source: trunk/admin/modules/Elezioni/ele_permessi.php@ 404

Last change on this file since 404 was 368, checked in by roby, 3 years ago

In admin:

  • un cambio di sezione involontario avveniva per operatori abilitati su singole sedi al passaggio da una scheda all'altra dello spoglio, corretto
  • nell'assegnazione dei permessi in caso di election day la sede autorizzata non veniva propagata correttamente a tutte le consultazioni, corretto

In client:

  • installazioni con configurazone di mysql che non permettono valori vuoti per il campo data danno errore nella visualizzazione dei grafici delle affluenze, corretto
File size: 11.3 KB
RevLine 
[2]1<?php
2/************************************************************************/
3/* Eleonline - Raccolta e diffusione dei dati elettorali */
4/* by Roberto Gigli & Luciano Apolito */
5/* http://www.eleonline.it */
6/* info@eleonline.it luciano@aniene.net rgigli@libero.it */
7/************************************************************************/
8/* Modulo Permessi */
9/* Amministrazione */
10/************************************************************************/
11
12if (!defined('ADMIN_FILE')) {
13 die ("You can't access this file directly...");
14}
15
16$param=strtolower($_SERVER['REQUEST_METHOD']) == 'get' ? $_GET : $_POST;
17$id_cons_gen=$param['id_cons_gen'];
18
19$perms=ChiSei($id_cons_gen);
20if ($perms<64 or !$id_cons_gen) die("Non hai i permessi per inserire dati ($perms)($id_cons_gen), o non hai scelto la consultazione!");
[257]21$sql="SELECT t1.tipo_cons,t2.id_cons FROM ".$prefix."_ele_consultazione as t1, ".$prefix."_ele_cons_comune as t2 where t1.id_cons_gen=t2.id_cons_gen and t2.id_cons_gen='$id_cons_gen' and t2.id_comune='$id_comune'";
22$res = $dbi->prepare("$sql");
23$res->execute();
24list($tipo_cons,$id_cons) = $res->fetch(PDO::FETCH_NUM);
[344]25if (isset($param['aid2'])) $aid2=addslashes($param['aid2']); else $aid2='';
[358]26if (isset($param['id_sede'])) $id_sede=intval($param['id_sede']); else $id_sede=0;
[344]27if (isset($param['do'])) $do=addslashes($param['do']); else $do='';
28if (isset($param['permessi'])) $permessi=addslashes($param['permessi']); else $permessi='';
[2]29if (isset($param['id_comune2'])) $id_comune2=intval($param['id_comune2']); else $id_comune2='';
30if (isset($param['ok'])) $ok=intval($param['ok']); else $ok='';
[344]31if (isset($param['mex'])) $mex=addslashes($param['mex']); else $mex='';
[358]32if (isset($param['id_sez'])) $id_sez=intval($param['id_sez']); else $id_sez=0;
[2]33
34include("modules/Elezioni/funzionidata.php");
35include("modules/Elezioni/ele.php");
36
37/******************************************************/
38/*Funzione di visualizzazione globale */
39/*****************************************************/
40//crea la pagina delle affluenze
41function all() {
[358]42 global $adminop,$adminsuper,$admincomune,$aid, $offset, $prefix, $dbi,$id_cons,$aid2,$permessi,$id_sede,$id_cons_gen,$id_comune,$mex,$id_sez;
[2]43 $bgcolor1=$_SESSION['bgcolor1'];
[358]44 echo "<SCRIPT type=\"text/javascript\">\n\n<!--\n"
45
46 ."//-->\n";
47 echo "function controlloref(idsede,idsez) {\n";
48 echo "let element = window.document.getElementById(idsede); \n";
49 echo "let elecontr = window.document.getElementById(idsez); \n";
50 echo "element.selectedIndex = 0 ; \n";
51 echo "}\n";
52 echo "function controllosez(idsez, idsede) {\n";
53 echo "let element = window.document.getElementById(idsez); \n";
54 echo "let elecontr = window.document.getElementById(idsede); \n";
55 echo "element.selectedIndex = 0; \n";
56 echo "}\n";
57 echo "</script>\n";
[2]58 if (isset($mex)){
59 echo "<table align=\"center\"><tr><td style=\"background-color: rgb(255, 0, 0)\">";
60 echo $mex;
61 echo "</td></tr></table>";
62 }
63 OpenTable();
[257]64 $sql="SELECT * FROM ".$prefix."_ele_operatori where id_cons=$id_cons and permessi<64 order by aid";
65 $resmod = $dbi->prepare("$sql");
66 $resmod->execute();
[2]67
68 echo "<br><table><tr align=\"center\" bgcolor=\"$bgcolor1\">";
69 echo "<td><b>"._UTENTE."</b></td>"
70 ."<td bgcolor=\"$bgcolor1\"><b>"._SEDE."</b></td>"
[358]71 ."<td bgcolor=\"$bgcolor1\"><b>"._SEZIONE."</b></td>"
[2]72 ."<td bgcolor=\"$bgcolor1\"><b>"._PERMESSI."</b></td>";
73 echo "<td bgcolor=\"$bgcolor1\"><b>"._FUNZIONI."</b></td></tr>";
74
75
76
[257]77 $sql="SELECT aid FROM ".$prefix."_ele_operatori where id_cons=$id_cons and permessi<64 order by aid";
78 $restmp = $dbi->prepare("$sql");
79 $restmp->execute();
[2]80 if($restmp) {
81 $listmp='';$virg='';
[257]82 while (list($artmp) = $restmp->fetch(PDO::FETCH_NUM)){ //elenco degli operatori gia' autorizzati
[2]83 $listmp .= $virg."'".$artmp."'";
84 $virg=',';
85 }
86 }
87 if (!$listmp) $listmp="''";
[358]88 $sql="select aid from ".$prefix."_authors where id_comune=$id_comune and (admincomune=0 and adminop=0 and aid not in ($listmp)) order by aid"; // operatori registrati ma non ancora autorizzati
[257]89 $resins = $dbi->prepare("$sql");
90 $resins->execute();
[358]91
[2]92 echo "<form name=\"autorizza\" action=\"admin.php\">"
93 ."<input type=\"hidden\" name=\"op\" value=\"permessi\">";
94 echo "<tr align=\"center\">";
95 echo "<td><select name=\"aid2\">";
96 echo "<option value=\"\">";
[257]97 if($resins->rowCount()) {
98 while(list($utente)=$resins->fetch(PDO::FETCH_NUM)){
[2]99 echo "<option value=\"$utente\">$utente";
100 }
101 }
102 echo "</select></td>";
[284]103 $sql="SELECT id_sede, indirizzo from ".$prefix."_ele_sede where id_cons=$id_cons";
[257]104 $ressede = $dbi->prepare("$sql");
105 $ressede->execute();
[358]106 echo "<td><select id=\"id_sede\" name=\"id_sede\" onchange=controllosez('id_sez','id_sede')>";
[2]107 echo "<option value=\"0\"> "._TUTTESEDI;
[257]108 if($ressede->rowCount())
109 while(list($id,$descr)=$ressede->fetch(PDO::FETCH_NUM)){
[2]110 $sel= ($id == $id_sede) ? "selected":"";
111 $arr[$id]=$descr;
112 echo "<option value=\"$id\" $sel>$descr";
113 }
114 echo "</select></td>";
[358]115 $sql="SELECT id_sez, num_sez from ".$prefix."_ele_sezioni where id_cons=$id_cons order by num_sez";
116 $ressez = $dbi->prepare("$sql");
117 $ressez->execute();
118 echo "<td><select id=\"id_sez\" name=\"id_sez\" onchange=controlloref('id_sede','id_sez')>";
119 echo "<option value=\"0\"> ";
120 if($ressez->rowCount())
121 while(list($id,$descr)=$ressez->fetch(PDO::FETCH_NUM)){
122 $sel= ($id == $id_sez) ? "selected":"";
123 $arr[$id]=$descr;
124 echo "<option value=\"$id\" $sel>$descr";
125 }
126 echo "</select></td>";
[2]127 echo "<td><select name=\"permessi\">";
128 if(!isset($permessi)) $permessi=16;
129 $sel=($permessi==32) ? "selected":"";
130 echo "<option value=\"32\" $sel>"._IMPOSTA_DATI;
131 $sel=($permessi==16) ? "selected":"";
132 echo "<option value=\"16\" $sel>"._INSERISCE_DATI;
133 $sel=($permessi==0) ? "selected":"";
134 echo "<option value=\"0\" $sel>"._SOSPESO;
135 echo "</select></td>";
136 echo "<input type=\"hidden\" name=\"id_cons_gen\" value=\"$id_cons_gen\">";
137 echo "<input type=\"hidden\" name=\"ok\" value=0>";
138 echo "<input type=\"hidden\" name=\"do\" value=\"autorizza\">";
139 echo "<td><input type=\"submit\" name=\"add\" value=\""._AGGIUNGI."\"></td></tr></form></table>";
140 echo "<br><hr><br><table>";
[257]141 if($resmod->rowCount()){
[2]142 $i=1;
[358]143 while (list($id_cons2,$id_sede2,$id_comunetemp,$perm,$utente,$id_circ2,$id_sez2) = $resmod->fetch(PDO::FETCH_NUM)){
[2]144 $bgcolor1=($bgcolor1==$_SESSION['bgcolor1'])?$_SESSION['bgcolor2']:$_SESSION['bgcolor1'];
145 echo "<form name=\"modello$i\" action=\"admin.php\">"
146 ."<input type=\"hidden\" name=\"op\" value=\"permessi\">";
147 echo "<input type=\"hidden\" name=\"do\" value=\"update\">";
148 echo "<input type=\"hidden\" name=\"aid2\" value=\"$utente\">";
149 echo "<input type=\"hidden\" name=\"id_cons_gen\" value=\"$id_cons_gen\">";
150 echo "<input type=\"hidden\" name=\"ok\" value=0>";
151 echo "<tr align=\"center\" bgcolor=\"$bgcolor1\">";
152 echo "<td align=\"center\" width=\"32\"><b>$utente</b></td>";
[257]153 $sql="SELECT id_sede, indirizzo from ".$prefix."_ele_sede where id_cons=$id_cons";
154 $ressede = $dbi->prepare("$sql");
155 $ressede->execute();
[358]156 echo "<td><select id=\"id_sede$i\" name=\"id_sede\" onchange=controllosez('id_sez$i','id_sede$i')>";
157# if($id_sez2)
158# echo "<option value=\"0\"> ";
159# else
160 echo "<option value=\"0\"> "._TUTTESEDI;
[257]161 while(list($id,$descr)=$ressede->fetch(PDO::FETCH_NUM)){
[2]162 $sel= ($id == $id_sede2) ? "selected":"";
163 $arr[$id]=$descr;
164 echo "<option value=\"$id\" $sel>$descr";
165 }
166 echo "</select></td>";
[358]167 $sql="SELECT id_sez, num_sez from ".$prefix."_ele_sezioni where id_cons=$id_cons order by num_sez";
168 $ressez = $dbi->prepare("$sql");
169 $ressez->execute();
170 echo "<td><select id=\"id_sez$i\" name=\"id_sez\" onchange=controlloref('id_sede$i','id_sez$i')>";
171 echo "<option value=\"0\"> ";
172 if($ressez->rowCount())
173 while(list($id,$descr)=$ressez->fetch(PDO::FETCH_NUM)){
174 $sel= ($id == $id_sez2) ? "selected":"";
175 $arr[$id]=$descr;
176 echo "<option value=\"$id\" $sel>$descr";
177 }
178 echo "</select></td>";
[2]179 echo "<td><select name=\"permessi\">";
180 if(!isset($perm)) $perm=16;
181 $sel=($perm==32) ? "selected":"";
182 echo "<option value=\"32\" $sel>"._IMPOSTA_DATI;
183 $sel=($perm==16) ? "selected":"";
184 echo "<option value=\"16\" $sel>"._INSERISCE_DATI;
185 $sel=($perm==0) ? "selected":"";
186 echo "<option value=\"0\" $sel>"._SOSPESO;
187 echo "</select></td>";
188 echo "<td><input type=\"submit\" name=\"add\" value=\""._OK."\"></td></tr></form>";
189 $i++;
190 }
191 }
192 echo "</table>";
193 CloseTable();
194}
195
[358]196function permessi($ok, $do,$aid2,$id_sede,$permessi,$id_comune,$id_sez) {
[2]197 global $prefix, $dbi, $id_cons,$id_cons_gen,$currentlang;
198 $perms=ChiSei($id_cons_gen);
199 if ($perms!=256) $id_comune=$_SESSION['id_comune'];
200 if ($perms>32 and $permessi<$perms and $aid2) {
201 if ($do == "autorizza") {
[367]202 if($id_sez) {
203 $sql="select num_sez from ".$prefix."_ele_sezioni where id_sez='$id_sez'";
204 $res = $dbi->prepare("$sql");
205 $res->execute();
206 list ($num_sez)=$res->fetch(PDO::FETCH_NUM);
[368]207 }elseif($id_sede) {
208 $sql="select indirizzo from ".$prefix."_ele_sede where id_sede='$id_sede'";
209 $res = $dbi->prepare("$sql");
210 $res->execute();
211 list ($indsede)=$res->fetch(PDO::FETCH_NUM);
[367]212 }
[366]213 $sql="select data_inizio from ".$prefix."_ele_consultazione where id_cons_gen='$id_cons_gen'";
214 $compl = $dbi->prepare("$sql");
215 $compl->execute();
216 list ($datarif)= $compl->fetch(PDO::FETCH_NUM);
217 $sql="select id_cons from ".$prefix."_ele_cons_comune where id_comune='$id_comune' and id_cons_gen in (select id_cons_gen from ".$prefix."_ele_consultazione where data_inizio='$datarif')";
218 $compl = $dbi->prepare("$sql");
219 $compl->execute();
220 while(list ($id_cons)= $compl->fetch(PDO::FETCH_NUM)){
[367]221 if($id_sez) {
222 $sql="select id_sez, id_sede from ".$prefix."_ele_sezioni where id_cons='$id_cons' and num_sez='$num_sez'";
223 $res = $dbi->prepare("$sql");
224 $res->execute();
225 if(!$res->rowCount()) continue;
226 list ($id_sez,$id_sede)=$res->fetch(PDO::FETCH_NUM);
[368]227 }elseif($id_sede) {
228 $sql="select id_sede from ".$prefix."_ele_sede where id_cons='$id_cons' and indirizzo='$indsede'";
229 $res = $dbi->prepare("$sql");
230 $res->execute();
231 if(!$res->rowCount()) continue;
232 list ($id_sede)=$res->fetch(PDO::FETCH_NUM);
[367]233 }
[366]234 $sql="select aid from ".$prefix."_ele_operatori where id_cons='$id_cons' and aid='$aid2'";
235 $res = $dbi->prepare("$sql");
236 $res->execute();
237 if($res->rowCount()) continue;
238 $sql="insert into ".$prefix."_ele_operatori (id_cons,id_sede,id_comune,permessi,aid,id_sez) values ('$id_cons','$id_sede','$id_comune','$permessi','$aid2','$id_sez')";
239 $res = $dbi->prepare("$sql");
240 $res->execute();
241 }
[2]242 Header("Location: admin.php?op=permessi&id_cons_gen=$id_cons_gen");
243 } elseif ($do == "update") {
[358]244 $sql="update ".$prefix."_ele_operatori set id_sede='$id_sede', permessi='$permessi', id_sez='$id_sez' where id_cons='$id_cons' and aid='$aid2' ";
[257]245 $res = $dbi->prepare("$sql");
[333]246 $res->execute();
247 $result=$res->rowCount();
[2]248 if (!$result) return;
249 Header("Location: admin.php?op=permessi&id_cons_gen=$id_cons_gen");
250 }
251 }
252}
253
254
255//****************************
256// switch
257//****************************
[358]258 if ($do) permessi($ok, $do,$aid2,$id_sede,$permessi,$id_comune,$id_sez);
[2]259 ele();
260 all();
261 include("footer.php");
262?>
263
Note: See TracBrowser for help on using the repository browser.