden\" name=\"do\" value=\"update\">";
174 echo "<tr><td><input type=\"text\" name=\"num_cand\" value=\"".$pro['num_cand']."\" size=\"5\"></td>";
175 }else{
176 echo "<input type=\"hidden\" name=\"do\" value=\"add\">";
177 echo "<tr><td><input type=\"text\" name=\"num_cand\" value=\"$numero\" size=\"5\"></td>";
178 }
179 echo "<td><input type=\"text\" name=\"cognome\" maxlength=\"50\" value=\"".$pro['cognome']."\"></td>";
180 echo "<td><input type=\"text\" name=\"nome\" maxlength=\"50\" value=\"".$pro['nome']."\"></td>";
181 //."<td><input type=\"text\" name=\"foto\" maxlength=\"20\"></td>";
182 echo "<input type=\"hidden\" name=\"pag\" value=\"admin.php?op=candidato&amp;id_cons=$id_cons&amp;id_cons_gen=$id_cons_gen&amp;id_comune=$id_comune&amp;id_circ=$id_circ&amp;id_lista=\">";
183 echo "<td width=\"10%\"><select width=\"10\" name=\"id_lista\" onChange=\"aggiorna()\">";
184 $sql= "SELECT id_lista,num_lista,descrizione FROM ".$prefix."_ele_lista where id_cons='$id_cons' $circo order by num_lista";
185 $lis = $dbi->prepare("$sql");
186 $lis->execute();
187 echo "<option value=\"\">";
188
189 while(list($id,$numlist,$descr) = $lis->fetch(PDO::FETCH_NUM)) {
190 if (!isset($id_lista)){$id_lista=$id;}
191 $sel= ($id == $id_lista) ? "selected":"";
192 echo "<option width=\"10\" value=\"$id\" $sel>".$numlist.") ".$descr;
193# echo "<option width=\"10\" value=\"$id\" $sel>".$numlist.") ".substr($descr,0,25);
194 }
195 echo "</select></td>";
196 echo "<input type=\"hidden\" name=\"id_cons_gen\" value=\"$id_cons_gen\">";
197 echo "<input type=\"hidden\" name=\"id_circ\" value=\"$id_circ\">";
198 echo "<input type=\"hidden\" name=\"min\" value=\"$min\">";
199 if ($pro['cognome']) {
200 echo "<td align=\"center\"><input type=\"submit\" name=\"update\" value=\""._MODIFY."\"></td>";
201 echo "<input type=\"hidden\" name=\"id_cand\" value=\"".$pro['id_cand']."\">";
202 }else{
203 echo "<td align=\"center\"><input type=\"submit\" name=\"add\" value=\""._ADD."\"></td>";
204 echo "<input type=\"hidden\" name=\"id_cand\" value=\"$id_cand\">";
205 }
206 echo "</form>";
207 echo "<SCRIPT type=\"text/javascript\">\n\n<!--\n"
208 ."document.candidato2.cognome.focus()\n"
209 ."//-->\n";
210 echo "function vai_a() {\n";
211 echo "window.document.location.href=document.candidato2.pag.value+document.candidato2.id_lista.value\n";
212 echo "}\n";
213 echo "function aggiorna(id_ele) {\n";
214 echo "if (document.candidato2.cognome.value==\"\") {vai_a()}\n";
215 echo "}\n";
216 echo "</script>\n";
217 if ($result)
218 while(list($id_cand,$id_lista2,$num_cand,$cognome, $nome,$simbolo,$simb_lista,
219 $descr_lista,$simb_gruppo,$descr_gruppo) = $result->fetch(PDO::FETCH_NUM)) {
220 $bgcolor1=($bgcolor1==$_SESSION['bgcolor1'])?$_SESSION['bgcolor2']:$_SESSION['bgcolor1'];
221 echo "<tr bgcolor=\"$bgcolor1\"><td align=\"center\"><b>$num_cand</b>"
222 ."</td><td align=\"left\"><b>$cognome</b>"
223 ."</td><td align=\"left\"><b>$nome</b>";
224 echo "</td><td align=\"center\"><b>$descr_lista </b>";
225 echo "</td><td align=\"center\" nowrap>[<a
226 href=\"admin.php?op=candidato&amp;do=modify&amp;id_cand=$id_cand&amp;id_circ=$id_circ&amp;id_lista=$id_lista2&amp;id_gruppo=$id_gruppo&amp;id_cons_gen=$id_cons_gen&amp;min=$min\"><img src=\"modules/Elezioni/images/edit.gif\"
227 border=\"0\" align=\"center\"> "._EDIT."</a>]";
228 echo "[<a href=\"admin.php?op=candidato&amp;do=delete&amp;id_cand=$id_cand&amp;id_circ=$id_circ&amp;id_lista=$id_lista2&amp;id_gruppo=$id_gruppo&amp;cognome=$cognome&amp;nome=$nome&amp;id_cons_gen=$id_cons_gen&amp;min=$min\">"._DELETE." <img src=\"modules/Elezioni/images/delete.gif\"
229 border=\"0\" align=\"center\"></a>]";
230 echo "</td></tr>";
231 }
232 echo "</table></center>";
233
234 #'Pagina precedente' e 'Pagina Successiva'
235 echo"<table align=\"center\" width=\"100%\" ><tr>";
236 $prev=$min-$offset;
237 if ($prev>=0) {
238 echo "<td colspan=\"5\" align=\"center\" bgcolor=\"$bgcolor1\"><a href=\"admin.php?op=candidato&amp;id_cand=$id_cand&amp;id_gruppo=$id_gruppo&amp;id_cons=$id_cons&amp;id_circ=$id_circ&amp;id_lista=$id_lista&amp;min=$prev&amp;id_cons_gen=$id_cons_gen&amp;id_comune=$id_comune\">";
239 echo "<b>$offset "._PREV_MATCH."</b></a></td>";
240 }
241
242 $next=$min+$offset;
243 if ($next>=($offset-1)) {
244 if($next>=$max) $next = $max;
245 else {
246
247 echo "<td colspan=\"5\" align=\"center\" bgcolor=\"$bgcolor1\"><a href=\"admin.php?op=candidato&amp;id_cand=$id_cand&amp;id_gruppo=$id_gruppo&amp;id_cons=$id_cons&amp;id_lista=$id_lista&amp;min=$next&amp;id_cons_gen=$id_cons_gen&amp;id_comune=$id_comune\">";
248 echo "<b>$offset "._NEXT_MATCH."</b></a></td>";
249 }
250 }
251 echo "</tr></table><br>";
252
253}
254
255////////////////////////////////////////////////////////
256// Aggiunge candidato
257////////////////////////////////////////////////////////
258
259
260function candidato($ok, $do,$id_cand, $id_lista,$id_circ, $id_gruppo,$cognome, $nome, $note, $simbolo,$id_cand2,$num_cand) {
261 global $param, $bgcolor1, $bgcolor2, $prefix, $dbi, $descr_cons, $id_cons,$simbolo2,$min,$id_cons_gen,$id_comune,$id_sez;
262$aid=$_SESSION['aid'];
263$perms=ChiSei($id_cons_gen);
264if ($perms >16) {
265 if($id_cand) {
266 $sql = "SELECT * FROM ".$prefix."_ele_candidati where id_cand='$id_cand'";
267 }else{
268 $sql="SELECT * FROM ".$prefix."_ele_candidati where id_lista='$id_lista'
269 and id_cons='$id_cons' and cognome='$cognome' and nome='$nome'";
270 }
271 $sthcan = $dbi->prepare("$sql");
272 $sthcan->execute();
273
274 $username=$aid;
275 $data=date("Y/m/d");
276 $tempo=date("H:i:s");
277
278 if ($do == "delete") {
279 if ($ok !="1") {
280 ele();
281 echo "<center><br><br>"._DOMCANCELLA." "._CANDIDATO." $cognome $nome ?<br>";
282 echo "[ <a href=\"admin.php?op=candidato&amp;id_cons_gen=$id_cons_gen\">"._NO."</a> ] - [<a href=\"admin.php?op=candidato&amp;do=delete&amp;id_cand=$id_cand&amp;id_gruppo=$id_gruppo&amp;id_cons=$id_cons&amp;id_circ=$id_circ&amp;ok=1&amp;id_cons_gen=$id_cons_gen&amp;id_lista=$id_lista&amp;id_comune=$id_comune&amp;min=$min\">"._YES."</a> ]";
283 }else{
284 $pro= $sthcan->fetch(PDO::FETCH_BOTH);
285 $sql="delete from ".$prefix."_ele_candidati where id_cand='$id_cand'";
286 $sth = $dbi->prepare("$sql");
287 $sth->execute();
288 $result=$sth->rowCount();
289 $sql="insert into ".$prefix."_ele_log values ('$id_cons','$id_sez','$username','$data','$tempo','DELETE:id_lista:$pro[id_lista],cognome:$pro[cognome],nome:$pro[nome]','','".$prefix."_ele_candidati')";
290 $sth = $dbi->prepare("$sql");
291 $sth->execute();
292 if (!$result->rowCount())return;
293 Header("Location: admin.php?op=candidato&id_cons=$id_cons&id_cons_gen=$id_cons_gen&id_comune=$id_comune&id_circ=$id_circ&id_lista=$id_lista&min=$min");
294 }
295 }elseif ($do == "add") {
296 if ($cognome) {
297 // dati gruppo
298 if (!$num_cand){
299 $sql="select max(num_cand) from ".$prefix."_ele_candidati where id_lista='$id_lista'";
300 $result = $dbi->prepare("$sql");
301 $result->execute();
302 if ($result->rowCount()) list($num_cand)=$result->fetch(PDO::FETCH_NUM);
303 else $num_cand=0;
304 $num_cand++;
305 }
306 $sql="select id_gruppo from ".$prefix."_ele_lista where id_lista='$id_lista'";
307 $sth = $dbi->prepare("$sql");
308 $sth->execute();
309 list($id_gruppo)=$sth->fetch(PDO::FETCH_NUM);
310 $sql="insert into ".$prefix."_ele_candidati(id_cons,id_lista,cognome,nome,note,simbolo,num_cand) values ('$id_cons','$id_lista','$cognome','$nome','$note','$simbolo','$num_cand')";
311 $sth = $dbi->prepare("$sql");
312 $sth->execute();
313 $result=$sth->rowCount();
314 $sql="insert into ".$prefix."_ele_log values ('$id_cons','$id_sez','$username','$data','$tempo','','ADD:id_lista:$id_lista,cognome:$cognome,nome:$nome','".$prefix."_ele_candidati')";
315 $sth = $dbi->prepare("$sql");
316 $sth->execute();
317 if (!$result) return;
318 Header("Location: admin.php?op=candidato&id_cons=$id_cons&id_lista=$id_lista&id_cons_gen=$id_cons_gen&id_comune=$id_comune&id_circ=$id_circ&min=$min");
319 } else {
320 ele();
321 OpenTable();
322 echo "<center>"._GESTIONE." "._CANDIDATO." ";
323 echo "<br><br><a href=\"admin.php?op=candidato&amp;id_cons=$id_cons&amp;id_lista=$id_lista&amp;id_cons_gen=$id_cons_gen&amp;id_comune=$id_comune&amp;id_circ=$id_circ&amp;min=$min\">"._IMM." "._CANDIDATO."</a></center>";
324 CloseTable();exit;
325 }
326 }elseif ($do == "update") {
327 $pro= $sthcan->fetch(PDO::FETCH_BOTH);
328
329 $sql="select id_gruppo from ".$prefix."_ele_lista where id_lista='$id_lista'";
330 $sth = $dbi->prepare("$sql");
331 $sth->execute();
332 list($id_gruppo)=$sth->fetch(PDO::FETCH_NUM);
333 $cond='';
334 if (isset($note)) {$cond=", note='$note'";}
335 if (isset($simbolo)) {$cond.=", simbolo='$simbolo'";}
336 $sql="update ".$prefix."_ele_candidati set id_lista='$id_lista', cognome='$cognome', nome='$nome', num_cand='$num_cand' $cond where id_cand='$id_cand' ";
337 $sth = $dbi->prepare("$sql");
338 $sth->execute();
339 $result=$sth->rowCount();
340 $sql="insert into ".$prefix."_ele_log values ('$id_cons','$id_sez','$username','$data','$tempo','UPDATE:id_lista:$pro[id_lista],cognome:$pro[cognome],nome:$pro[nome],num_cand:$pro[num_cand]','id_lista:$id_lista,cognome:$cognome,nome:$nome,num_cand:$num_cand','".$prefix."_ele_candidati')";
341 $sth = $dbi->prepare("$sql");
342 $sth->execute();
343 if (!$result) {return;}
344# Header("Location: admin.php?op=candidato&id_cons=$id_cons&id_lista=$id_lista&id_cons_gen=$id_cons_gen&id_comune=$id_comune&id_circ=$id_circ&min=$min");
345 }
346
347}
348}
349
350
351echo "qui si if ($do and $do!='modify')";
352if ($do and $do!='modify'){ele();
353 candidato($ok, $do,$id_cand, $id_lista,$id_circ, $id_gruppo,$cognome, $nome, $note, $simbolo,$id_cand2,$num_cand);
354 } else { ele(); }
355//if (!$do)ele();
356all();
357echo"</td></tr></table>";
358include("footer.php");
359
360?>
Note: See TracBrowser for help on using the repository browser.