source: trunk/admin/modules/Elezioni/ele_operatori.php@ 303

Last change on this file since 303 was 257, checked in by roby, 6 years ago
File size: 7.9 KB
Line 
1<?php
2/************************************************************************/
3/* Eleonline - Raccolta e diffusione dei dati elettorali */
4/* by Roberto Gigli & Luciano Apolito */
5/* http://www.eleonline.it */
6/* info@eleonline.it luciano@aniene.net rgigli@libero.it */
7/************************************************************************/
8/* Modulo Operatori */
9/* Amministrazione */
10/************************************************************************/
11if (!defined('ADMIN_FILE')) {
12 die ("You can't access this file directly...");
13}
14
15$perms=ChiSei($id_cons_gen);
16if (($perms<64 or !$id_cons_gen) and $perms!=256) die("(($perms<64 or !$id_cons_gen) and $perms!=256)Non hai i permessi per inserire dati, o non hai scelto la consultazione!");
17$sql="SELECT t1.tipo_cons,t2.id_cons FROM ".$prefix."_ele_consultazione as t1, ".$prefix."_ele_cons_comune as t2 where t1.id_cons_gen=t2.id_cons_gen and t2.id_cons_gen='$id_cons_gen' and t2.id_comune='$id_comune'";
18$res = $dbi->prepare("$sql");
19$res->execute();
20list($tipo_cons,$id_cons) = $res->fetch(PDO::FETCH_NUM);
21if (isset($_GET['aid2'])) get_magic_quotes_gpc() ? $aid2=$param['aid2']:$aid2=addslashes($param['aid2']); else {if ($perms==256) $aid2='admin'; else $aid2='';}
22if (isset($_GET['id_sede'])) $id_sede=intval($_GET['id_sede']); else $id_sede='';
23if (isset($_GET['do'])) get_magic_quotes_gpc() ? $do=$param['do']:$do=addslashes($param['do']); else $do='';
24if (isset($_GET['name'])) get_magic_quotes_gpc() ? $name=$param['name']:$name=addslashes($param['name']); else $name='';
25if (isset($_GET['email'])) get_magic_quotes_gpc() ? $email=$param['email']:$email=addslashes($param['email']); else $email='';
26if (isset($_GET['passwd'])) get_magic_quotes_gpc() ? $passwd=$param['passwd']:$passwd=addslashes($param['passwd']); else $passwd='';
27if (isset($_GET['passwd2'])) get_magic_quotes_gpc() ? $passwd2=$param['passwd2']:$passwd2=addslashes($param['passwd2']); else $passwd2='';
28
29include("modules/Elezioni/funzionidata.php");
30include("modules/Elezioni/ele.php");
31
32/******************************************************/
33/*Funzione di visualizzazione globale */
34/*****************************************************/
35//crea la pagina delle affluenze
36function all() {
37 global $aid, $offset, $prefix, $dbi,$id_cons,$aid2,$id_sede,$id_cons_gen,$mex,$perms;
38 //echo $perms;die();
39 $bgcolor1=$_SESSION['bgcolor1'];
40 $id_comune=$_SESSION['id_comune'];
41 $user=$aid;
42 $sql="select descrizione from ".$prefix."_ele_comuni where id_comune=$id_comune";
43 $rescom = $dbi->prepare("$sql");
44 $rescom->execute();
45 list($descr_com) = $rescom->fetch(PDO::FETCH_NUM);
46 $sql="SELECT aid,name,email FROM ".$prefix."_authors where aid='$aid2' and id_comune='$id_comune'";
47 $resmod = $dbi->prepare("$sql");
48 $resmod->execute();
49 list ($aid2,$name,$email) = $resmod->fetch(PDO::FETCH_NUM);
50 if (isset($_GET['mex'])){
51 echo "<table align=\"center\"><tr><td style=\"background-color: rgb(255, 0, 0)\">";
52 echo $_GET['mex'];
53 echo "</td></tr></table>";
54 }
55# OpenTable();
56 echo "<table>";
57 $esiste=0;
58 echo "<tr><td>";
59 echo "<form name=\"autorizza\" action=\"admin.php\">";
60 echo "<table style=\"color: #000000;\"><tr align=\"center\" bgcolor=\"$bgcolor1\">";
61 echo "<td><b>"._UTENTE."</b></td>";
62 $sql="select aid from ".$prefix."_authors where id_comune='$id_comune' order by aid";
63 $resins = $dbi->prepare("$sql");
64 $resins->execute();
65 echo "</tr><tr align=\"center\">";
66 echo "<td><input type=\"hidden\" name=\"pag_op\" value=\"admin.php?op=operatori&amp;id_cons_gen=$id_cons_gen&amp;aid2=\">";
67 echo "<select name=\"aid2\" onChange=\"top.location.href=this.form.pag_op.value+this.form.aid2.options[this.form.aid2.selectedIndex].value;return false\">";
68 echo "<option value=\"\">";
69 while(list($utente)=$resins->fetch(PDO::FETCH_NUM)){
70 $sel= ($utente == $aid2) ? "selected":"";
71 echo "<option value=\"$utente\" $sel>$utente";
72 if($utente=="admin") $esiste=1;
73 }
74 echo "</select></td>";
75 echo "</tr></table></form><br><hr>";
76# $sql="SELECT * FROM ".$prefix."_authors where id_cons='$id_cons' and id_comune='$id_comune'";
77# $resmod = $dbi->prepare("$sql");
78# $resmod->execute();
79 echo "<form name=\"modello\" action=\"admin.php\">";
80 echo "<table style=\"color: #000000;\">";
81 if ($perms==256) echo "<tr><td colspan=\"6\">"._NOTAOP." <b>$descr_com</b><hr></td></tr>";
82 echo "<tr align=\"center\" bgcolor=\"$bgcolor1\">";
83 echo "<td><b>"._UTENTE."</b></td>";
84 echo "<td><b>"._PASSWORD."</b></td>";
85 echo "<td><b>"._RIPETI."</b></td>";
86 echo "<td bgcolor=\"$bgcolor1\"><b>"._NOME."</b></td>"
87 ."<td bgcolor=\"$bgcolor1\"><b>"._EMAIL."</b></td>";
88 echo "<td bgcolor=\"$bgcolor1\"><b>"._FUNZIONI."</b></td></tr>";
89 echo "<tr align=\"center\"><td>";
90 echo "<input type=\"hidden\" name=\"op\" value=\"operatori\">"
91 ."<input type=\"hidden\" name=\"id_comune\" value=\"$id_comune\">";
92 if ($perms==256 and $aid2==''){
93 if($esiste) $supadm=''; else $supadm='admin';
94 echo "<input name=\"aid2\" value=\"$supadm\"></td>";
95 }else
96 echo "<input name=\"aid2\" value=\"$aid2\"></td>";
97 echo "<td align=\"center\"><input type=password name=\"passwd\" size=\"12\"></td>";
98 echo "<td align=\"center\"><input type=password name=\"passwd2\" size=\"12\"></td>";
99 echo "<td><input name=\"name\" value=\"$name\"></td>";
100 echo "<td><input name=\"email\" value=\"$email\">";
101 echo "<input type=\"hidden\" name=\"id_cons_gen\" value=\"$id_cons_gen\">";
102 echo "<input type=\"hidden\" name=\"ok\" value=0></td>";
103 if ($aid2) {
104 echo "<td><input type=\"hidden\" name=\"do\" value=\"update\">";
105 echo "<input type=\"submit\" name=\"add\" value=\""._MODIFY."\"></td></tr>";
106 }else{
107 echo "<td><input type=\"hidden\" name=\"do\" value=\"add\">";
108 echo "<input type=\"submit\" name=\"add\" value=\""._NEW." "._UTENTE."\"></td></tr>";
109 }
110 echo "</table></form><br>";
111
112 CloseTable();
113}
114
115function operatori($do,$aid2,$name,$email,$passwd,$passwd2,$id_comune) {
116 global $aid, $prefix, $dbi, $id_cons,$id_cons_gen,$currentlang;
117 $perms=ChiSei($id_cons_gen);
118
119 if ($perms!=256) $id_comune=$_SESSION['id_comune'];
120 if ($perms>32 and $aid2) {
121 if ($do == "add") {
122 $sql="select * from ".$prefix."_authors where aid='$aid2' and id_comune=$id_comune";
123 $res = $dbi->prepare("$sql");
124 $res->execute();
125 $max=$res->rowCount();
126 if ($passwd==$passwd2 and $max==0){
127 if ($aid2=='admin') $super='1,0,0,'; else $super = '0,1,0,';
128 $sql="insert into ".$prefix."_authors (aid,name,id_comune,email,pwd,counter,adminop,admincomune,adminsuper,admlanguage) values ('$aid2','$name','$id_comune' , '$email','".md5($passwd)."',0,$super'$currentlang')";
129 $res = $dbi->prepare("$sql");
130 $res->execute();
131 if ($perms==256 and $aid2=='admin'){
132 $sql="insert into ".$prefix."_ele_operatori (id_cons,id_sede,id_comune,permessi,aid) values ('0','0','$id_comune','64','$aid2')";
133 $res = $dbi->prepare("$sql");
134 $res->execute();
135 }
136 Header("Location: admin.php?op=operatori&id_cons_gen=$id_cons_gen");
137 }else{
138 $mex='';
139 if($passwd!=$passwd2) $mex="- Le password non coincidono! -<br>";
140 if($max>0) $mex.=" - Utente <b>$aid2</b> presente in archivio! - ";
141 header("location:admin.php?op=operatori&id_cons_gen=$id_cons_gen&aid2=$aid2&name=$name&email=$email&mex=$mex");
142 }
143 } elseif ($do == "update") {
144 $sql="update ".$prefix."_authors set name='$name',pwd='".md5($passwd)."', email='$email' where id_comune='$id_comune' and aid='$aid2' ";
145 $res = $dbi->prepare("$sql");
146 $res->execute();
147 if (!$result) return;
148 if ($aid2==$aid) $_SESSION['pwd']=md5($passwd);
149 Header("Location: admin.php?op=operatori&id_cons_gen=$id_cons_gen");
150 }
151 }
152}
153
154
155//****************************
156// switch
157//****************************
158 if ($do) operatori($do,$aid2,$name,$email,$passwd,$passwd2,$id_comune);
159 ele();
160 all();
161 echo"</td></tr></table>";
162 include("footer.php");
163?>
164
Note: See TracBrowser for help on using the repository browser.