source: trunk/admin/modules/Elezioni/ele_gruppo.php@ 422

Last change on this file since 422 was 395, checked in by roby, 18 months ago
  • ADMIN

-- Aggiunto il controllo della dimensione del file immagine per i loghi di liste e gruppi per adeguarle alle dimensioni massime ammesse dal tipo di campo blob (I tipi di file immagine ammessi sono gif,jpeg,bmp,png)

File size: 16.4 KB
RevLine 
[2]1<?php
2/************************************************************************/
3/* Eleonline - Raccolta e diffusione dei dati elettorali */
4/* by Roberto Gigli & Luciano Apolito */
5/* http://www.eleonline.it */
6/* info@eleonline.it luciano@aniene.net rgigli@libero.it */
7/************************************************************************/
8/* Modulo gruppo */
9/* Amministrazione */
10/************************************************************************/
11if (!defined('ADMIN_FILE')) {
12 die ("You can't access this file directly...");
13}
14
15// Offset - visualizza il numero di elementi per pagina
16$offset=5;
[257]17global $dbi;
[2]18$aid=$_SESSION['aid'];
19$prefix=$_SESSION['prefix'];
20$currentlang=$_SESSION['lang'];
21$param=strtolower($_SERVER['REQUEST_METHOD']) == 'get' ? $_GET : $_POST;
22$id_cons_gen=intval($param['id_cons_gen']);
23$perms=ChiSei($id_cons_gen);
24if ($perms<32 or !$id_cons_gen) die("Non hai i permessi per inserire dati, o non hai scelto la consultazione!");
25$id_comune=$_SESSION['id_comune'];
[257]26$sql="SELECT t1.tipo_cons,t2.id_cons FROM ".$prefix."_ele_consultazione as t1, ".$prefix."_ele_cons_comune as t2 where t1.id_cons_gen=t2.id_cons_gen and t2.id_cons_gen='$id_cons_gen' and t2.id_comune='$id_comune' ";
27$res = $dbi->prepare("$sql");
28$res->execute();
29list($tipo_cons,$id_cons) = $res->fetch(PDO::FETCH_NUM);
[2]30
31include("modules/Elezioni/funzionidata.php");
32include("modules/Elezioni/ele.php");
33
[344]34if (isset($param['do'])) $do=addslashes($param['do']); else $do='';
[2]35if (isset($param['min'])) $min=intval($param['min']); else $min=0;
36if (isset($param['id_sede'])) $id_sede=intval($param['id_sede']); else $id_sede='';
[344]37if (isset($param['ok'])) $ok=addslashes($param['ok']); else $ok='';
[2]38if (isset($param['id_circ'])) {$id_circ=intval($param['id_circ']); $_SESSION['id_circ']=$id_circ;} else
39if (isset($_SESSION['id_circ'])) $id_circ=intval($_SESSION['id_circ']); else $id_circ='';
40if (isset($param['id_gruppo'])) $id_gruppo=intval($param['id_gruppo']); else $id_gruppo='';
41if (isset($param['num_gruppo'])) $num_gruppo=intval($param['num_gruppo']); else $num_gruppo='';
[344]42if (isset($param['descr_gruppo'])) $descr_gruppo=addslashes($param['descr_gruppo']); else $descr_gruppo='';
43if (isset($param['simbolo'])) $simbolo=addslashes($param['simbolo']); else $simbolo='';
44if (isset($param['delsimb'])) $delsimb=addslashes($param['delsimb']);
45if (isset($param['delprog'])) $delprog=addslashes($param['delprog']);
[395]46
[2]47/******************************************************/
48/*Funzione di visualizzazione globale */
49/*****************************************************/
50 function all() {
[172]51 global $delsimb,$delprog,$tipo_cons,$param,$currentlang, $bgcolor1, $bgcolor2, $prefix, $dbi, $offset, $min, $id_cons,$id_cons_gen,$id_comune,$id_circ,$do,$id_gruppo;
[257]52 $sql="SELECT circo FROM ".$prefix."_ele_tipo where tipo_cons='$tipo_cons' and lingua='$currentlang'";
53 $res = $dbi->prepare("$sql");
54 $res->execute();
55 list($cons_circ)= $res->fetch(PDO::FETCH_NUM);
[2]56 if($cons_circ)
57 {
58 echo "<form name=\"circo\" action=\"admin.php\" method=\"post\">";
59 echo "<br><table border=\"1\" width=\"50%\" ><tr bgcolor=\"$bgcolor1\"><td>"._SCEGLI_CIRCO.": </td>";
[257]60 $sql="SELECT * FROM ".$prefix."_ele_circoscrizione where id_cons='$id_cons'";
61 $res = $dbi->prepare("$sql");
62 $res->execute();
[2]63 echo "<input type=\"hidden\" name=\"pag\" value=\"admin.php?op=gruppo&amp;id_cons_gen=$id_cons_gen&amp;id_circ=\">";
64 echo "<td><select name=\"id_circ\" onChange=\"top.location.href=this.form.pag.value+this.form.id_circ.options[this.form.id_circ.selectedIndex].value;return false\">";
65 echo "<option value=\"\">";
[257]66 while($arr=$res->fetch(PDO::FETCH_BOTH)){
[2]67 if (!$id_circ) $id_circ=$arr['id_circ'];
68 $sel= ($arr['id_circ'] == $id_circ) ? "selected":"";
69 echo "<option value=\"".$arr['id_circ']."\" $sel>".$arr['descrizione'];
70 }
71 echo "</select></td></tr></table></form>";
72 }
[172]73 echo "<center><font class=\"title\"><b>"._GRUPPO."</b></font><br>";
74
75 echo "<table border=\"0\" width=\"100%\"><tr bgcolor=\"$bgcolor1\"><td colspan=\"5\">";
76 echo "<form name=\"gruppo2\" enctype=\"multipart/form-data\" action=\"admin.php\" method=\"post\">"
77 ."<input type=\"hidden\" name=\"op\" value=\"gruppo\">";
78 echo "<table><tr>"
[2]79 ."<td align=\"center\"width=\"5%\"><b>"._NUM."</b></td>"
80 ."<td align=\"center\"><b>"._DESCR."</b></td>"
[172]81 ."<td align=\"center\"width=\"5%\"><b>"._SIMBOLO."</b>";
82 if ($do=='modify')
83 echo "<br><input type=\"checkbox\" name=\"delsimb\" value=\"false\"> "._DELETE;
84 echo "</td>";
85
86 if ($tipo_cons!=2) {
87 echo "<td align=\"center\"width=\"5%\"><b>"._PROGRAM."</b>";
88 if ($do=='modify')
89 echo "<br><input type=\"checkbox\" name=\"delprog\" value=\"false\"> "._DELETE;
90 echo "</td>";
91 }
[86]92 echo "<td align=\"center\"><b>"._FUNZIONI."</b></td></tr>";
[2]93 //-----------------------visualizza riga superiore per inserimento -
[14]94 $circo= $cons_circ==1 ? "and id_circ='$id_circ'":"";
[257]95 $sql="SELECT * FROM ".$prefix."_ele_gruppo where id_cons='$id_cons' $circo ";
96 $res = $dbi->prepare("$sql");
97 $res->execute();
98 $max = $res->rowCount();
[2]99 $nuovo_gruppo=$max+1;
[172]100 echo "<tr><td>";
[2]101 if ($do=='modify') {
[257]102 $sql="SELECT * FROM ".$prefix."_ele_gruppo where id_gruppo='$id_gruppo'";
103 $resl = $dbi->prepare("$sql");
104 $resl->execute();
105 $gru=$resl->fetch(PDO::FETCH_BOTH);
[2]106 $nuovo_gruppo=$gru['num_gruppo'];
107 echo "<input type=\"hidden\" name=\"do\" value=\"update\">";
108 }else{
109 $gru['id_gruppo']='';$gru['descrizione']='';
110 echo "<input type=\"hidden\" name=\"do\" value=\"add\">";
[14]111 }
112
[2]113 //-----------------------fine visualizza riga superiore per inserimento -
114 echo "<input type=\"hidden\" name=\"id_cons_gen\" value=\"$id_cons_gen\">"
115 ."<input type=\"hidden\" name=\"id_gruppo\" value=\"".$gru['id_gruppo']."\">"
[252]116 ."<input type=\"text\" name=\"num_gruppo\" value=\"$nuovo_gruppo\" size=\"3\"></td>";
117 #referendum modif 15 aprile 2016 luc
118 if($tipo_cons==2) echo "<td><textarea rows=\"7\" cols=\"50\" name=\"descr_gruppo\"> ".$gru['descrizione']."</textarea></td>";
119 else echo "<td><input type=\"text\" name=\"descr_gruppo\" value=\"".$gru['descrizione']."\"></td>";
120
[86]121 echo "<td><input type=\"file\" name=\"stemma\" size=\"5\"></td>"; //file=$gru[simbolo]
122 if ($tipo_cons!=2)
[172]123 echo "<td><input type=\"file\" name=\"programma\" size=\"5\">";
[2]124 echo "<input type=\"hidden\" name=\"min\" value=\"$min\">";
125 echo "<input type=\"hidden\" name=\"id_comune\" value=\"$id_comune\">";
126 echo "<input type=\"hidden\" name=\"id_circ\" value=\"$id_circ\">";
127 echo "<input type=\"hidden\" name=\"id_cons\" value=\"$id_cons\">"
128 ."<input type=\"hidden\" name=\"id_cons_gen\" value=\"$id_cons_gen\">"
[172]129 ."<input type=\"hidden\" name=\"min\" value=\"$min\"></td>";
[2]130 if ($do=='modify')
131 echo "<td><input type=\"submit\" name=\"add\" value=\""._MODIFY."\"></td>";
132 else
133 echo "<td><input type=\"submit\" name=\"add\" value=\""._ADD."\"></td>";
[172]134 echo "</tr></table></form>";
135 echo "</td></tr>";
[2]136
137
[257]138 $sql="SELECT * FROM ".$prefix."_ele_gruppo where id_cons='$id_cons' $circo ";
139 $res = $dbi->prepare("$sql");
140 $res->execute();
141 $max = $res->rowCount();
142 $sql="select * from ".$prefix."_ele_gruppo where id_cons='$id_cons' $circo ORDER BY num_gruppo LIMIT $min,$offset";
143 $result = $dbi->prepare("$sql");
144 $result->execute();
145 while(list($id_cons2,$id_gruppo,$num_gruppo, $descr_gruppo, $simbolo,,, $prognome) = $result->fetch(PDO::FETCH_NUM)) {
146 $sql="select count(0) from ".$prefix."_ele_lista where id_gruppo='$id_gruppo'";
147 $restemp = $dbi->prepare("$sql");
148 $restemp->execute();
149 list($numtemp)=$restemp->fetch(PDO::FETCH_NUM);
[2]150 $bgcolor1=($bgcolor1==$_SESSION['bgcolor1'])?$_SESSION['bgcolor2']:$_SESSION['bgcolor1'];
151 if (!$simbolo) $simbolo="nulla.jpg";
152 echo "<tr bgcolor=\"$bgcolor1\"><td align=\"center\"><b>$num_gruppo</b></td>"
153 ."<td align=\"left\"><b>$descr_gruppo</b></td>";
154 echo "<td align=\"center\"><b>
[175]155 <img src=\"admin.php?op=foto&amp;id_gruppo=$id_gruppo\" width=\"50\" height=\"50\" alt=\"foto\"></b></td>";
[86]156 if ($tipo_cons!=2)
157 echo "<td>$prognome</td>";
158 echo "<td align=\"center\" nowrap>";
159 echo "[<a
[2]160 href=\"admin.php?op=gruppo&amp;do=modify&amp;id_gruppo=$id_gruppo&amp;id_cons_gen=$id_cons_gen&amp;id_circ=$id_circ&amp;min=$min\"><img src=\"modules/Elezioni/images/edit.gif\"
[175]161 border=\"0\" align=\"middle\" alt=\"edit\"> "._EDIT."</a>]";
[2]162 if (!$numtemp)
[175]163 echo "[<a href=\"admin.php?op=gruppo&amp;do=delete&amp;id_gruppo=$id_gruppo&amp;id_cons_gen=$id_cons_gen&amp;id_circ=$id_circ&amp;descr_gruppo=$descr_gruppo&amp;min=$min\">"._DELETE." <img src=\"modules/Elezioni/images/delete.gif\" border=\"0\" align=\"middle\" alt=\"delete\"></a>]";
[2]164 else
[175]165 echo " ["._DELETE." <img src=\"modules/Elezioni/images/delete.gif\" border=\"0\" align=\"middle\" alt=\"delete\">]";
[2]166 echo "</td></tr>";
167 }
168 echo "</table></center>";
169
170// #'Pagina precedente' e 'Pagina Successiva'
171
172 echo"<table align=\"center\" width=\"100%\" ><tr>";
173 $prev=$min-$offset;
174 if ($prev>=0) {
175 echo "<td colspan=\"5\" align=\"center\" bgcolor=\"$bgcolor1\"><a href=\"admin.php?op=gruppo&amp;id_gruppo=$id_gruppo&amp;id_cons_gen=$id_cons_gen&amp;id_comune=$id_comune&amp;min=$prev\">";
176 echo "<b>$offset "._PREV_MATCH."</b></a></td>";
177 }
178
179 $next=$min+$offset;
180 if ($next>=($offset-1)) {
181 if($next>=$max) $next = $max;
182 else {
183 echo "<td colspan=\"5\" align=\"center\" bgcolor=\"$bgcolor1\"><a href=\"admin.php?op=gruppo&amp;id_gruppo=$id_gruppo&amp;id_cons_gen=$id_cons_gen&amp;min=$next\">";
184 echo "<b>$offset "._NEXT_MATCH."</b></a></td>";
185 }
186 }
187 echo "</tr></table><br>";
188
189 }
190
191//***********************************************************
192//Funzione di inserimento e gestione dei gruppi
193//************************************************************
194
195function gruppo($ok, $do,$id_gruppo,$num_gruppo,$descr_gruppo, $simbolo,$id_circ) {
[172]196 global $delsimb,$delprog,$prefix, $dbi, $id_cons,$simbolo2,$genere,$id_cons_gen,$id_comune,$min;
[2]197 $aid=$_SESSION['aid'];
198 $perms=ChiSei($id_cons_gen);
199 if ($perms >16) {
200 if ($do == "delete") {
[257]201 if ($ok !="1") {
[2]202 ele();
203 echo "<center><br><br>"._DOMCANCELLA." "._GRUPPO." $descr_gruppo ?<br>";
[87]204 echo "[ <a href=\"admin.php?op=gruppo&amp;id_cons_gen=$id_cons_gen&amp;id_circ=$id_circ\">"._NO."</a> ] - [<a href=\"admin.php?op=gruppo&amp;do=delete&amp;id_gruppo=$id_gruppo&amp;id_cons_gen=$id_cons_gen&amp;id_comune=$id_comune&amp;min=$min&amp;ok=1\">"._YES."</a> ]";exit;
[257]205 }else{
206 $sql="select id_lista from ".$prefix."_ele_lista where id_gruppo='$id_gruppo'";
207 $reslis = $dbi->prepare("$sql");
208 $reslis->execute();
209 while (list($idlst)=$reslis->fetch(PDO::FETCH_NUM)){
210 $sql="select id_cand from ".$prefix."_ele_candidato where id_lista='$idlst'";
211 $rescan = $dbi->prepare("$sql");
212 $rescan->execute();
213 while (list($idcnd)=$rescan->fetch(PDO::FETCH_NUM)){
214 $sql="delete from ".$prefix."_ele_voti_candidati where id_cand='$idcnd'";
215 $res = $dbi->prepare("$sql");
216 $res->execute();
217 $sql="delete from ".$prefix."_ele_candidati where id_cand='$idcnd'";
218 $res = $dbi->prepare("$sql");
219 $res->execute();
220 }
221 $sql="delete from ".$prefix."_ele_voti_lista where id_lista='$idlst'";
222 $res = $dbi->prepare("$sql");
223 $res->execute();
224 $sql="delete from ".$prefix."_ele_lista where id_lista='$idlst'";
225 $res = $dbi->prepare("$sql");
226 $res->execute();
[101]227 }
[257]228 $sql="delete from ".$prefix."_ele_voti_gruppo where id_gruppo='$id_gruppo'";
229 $res = $dbi->prepare("$sql");
230 $res->execute();
231 $sql="delete from ".$prefix."_ele_gruppo where id_gruppo='$id_gruppo'";
232 $res = $dbi->prepare("$sql");
233 $res->execute();
[364]234 if (!$res) return;
[2]235 Header("Location: admin.php?op=gruppo&id_cons_gen=$id_cons_gen&id_circ=$id_circ&min=$min");
236 }
237 } elseif ($do == "add") {
238 if ($descr_gruppo) {
239 $stemmablob='';
[395]240 $stemmanome='';
[2]241 $STEMM=$_FILES['stemma'];
242 $filestemma=$STEMM['tmp_name'];
[395]243 #### Controllo della dimensione del file immagine
244 $lungh=filesize($filestemma);
245 if($lungh>60000){
246 $exploded = explode('.',$filestemma);
247 $allowedTypes = array(IMAGETYPE_PNG, IMAGETYPE_JPEG, IMAGETYPE_GIF);
248 $ext = exif_imagetype($filestemma);
249 if ($ext==1)
250 $imageTmp=imagecreatefromgif($filestemma);
251 elseif ($ext==2)
252 $imageTmp=imagecreatefromjpeg($filestemma);
253 elseif ($ext==3)
254 $imageTmp=imagecreatefrompng($filestemma);
255 elseif ($ext==6)
256 $imageTmp=imagecreatefrombmp($filestemma);
257 $x=100;$y=10;
258 while(filesize($filestemma)>60000 and $x>0){
259 imagejpeg($imageTmp, $filestemma, $x);
260 $x=$x-$y;
261 }
262 imagedestroy($imageTmp);
263 }
264 ####
[2]265 $nomestemma=$STEMM['name'];
266 if ($filestemma){
267 $fdstemma = fopen ("$filestemma", "rb");
268 $stemmacontents = fread ($fdstemma, filesize ("$filestemma"));
269 fclose ($fdstemma);
270 $stemmablob=addslashes($stemmacontents);
271 $stemmanome=addslashes($nomestemma);
272 }
[86]273
274 $progblob='';
275 $prognome='';
276 $PROG=$_FILES['programma'];
277 $fileprog=$PROG['tmp_name'];
278 $nomeprog=$PROG['name'];
279 if ($fileprog){
280 $fdprog = fopen ("$fileprog", "rb");
281 $progcontents = fread ($fdprog, filesize ("$fileprog"));
282 fclose ($fdprog);
283 $progblob=addslashes($progcontents);
284 $prognome=addslashes($nomeprog );
285 }
[257]286 $sql="insert into ".$prefix."_ele_gruppo (id_cons,id_gruppo,num_gruppo,descrizione,simbolo,stemma,id_circ,prognome,programma) values ('$id_cons','$id_gruppo','$num_gruppo','$descr_gruppo','$stemmanome','$stemmablob','$id_circ','$prognome','$progblob')";
287 $result = $dbi->prepare("$sql");
288 $result->execute();
289 if (!$result->rowCount()) return;
[2]290 Header("Location: admin.php?op=gruppo&id_cons_gen=$id_cons_gen&id_circ=$id_circ&min=$min");
291 } else {
292 ele();
293 OpenTable();
294 echo "<center>"._GESTIONE." "._GRUPPO." ";
[87]295 echo "<br><br><a href=\"admin.php?op=gruppo&amp;id_cons_gen=$id_cons_gen&amp;min=$min\">"._IMM." "._GRUPPO."</a></center>";
[2]296 CloseTable();
297 }
298 } elseif ($do == "update") {
[86]299 $progblob='';
300 $prognome='';
301 $PROG=$_FILES['programma'];
302 $fileprog=$PROG['tmp_name'];
303 $nomeprog=$PROG['name'];
304 if ($fileprog){
305 $fdprog = fopen ("$fileprog", "rb");
306 $progcontents = fread ($fdprog, filesize ("$fileprog"));
307 fclose ($fdprog);
308 $progblob=addslashes($progcontents);
309 $prognome=addslashes($nomeprog );
310 $cond=", prognome='$prognome', programma='$progblob'";
[172]311 } else {
312 if ( $delprog=='false') $cond=", prognome='', programma=''";
313 else $cond='';
314 }
[86]315
316
317
[2]318 $stemmablob='';
319 $stemmanome='';
320 $STEMM=$_FILES['stemma'];
321 $filestemma=$STEMM['tmp_name'];
[395]322 #### Controllo della dimensione del file immagine
323 $lungh=filesize($filestemma);
324 if($lungh>60000){
325 $exploded = explode('.',$filestemma);
326 $allowedTypes = array(IMAGETYPE_PNG, IMAGETYPE_JPEG, IMAGETYPE_GIF);
327 $ext = exif_imagetype($filestemma);
328 if ($ext==1)
329 $imageTmp=imagecreatefromgif($filestemma);
330 elseif ($ext==2)
331 $imageTmp=imagecreatefromjpeg($filestemma);
332 elseif ($ext==3)
333 $imageTmp=imagecreatefrompng($filestemma);
334 elseif ($ext==6)
335 $imageTmp=imagecreatefrombmp($filestemma);
336 $x=100;$y=10;
337 while(filesize($filestemma)>60000 and $x>0){
338 imagejpeg($imageTmp, $filestemma, $x);
339 $x=$x-$y;
340 }
341 imagedestroy($imageTmp);
342 }
343 ####
[2]344 $nomestemma=$STEMM['name'];
345 if ($filestemma){
346 $fdstemma = fopen ("$filestemma", "rb");
347 $stemmacontents = fread ($fdstemma, filesize ("$filestemma"));
348 fclose ($fdstemma);
349 $stemmablob=addslashes($stemmacontents);
350 $stemmanome=addslashes($nomestemma);
[86]351 $cond2=", simbolo='$stemmanome', stemma='$stemmablob'";
[172]352 } else {
353 if ( $delsimb=='false') $cond2=", simbolo='', stemma=''";
354 else $cond2='';
355 }
[257]356 $sql="update ".$prefix."_ele_gruppo set num_gruppo='$num_gruppo' , descrizione='$descr_gruppo' $cond $cond2 where id_gruppo='$id_gruppo' ";
357 $result = $dbi->prepare("$sql");
358 $result->execute();
[2]359 Header("Location: admin.php?op=gruppo&id_cons_gen=$id_cons_gen&id_circ=$id_circ&min=$min");
360 }
361
362 }
363}
364
365if ($do and $do!="modify")
366 gruppo($ok, $do,$id_gruppo,$num_gruppo,$descr_gruppo,$simbolo, $id_circ);
367ele();
368all();
369echo"</td></tr></table>";
370include("footer.php");
371
372
373
374
375?>
Note: See TracBrowser for help on using the repository browser.