Changeset 361 for trunk/admin/admin.php

Timestamp:

Mar 17, 2022, 4:12:48 PM (2 years ago)

Author:

roby

Message:

Terzo aggiornamento con modifiche per la gestione delle funzioni per cellulare oltre modifiche alla funzione di autorizzazione.

File:

• trunk/admin/admin.php (modified) (7 diffs)

trunk/admin/admin.php

@@ -17 +17 @@
 #$LIMITE=3; //fascia di separazione del maggioritario (15.000 abitanti)
 # tempo di sessione: ini_set('session.gc_maxlifetime','3600');
-global $multicomune,$msglogout,$language;
+global $multicomune,$msglogout,$language,$id_sez;
 
 // Adattamento variabili superglobal
@@ -301 +301 @@
 $session=$_SESSION['remote'];
 
-$perms=ChiSei($id_cons_gen); #die("qui".$_SESSION['aid']);
-if($perms==0) {logout();} 
-}
+}
+
 
 
@@ -325 +324 @@
 $adminsuper=$row[0];
 $admincomune=$row[1];
-$adminop=$row[2]; 
+$oper=$row[2]; 
         
 #if (($adminsuper==1 || $admincomune==1 || $adminop==1)) {
@@ -333 +332 @@
                 return 64;
 #               $sth = $dbi->prepare("select permessi from ".$prefix."_ele_operatori where id_cons='0' and aid='$aid' and id_comune='$id_comune'");
-
-        $sth = $dbi->prepare("select id_cons from ".$prefix."_ele_cons_comune where id_comune='$id_comune' and id_cons_gen='$id_cons_gen'");
+        elseif($oper) {$msglogout=1; return 0;} # id_cons='$id_cons' and 
+        else {
+                $oggi=date("Y-m-d",mktime(0,0,0,date("m"),date("d")-3,date("Y")));
+                $sql="SELECT id_sez FROM ".$prefix."_ele_operatori where  aid='$aid' and permessi>0 and id_cons in (select t1.id_cons from ".$prefix."_ele_cons_comune as t1, ".$prefix."_ele_consultazione as t2 where t1.id_cons_gen=t2.id_cons_gen and t1.id_comune='$id_comune' and t2.data_fine>$oggi)";           
+                $sth = $dbi->prepare("$sql");
+                $sth->execute();        #die("TEST: $sql");     
+                if($sth->rowCount()) {$perms=16; return $perms;}
+                else {$msglogout=1; return 0;}
+        }
+/*      $sth = $dbi->prepare("select id_cons from ".$prefix."_ele_cons_comune where id_comune='$id_comune' and id_cons_gen='$id_cons_gen'");
         $sth->execute();        
         $row = $sth->fetch(PDO::FETCH_BOTH);    
@@ -340 +347 @@
         $sth = $dbi->prepare("select permessi from ".$prefix."_ele_operatori where id_cons='$id_cons' and aid='$aid' and id_comune='$id_comune'");
                 
-        $sth->execute();        
-        $row = $sth->fetch(PDO::FETCH_BOTH);
-                if($row[0]==0) $msglogout=1;
-        if ($sth->rowCount()==1) $perms=$row[0]; else { $msglogout=1; $perms=0; }
-
-        return $perms;
+        $sth->execute();
+        list($perms)=$sth->fetch(PDO::FETCH_NUM);
+#       $row =  die("test:$sql".$row[0] );
+        if (!$perms) {die("qui: select permessi from ".$prefix."_ele_operatori where id_cons='$id_cons' and aid='$aid' and id_comune='$id_comune'");    $msglogout=1; $perms=0; }
+
+        return $perms; */
 #} else return 0;
 }
@@ -379 +386 @@
         elseif ($msglogout==2) echo "<h1 style=\"color:red;\">Nome Utente non presente in archivio</h1><br>";
         elseif ($msglogout==3) echo "<h1 style=\"color:red;\">Password Errata</h1><br>";
+        elseif ($msglogout==4) echo "<h1 style=\"color:red;\">Accesso non ammesso da cellulare</h1><br>";
     echo "<form name=\"login\" data-ajax=\"false\" method=\"post\" action=\"admin.php\">"
         ."<table class=\"table-menu\">"
@@ -471 +479 @@
                                 $tema='Futura2'; #die( "TEST id_cons:$id_cons:".$_SESSION['aid']);
                                 $_SESSION['tema']=$tema;
-                        } else logout();
+                        } #else {die("TEST: $sql"); logout();}
                 }
         }
-}
-
+$perms=ChiSei($id_cons_gen); #die("qui".$_SESSION['aid']);
+if($perms==0) {logout();} 
+}
 
 #echo "op:".$param['op']." -- aid:".$_SESSION['aid']."remote:".$_SESSION['remote']."REMOTE:".$_SERVER['REMOTE_ADDR'];