[2] | 1 | <?php
|
---|
| 2 | /************************************************************************/
|
---|
| 3 | /* Eleonline - Raccolta e diffusione dei dati elettorali */
|
---|
| 4 | /* by Roberto Gigli & Luciano Apolito */
|
---|
| 5 | /* http://www.eleonline.it */
|
---|
| 6 | /* info@eleonline.it luciano@aniene.net rgigli@libero.it */
|
---|
| 7 | /************************************************************************/
|
---|
| 8 | /* Modulo Permessi */
|
---|
| 9 | /* Amministrazione */
|
---|
| 10 | /************************************************************************/
|
---|
| 11 |
|
---|
| 12 | if (!defined('ADMIN_FILE')) {
|
---|
| 13 | die ("You can't access this file directly...");
|
---|
| 14 | }
|
---|
| 15 |
|
---|
| 16 | $param=strtolower($_SERVER['REQUEST_METHOD']) == 'get' ? $_GET : $_POST;
|
---|
| 17 | $id_cons_gen=$param['id_cons_gen'];
|
---|
| 18 |
|
---|
| 19 | $perms=ChiSei($id_cons_gen);
|
---|
| 20 | if ($perms<64 or !$id_cons_gen) die("Non hai i permessi per inserire dati ($perms)($id_cons_gen), o non hai scelto la consultazione!");
|
---|
[257] | 21 | $sql="SELECT t1.tipo_cons,t2.id_cons FROM ".$prefix."_ele_consultazione as t1, ".$prefix."_ele_cons_comune as t2 where t1.id_cons_gen=t2.id_cons_gen and t2.id_cons_gen='$id_cons_gen' and t2.id_comune='$id_comune'";
|
---|
| 22 | $res = $dbi->prepare("$sql");
|
---|
| 23 | $res->execute();
|
---|
| 24 | list($tipo_cons,$id_cons) = $res->fetch(PDO::FETCH_NUM);
|
---|
[344] | 25 | if (isset($param['aid2'])) $aid2=addslashes($param['aid2']); else $aid2='';
|
---|
[358] | 26 | if (isset($param['id_sede'])) $id_sede=intval($param['id_sede']); else $id_sede=0;
|
---|
[344] | 27 | if (isset($param['do'])) $do=addslashes($param['do']); else $do='';
|
---|
| 28 | if (isset($param['permessi'])) $permessi=addslashes($param['permessi']); else $permessi='';
|
---|
[2] | 29 | if (isset($param['id_comune2'])) $id_comune2=intval($param['id_comune2']); else $id_comune2='';
|
---|
| 30 | if (isset($param['ok'])) $ok=intval($param['ok']); else $ok='';
|
---|
[344] | 31 | if (isset($param['mex'])) $mex=addslashes($param['mex']); else $mex='';
|
---|
[358] | 32 | if (isset($param['id_sez'])) $id_sez=intval($param['id_sez']); else $id_sez=0;
|
---|
[2] | 33 |
|
---|
| 34 | include("modules/Elezioni/funzionidata.php");
|
---|
| 35 | include("modules/Elezioni/ele.php");
|
---|
| 36 |
|
---|
| 37 | /******************************************************/
|
---|
| 38 | /*Funzione di visualizzazione globale */
|
---|
| 39 | /*****************************************************/
|
---|
| 40 | //crea la pagina delle affluenze
|
---|
| 41 | function all() {
|
---|
[358] | 42 | global $adminop,$adminsuper,$admincomune,$aid, $offset, $prefix, $dbi,$id_cons,$aid2,$permessi,$id_sede,$id_cons_gen,$id_comune,$mex,$id_sez;
|
---|
[2] | 43 | $bgcolor1=$_SESSION['bgcolor1'];
|
---|
[358] | 44 | echo "<SCRIPT type=\"text/javascript\">\n\n<!--\n"
|
---|
| 45 |
|
---|
| 46 | ."//-->\n";
|
---|
| 47 | echo "function controlloref(idsede,idsez) {\n";
|
---|
| 48 | echo "let element = window.document.getElementById(idsede); \n";
|
---|
| 49 | echo "let elecontr = window.document.getElementById(idsez); \n";
|
---|
| 50 | echo "element.selectedIndex = 0 ; \n";
|
---|
| 51 | echo "}\n";
|
---|
| 52 | echo "function controllosez(idsez, idsede) {\n";
|
---|
| 53 | echo "let element = window.document.getElementById(idsez); \n";
|
---|
| 54 | echo "let elecontr = window.document.getElementById(idsede); \n";
|
---|
| 55 | echo "element.selectedIndex = 0; \n";
|
---|
| 56 | echo "}\n";
|
---|
| 57 | echo "</script>\n";
|
---|
[2] | 58 | if (isset($mex)){
|
---|
| 59 | echo "<table align=\"center\"><tr><td style=\"background-color: rgb(255, 0, 0)\">";
|
---|
| 60 | echo $mex;
|
---|
| 61 | echo "</td></tr></table>";
|
---|
| 62 | }
|
---|
| 63 | OpenTable();
|
---|
[257] | 64 | $sql="SELECT * FROM ".$prefix."_ele_operatori where id_cons=$id_cons and permessi<64 order by aid";
|
---|
| 65 | $resmod = $dbi->prepare("$sql");
|
---|
| 66 | $resmod->execute();
|
---|
[2] | 67 |
|
---|
| 68 | echo "<br><table><tr align=\"center\" bgcolor=\"$bgcolor1\">";
|
---|
| 69 | echo "<td><b>"._UTENTE."</b></td>"
|
---|
| 70 | ."<td bgcolor=\"$bgcolor1\"><b>"._SEDE."</b></td>"
|
---|
[358] | 71 | ."<td bgcolor=\"$bgcolor1\"><b>"._SEZIONE."</b></td>"
|
---|
[2] | 72 | ."<td bgcolor=\"$bgcolor1\"><b>"._PERMESSI."</b></td>";
|
---|
| 73 | echo "<td bgcolor=\"$bgcolor1\"><b>"._FUNZIONI."</b></td></tr>";
|
---|
| 74 |
|
---|
| 75 |
|
---|
| 76 |
|
---|
[257] | 77 | $sql="SELECT aid FROM ".$prefix."_ele_operatori where id_cons=$id_cons and permessi<64 order by aid";
|
---|
| 78 | $restmp = $dbi->prepare("$sql");
|
---|
| 79 | $restmp->execute();
|
---|
[2] | 80 | if($restmp) {
|
---|
| 81 | $listmp='';$virg='';
|
---|
[257] | 82 | while (list($artmp) = $restmp->fetch(PDO::FETCH_NUM)){ //elenco degli operatori gia' autorizzati
|
---|
[2] | 83 | $listmp .= $virg."'".$artmp."'";
|
---|
| 84 | $virg=',';
|
---|
| 85 | }
|
---|
| 86 | }
|
---|
| 87 | if (!$listmp) $listmp="''";
|
---|
[358] | 88 | $sql="select aid from ".$prefix."_authors where id_comune=$id_comune and (admincomune=0 and adminop=0 and aid not in ($listmp)) order by aid"; // operatori registrati ma non ancora autorizzati
|
---|
[257] | 89 | $resins = $dbi->prepare("$sql");
|
---|
| 90 | $resins->execute();
|
---|
[358] | 91 |
|
---|
[2] | 92 | echo "<form name=\"autorizza\" action=\"admin.php\">"
|
---|
| 93 | ."<input type=\"hidden\" name=\"op\" value=\"permessi\">";
|
---|
| 94 | echo "<tr align=\"center\">";
|
---|
| 95 | echo "<td><select name=\"aid2\">";
|
---|
| 96 | echo "<option value=\"\">";
|
---|
[257] | 97 | if($resins->rowCount()) {
|
---|
| 98 | while(list($utente)=$resins->fetch(PDO::FETCH_NUM)){
|
---|
[2] | 99 | echo "<option value=\"$utente\">$utente";
|
---|
| 100 | }
|
---|
| 101 | }
|
---|
| 102 | echo "</select></td>";
|
---|
[284] | 103 | $sql="SELECT id_sede, indirizzo from ".$prefix."_ele_sede where id_cons=$id_cons";
|
---|
[257] | 104 | $ressede = $dbi->prepare("$sql");
|
---|
| 105 | $ressede->execute();
|
---|
[358] | 106 | echo "<td><select id=\"id_sede\" name=\"id_sede\" onchange=controllosez('id_sez','id_sede')>";
|
---|
[2] | 107 | echo "<option value=\"0\"> "._TUTTESEDI;
|
---|
[257] | 108 | if($ressede->rowCount())
|
---|
| 109 | while(list($id,$descr)=$ressede->fetch(PDO::FETCH_NUM)){
|
---|
[2] | 110 | $sel= ($id == $id_sede) ? "selected":"";
|
---|
| 111 | $arr[$id]=$descr;
|
---|
| 112 | echo "<option value=\"$id\" $sel>$descr";
|
---|
| 113 | }
|
---|
| 114 | echo "</select></td>";
|
---|
[358] | 115 | $sql="SELECT id_sez, num_sez from ".$prefix."_ele_sezioni where id_cons=$id_cons order by num_sez";
|
---|
| 116 | $ressez = $dbi->prepare("$sql");
|
---|
| 117 | $ressez->execute();
|
---|
| 118 | echo "<td><select id=\"id_sez\" name=\"id_sez\" onchange=controlloref('id_sede','id_sez')>";
|
---|
| 119 | echo "<option value=\"0\"> ";
|
---|
| 120 | if($ressez->rowCount())
|
---|
| 121 | while(list($id,$descr)=$ressez->fetch(PDO::FETCH_NUM)){
|
---|
| 122 | $sel= ($id == $id_sez) ? "selected":"";
|
---|
| 123 | $arr[$id]=$descr;
|
---|
| 124 | echo "<option value=\"$id\" $sel>$descr";
|
---|
| 125 | }
|
---|
| 126 | echo "</select></td>";
|
---|
[2] | 127 | echo "<td><select name=\"permessi\">";
|
---|
| 128 | if(!isset($permessi)) $permessi=16;
|
---|
| 129 | $sel=($permessi==32) ? "selected":"";
|
---|
| 130 | echo "<option value=\"32\" $sel>"._IMPOSTA_DATI;
|
---|
| 131 | $sel=($permessi==16) ? "selected":"";
|
---|
| 132 | echo "<option value=\"16\" $sel>"._INSERISCE_DATI;
|
---|
| 133 | $sel=($permessi==0) ? "selected":"";
|
---|
| 134 | echo "<option value=\"0\" $sel>"._SOSPESO;
|
---|
| 135 | echo "</select></td>";
|
---|
| 136 | echo "<input type=\"hidden\" name=\"id_cons_gen\" value=\"$id_cons_gen\">";
|
---|
| 137 | echo "<input type=\"hidden\" name=\"ok\" value=0>";
|
---|
| 138 | echo "<input type=\"hidden\" name=\"do\" value=\"autorizza\">";
|
---|
| 139 | echo "<td><input type=\"submit\" name=\"add\" value=\""._AGGIUNGI."\"></td></tr></form></table>";
|
---|
| 140 | echo "<br><hr><br><table>";
|
---|
[257] | 141 | if($resmod->rowCount()){
|
---|
[2] | 142 | $i=1;
|
---|
[358] | 143 | while (list($id_cons2,$id_sede2,$id_comunetemp,$perm,$utente,$id_circ2,$id_sez2) = $resmod->fetch(PDO::FETCH_NUM)){
|
---|
[2] | 144 | $bgcolor1=($bgcolor1==$_SESSION['bgcolor1'])?$_SESSION['bgcolor2']:$_SESSION['bgcolor1'];
|
---|
| 145 | echo "<form name=\"modello$i\" action=\"admin.php\">"
|
---|
| 146 | ."<input type=\"hidden\" name=\"op\" value=\"permessi\">";
|
---|
| 147 | echo "<input type=\"hidden\" name=\"do\" value=\"update\">";
|
---|
| 148 | echo "<input type=\"hidden\" name=\"aid2\" value=\"$utente\">";
|
---|
| 149 | echo "<input type=\"hidden\" name=\"id_cons_gen\" value=\"$id_cons_gen\">";
|
---|
| 150 | echo "<input type=\"hidden\" name=\"ok\" value=0>";
|
---|
| 151 | echo "<tr align=\"center\" bgcolor=\"$bgcolor1\">";
|
---|
| 152 | echo "<td align=\"center\" width=\"32\"><b>$utente</b></td>";
|
---|
[257] | 153 | $sql="SELECT id_sede, indirizzo from ".$prefix."_ele_sede where id_cons=$id_cons";
|
---|
| 154 | $ressede = $dbi->prepare("$sql");
|
---|
| 155 | $ressede->execute();
|
---|
[358] | 156 | echo "<td><select id=\"id_sede$i\" name=\"id_sede\" onchange=controllosez('id_sez$i','id_sede$i')>";
|
---|
| 157 | # if($id_sez2)
|
---|
| 158 | # echo "<option value=\"0\"> ";
|
---|
| 159 | # else
|
---|
| 160 | echo "<option value=\"0\"> "._TUTTESEDI;
|
---|
[257] | 161 | while(list($id,$descr)=$ressede->fetch(PDO::FETCH_NUM)){
|
---|
[2] | 162 | $sel= ($id == $id_sede2) ? "selected":"";
|
---|
| 163 | $arr[$id]=$descr;
|
---|
| 164 | echo "<option value=\"$id\" $sel>$descr";
|
---|
| 165 | }
|
---|
| 166 | echo "</select></td>";
|
---|
[358] | 167 | $sql="SELECT id_sez, num_sez from ".$prefix."_ele_sezioni where id_cons=$id_cons order by num_sez";
|
---|
| 168 | $ressez = $dbi->prepare("$sql");
|
---|
| 169 | $ressez->execute();
|
---|
| 170 | echo "<td><select id=\"id_sez$i\" name=\"id_sez\" onchange=controlloref('id_sede$i','id_sez$i')>";
|
---|
| 171 | echo "<option value=\"0\"> ";
|
---|
| 172 | if($ressez->rowCount())
|
---|
| 173 | while(list($id,$descr)=$ressez->fetch(PDO::FETCH_NUM)){
|
---|
| 174 | $sel= ($id == $id_sez2) ? "selected":"";
|
---|
| 175 | $arr[$id]=$descr;
|
---|
| 176 | echo "<option value=\"$id\" $sel>$descr";
|
---|
| 177 | }
|
---|
| 178 | echo "</select></td>";
|
---|
[2] | 179 | echo "<td><select name=\"permessi\">";
|
---|
| 180 | if(!isset($perm)) $perm=16;
|
---|
| 181 | $sel=($perm==32) ? "selected":"";
|
---|
| 182 | echo "<option value=\"32\" $sel>"._IMPOSTA_DATI;
|
---|
| 183 | $sel=($perm==16) ? "selected":"";
|
---|
| 184 | echo "<option value=\"16\" $sel>"._INSERISCE_DATI;
|
---|
| 185 | $sel=($perm==0) ? "selected":"";
|
---|
| 186 | echo "<option value=\"0\" $sel>"._SOSPESO;
|
---|
| 187 | echo "</select></td>";
|
---|
| 188 | echo "<td><input type=\"submit\" name=\"add\" value=\""._OK."\"></td></tr></form>";
|
---|
| 189 | $i++;
|
---|
| 190 | }
|
---|
| 191 | }
|
---|
| 192 | echo "</table>";
|
---|
| 193 | CloseTable();
|
---|
| 194 | }
|
---|
| 195 |
|
---|
[358] | 196 | function permessi($ok, $do,$aid2,$id_sede,$permessi,$id_comune,$id_sez) {
|
---|
[2] | 197 | global $prefix, $dbi, $id_cons,$id_cons_gen,$currentlang;
|
---|
| 198 | $perms=ChiSei($id_cons_gen);
|
---|
| 199 | if ($perms!=256) $id_comune=$_SESSION['id_comune'];
|
---|
| 200 | if ($perms>32 and $permessi<$perms and $aid2) {
|
---|
| 201 | if ($do == "autorizza") {
|
---|
[366] | 202 | $sql="select num_sez from ".$prefix."_ele_sezioni where id_sez='$id_sez'";
|
---|
[257] | 203 | $res = $dbi->prepare("$sql");
|
---|
[366] | 204 | $res->execute();
|
---|
| 205 | list ($num_sez)=$res->fetch(PDO::FETCH_NUM);
|
---|
| 206 | $sql="select data_inizio from ".$prefix."_ele_consultazione where id_cons_gen='$id_cons_gen'";
|
---|
| 207 | $compl = $dbi->prepare("$sql");
|
---|
| 208 | $compl->execute();
|
---|
| 209 | list ($datarif)= $compl->fetch(PDO::FETCH_NUM);
|
---|
| 210 | $sql="select id_cons from ".$prefix."_ele_cons_comune where id_comune='$id_comune' and id_cons_gen in (select id_cons_gen from ".$prefix."_ele_consultazione where data_inizio='$datarif')";
|
---|
| 211 | $compl = $dbi->prepare("$sql");
|
---|
| 212 | $compl->execute();
|
---|
| 213 | while(list ($id_cons)= $compl->fetch(PDO::FETCH_NUM)){
|
---|
| 214 | $sql="select id_sez, id_sede from ".$prefix."_ele_sezioni where id_cons='$id_cons' and num_sez='$num_sez'";
|
---|
| 215 | $res = $dbi->prepare("$sql");
|
---|
| 216 | $res->execute();
|
---|
| 217 | if(!$res->rowCount()) continue;
|
---|
| 218 | list ($id_sez,$id_sede)=$res->fetch(PDO::FETCH_NUM);
|
---|
| 219 | $sql="select aid from ".$prefix."_ele_operatori where id_cons='$id_cons' and aid='$aid2'";
|
---|
| 220 | $res = $dbi->prepare("$sql");
|
---|
| 221 | $res->execute();
|
---|
| 222 | if($res->rowCount()) continue;
|
---|
| 223 | $sql="insert into ".$prefix."_ele_operatori (id_cons,id_sede,id_comune,permessi,aid,id_sez) values ('$id_cons','$id_sede','$id_comune','$permessi','$aid2','$id_sez')";
|
---|
| 224 | $res = $dbi->prepare("$sql");
|
---|
| 225 | $res->execute();
|
---|
| 226 | }
|
---|
[2] | 227 | Header("Location: admin.php?op=permessi&id_cons_gen=$id_cons_gen");
|
---|
| 228 | } elseif ($do == "update") {
|
---|
[358] | 229 | $sql="update ".$prefix."_ele_operatori set id_sede='$id_sede', permessi='$permessi', id_sez='$id_sez' where id_cons='$id_cons' and aid='$aid2' ";
|
---|
[257] | 230 | $res = $dbi->prepare("$sql");
|
---|
[333] | 231 | $res->execute();
|
---|
| 232 | $result=$res->rowCount();
|
---|
[2] | 233 | if (!$result) return;
|
---|
| 234 | Header("Location: admin.php?op=permessi&id_cons_gen=$id_cons_gen");
|
---|
| 235 | }
|
---|
| 236 | }
|
---|
| 237 | }
|
---|
| 238 |
|
---|
| 239 |
|
---|
| 240 | //****************************
|
---|
| 241 | // switch
|
---|
| 242 | //****************************
|
---|
[358] | 243 | if ($do) permessi($ok, $do,$aid2,$id_sede,$permessi,$id_comune,$id_sez);
|
---|
[2] | 244 | ele();
|
---|
| 245 | all();
|
---|
| 246 | include("footer.php");
|
---|
| 247 | ?>
|
---|
| 248 |
|
---|