From: x2000habouzit Date: Thu, 2 Sep 2004 17:43:14 +0000 (+0000) Subject: new admin/utilisateurs.php (the true one this time !!!) X-Git-Tag: xorg/old~1615 X-Git-Url: http://git.polytechnique.org/?a=commitdiff_plain;h=547a7eabf2c370e68cfb000dfbd3ec07e8014835;p=platal.git new admin/utilisateurs.php (the true one this time !!!) --- diff --git a/htdocs/admin/utilisateurs.php b/htdocs/admin/utilisateurs.php index 8587264..d29d8b1 100644 --- a/htdocs/admin/utilisateurs.php +++ b/htdocs/admin/utilisateurs.php @@ -18,26 +18,13 @@ * Foundation, Inc., * * 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA * *************************************************************************** - $Id: utilisateurs.php,v 1.14 2004-09-02 09:47:07 x2000habouzit Exp $ + $Id: utilisateurs.php,v 1.15 2004-09-02 17:43:14 x2000habouzit Exp $ ***************************************************************************/ require("auto.prepend.inc.php"); -new_admin_page('admin/utilisateurs.tpl', true, 'admin/utilisateurs.head.tpl'); +new_admin_page('admin/utilisateurs.tpl', true); require("xorg.misc.inc.php"); -$assignates = Array( - 'add_email', 'email', 'fwd', 'hashpass', 'homonyme', 'login', - 'matricule', 'naissanceN', 'newpass_clair', 'nomN', 'num', 'oldlogin', 'olduid', - 'passw', 'password1', 'perms', 'permsN', 'prenomN', 'promoN', 'remove_email', - 'select', 'suid_button', 'user_id', 'u_edit', 'u_kill', 'u_kill_conf' -); -foreach($assignates as $ass) $$ass=isset($_REQUEST[$ass]) ? $_REQUEST[$ass] : ''; - -$errors = Array(); -$succes = Array(); -function my_error($msg) { global $erreur; $erreur[] = "

Erreur: $msg

"; } -function my_msg($msg) { global $succes; $succes[] = "

O.K.: $msg

"; } - /* * LOGS de l'utilisateur */ @@ -76,67 +63,65 @@ if(isset($_REQUEST['suid_button']) and isset($_REQUEST['login']) header("Location: ../"); } + +/* + * LE RESTE + */ + +$errors = Array(); + if(isset($_REQUEST['password'])) $pass_clair = $_REQUEST['password']; // Check if there was a submission foreach($_POST as $key => $val) { switch ($key) { - // ajout d'email - case "add_email": + case "add_fwd": + $email = $_REQUEST['email']; if (!isvalid_email_redirection($email)) { - my_error("invalid email"); + $errors[] = "invalid email $email"; break; } - $globals->db->query("INSERT INTO emails (uid,num,email,flags) VALUES ($user_id,$num,'$email','active')"); - my_msg("Ajout de $email effectué"); + $globals->db->query("INSERT INTO emails (uid,num,email,flags) + VALUES ({$_REQUEST['user_id']},{$_REQUEST['num']},'$email','active')"); + $errors[] = "Ajout de $email effectué"; break; - // supprime un email + case "del_fwd": + if(empty($val)) break; + $globals->db->query("DELETE FROM emails WHERE uid='{$_REQUEST['user_id']}' AND email='$val'"); + break; - case "remove_email": - $globals->db->query("delete from emails where uid=$user_id and email = '$email'"); - my_msg("Suppression de $email effectué"); - break; - - // Faire un suid (une partie du code se trouve tout là-haut pour affecter l'affichage du menu) - case "suid_button": - if(isset($_SESSION['suid'])) { - my_msg("SUID effectué, clique sur exit pour quitter."); - } else { - my_error("login inconnu, suid non effectué."); - } - break; + case "del_alias": + if(empty($val)) break; + $globals->db->query("DELETE FROM aliases WHERE id='{$_REQUEST['user_id']}' AND alias='$val' AND type!='a_vie'"); + $errors[] = $val." a été supprimé"; + break; + case "add_alias": + $globals->db->query("INSERT INTO aliases (id,alias,type) + VALUES ('{$_REQUEST['user_id']}','{$_REQUEST['email']}','alias')"); + break; - // Editer un profil + // Editer un profil case "u_edit": - if ($newpass_clair != "********") { - $pass_md5B=md5($newpass_clair); - } else { - $pass_md5B=$passw; - } + $pass_md5B = $_REQUEST['newpass_clair'] != "********" ? md5($_REQUEST['newpass_clair']) : $_REQUEST['passw']; $query = "UPDATE auth_user_md5 SET - username='$login', - naissance=$naissanceN, + naissance='{$_REQUEST['naissanceN']}', password='$pass_md5B', - perms='$permsN', - prenom='$prenomN', - nom='$nomN', - promo=$promoN - WHERE user_id=$olduid"; - + perms='{$_REQUEST['permsN']}', + prenom='{$_REQUEST['prenomN']}', + nom='{$_REQUEST['nomN']}', + promo='{$_REQUEST['promoN']}' + WHERE user_id='{$_REQUEST['user_id']}'"; $globals->db->query($query); - if (mysql_errno($conn) != 0) { - my_error("Failed: $query"); - break; - } - + + // FIXME: recherche $f = fopen("/tmp/flag_recherche","w"); fputs($f,"1"); fclose($f); - my_msg("\"$login\" updaté correctement."); + $errors[] = "updaté correctement."; // envoi du mail au webmaster $HEADER="From: ADMINISTRATION\nReply-To: webmaster@polytechnique.org\nX-Mailer: PHP/" . phpversion(); $MESSAGE="Intervention manuelle de l'administrateur login=".$_SESSION['username']." (UID=".$_SESSION['uid'].")\n\nOpérations effectuées\n\n\"".$query."\"\n\nCe rapport a été généré par le script d'administration"; @@ -146,81 +131,91 @@ foreach($_POST as $key => $val) { // DELETE FROM auth_user_md5 case "u_kill": - $result=$globals->db->query("select user_id from auth_user_md5 where username='$login'"); - if(list($user_id) = mysql_fetch_row($result)) { - $query = "DELETE FROM auth_user_md5 WHERE username='$login'"; - $globals->db->query($query); - $globals->db->query("delete from emails where uid=$user_id"); - $globals->db->query("delete from binets_ins where user_id=$user_id"); - $globals->db->query("delete from groupesx_ins where guid=$user_id"); - $globals->db->query("delete from photo where uid=$user_id"); - $globals->db->query("delete from perte_pass where uid=$user_id"); - $globals->db->query("delete from user_changes where user_id=$user_id"); - $globals->db->query("delete from aliases where id=$user_id and type in ('login','epouse','alias')"); - $globals->db->query("delete from listes_ins where idu=$user_id"); - $globals->db->query("delete from listes_mod where idu=$user_id"); - $globals->db->query("delete from forums_abo where uid=$user_id"); - $globals->db->query("delete from applis_ins where uid=$user_id"); - $globals->db->query("delete from contacts where uid=$user_id"); - $globals->db->query("delete from contacts where contact=$user_id"); - // on purge les entrees dans logger - $res=$globals->db->query("select id from logger.sessions where uid=$user_id"); - while (list($session_id)=mysql_fetch_row($res)) - $globals->db->query("delete from logger.events where session=$session_id"); - $globals->db->query("delete from logger.sessions where uid=$user_id"); - - my_msg(" \"$login\" a été supprimé !
"); - $HEADER="From: ADMINISTRATION\nReply-To: webmaster@polytechnique.org\nX-Mailer: PHP/" . phpversion(); - $MESSAGE="Intervention manuelle de l'administrateur login=".$_SESSION['username']." (UID=".$_SESSION['uid'].")\n\nOpérations effectuées\n\n\"".$query."\"\n\nCe rapport a été généré par le script d'administration"; - mail("web@polytechnique.org","INTERVENTION ADMIN",$MESSAGE,$HEADER); - } else { - my_error("pas de login $login"); - } + $user_id = $_REQUEST['user_id']; + + $query = "DELETE FROM auth_user_md5 WHERE user_id='$user_id'"; + $globals->db->query($query); + $globals->db->query("delete from emails where uid=$user_id"); + $globals->db->query("delete from binets_ins where user_id=$user_id"); + $globals->db->query("delete from groupesx_ins where guid=$user_id"); + $globals->db->query("delete from photo where uid=$user_id"); + $globals->db->query("delete from perte_pass where uid=$user_id"); + $globals->db->query("delete from user_changes where user_id=$user_id"); + $globals->db->query("delete from aliases where id=$user_id and type in ('login','epouse','alias')"); + $globals->db->query("delete from listes_ins where idu=$user_id"); + $globals->db->query("delete from listes_mod where idu=$user_id"); + $globals->db->query("delete from applis_ins where uid=$user_id"); + $globals->db->query("delete from contacts where uid=$user_id"); + $globals->db->query("delete from contacts where contact=$user_id"); + // on purge les entrees dans logger + $res=$globals->db->query("select id from logger.sessions where uid=$user_id"); + while (list($session_id)=mysql_fetch_row($res)) + $globals->db->query("delete from logger.events where session=$session_id"); + $globals->db->query("delete from logger.sessions where uid=$user_id"); + + $errors[] = "'$user_id' a été supprimé !"; + $HEADER="From: ADMINISTRATION\nReply-To: webmaster@polytechnique.org\nX-Mailer: PHP/" . phpversion(); + $MESSAGE="Intervention manuelle de l'administrateur login=".$_SESSION['username']." (UID=".$_SESSION['uid'].")\n\nOpérations effectuées\n\n\"".$query."\"\n\nCe rapport a été généré par le script d'administration"; + mail("web@polytechnique.org","INTERVENTION ADMIN",$MESSAGE,$HEADER); break; } } -$page->assign('login', $login); +if (!empty($_REQUEST['login'])) { + $login = $_REQUEST['login']; + $r=$globals->db->query("SELECT * + FROM auth_user_md5 AS u + INNER JOIN aliases AS a ON ( a.id = u.user_id AND a.alias='$login' )"); + if($tmp = mysql_fetch_assoc($r)) $mr=$tmp; + mysql_free_result($r); +} -if (!empty($_REQUEST['select'])) { - $numeric_login = false; - $looking_field = 'username'; - if (preg_match("/^\d*$/",$login)) { - $numeric_login = true; - $looking_field = 'user_id'; +if (!empty($_REQUEST['user_id'])) { + $r=$globals->db->query("SELECT * + FROM auth_user_md5 + WHERE user_id='{$_REQUEST['user_id']}'"); + if($tmp = mysql_fetch_assoc($r)) $mr=$tmp; + mysql_free_result($r); +} + +if(isset($mr)) { + $page->assign('mr',$mr); + + $result=$globals->db->query("SELECT UNIX_TIMESTAMP(s.start), s.host + FROM auth_user_md5 AS u + LEFT JOIN logger.sessions AS s ON(s.uid=u.user_id AND s.suid=0) + WHERE user_id={$mr['user_id']} + ORDER BY s.start DESC + LIMIT 1"); + list($lastlogin,$host) = mysql_fetch_row($result); + mysql_free_result($result); + $page->assign('lastlogin', $lastlogin); + $page->assign('host', $host); + + $sql = "SELECT email, num, flags, panne + FROM emails + WHERE num != 0 AND uid = {$mr['user_id']} order by num"; + $result=$globals->db->query($sql); + $xorgmails = Array(); + $email_panne = Array(); + while($l = mysql_fetch_assoc($result)) { + $xorgmails[] = $l; + if($l['panne']!="0000-00-00") + $email_panne[] = "Adresse {$l['email']} signalée comme HS le {$l['panne']}"; + $next_num = $l['num']+1; } - $r=$globals->db->query("select * from auth_user_md5 where $looking_field='$login' order by username"); - if ($mr=mysql_fetch_assoc($r)){ - if ($numeric_login) $login = $mr['username']; - $param=$globals->db->query("SELECT UNIX_TIMESTAMP(MAX(start)) FROM logger.sessions WHERE uid={$mr['user_id']} AND suid=0 GROUP BY uid"); - list($lastlogin) = mysql_fetch_row($param); - mysql_free_result($param); - - $page->assign_by_ref('mr',$mr); - - $str=false; - - $sql = "SELECT email, num, flags, panne - FROM emails - WHERE num != 0 AND uid = {$mr['user_id']} order by num"; - $result=$globals->db->query($sql); - $xorgmails = Array(); - $email_panne = Array(); - while($l = mysql_fetch_assoc($result)) { - $xorgmails[] = $l; - if($l['panne']!="0000-00-00") - $email_panne[] = "Adresse {$l['email']} signalée comme HS le {$l['panne']}"; - $next_num = $l['num']+1; - } - mysql_free_result($result); - - $page->mysql_assign("SELECT alias, type='login' AS for_life FROM aliases WHERE id = {$mr["user_id"]} ORDER BY type!= 'login'", 'aliases'); - $page->assign_by_ref('xorgmails', $xorgmails); - $page->assign_by_ref('email_panne', $email_panne); - $page->assign('next_num', $next_num); - } // if(mysql_fetch_row) + mysql_free_result($result); + + $page->mysql_assign("SELECT alias, type='a_vie' AS for_life + FROM aliases + WHERE id = {$mr["user_id"]} + ORDER BY type!= 'a_vie'", 'aliases'); + $page->assign_by_ref('xorgmails', $xorgmails); + $page->assign_by_ref('email_panne', $email_panne); + $page->assign('next_num', $next_num); } +$page->assign('errors',$errors); $page->run(); ?> diff --git a/templates/admin/utilisateurs.head.tpl b/templates/admin/utilisateurs.head.tpl deleted file mode 100644 index 63b0618..0000000 --- a/templates/admin/utilisateurs.head.tpl +++ /dev/null @@ -1,59 +0,0 @@ -{*************************************************************************** - * Copyright (C) 2003-2004 Polytechnique.org * - * http://opensource.polytechnique.org/ * - * * - * This program is free software; you can redistribute it and/or modify * - * it under the terms of the GNU General Public License as published by * - * the Free Software Foundation; either version 2 of the License, or * - * (at your option) any later version. * - * * - * This program is distributed in the hope that it will be useful, * - * but WITHOUT ANY WARRANTY; without even the implied warranty of * - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * - * GNU General Public License for more details. * - * * - * You should have received a copy of the GNU General Public License * - * along with this program; if not, write to the Free Software * - * Foundation, Inc., * - * 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA * - *************************************************************************** - $Id: utilisateurs.head.tpl,v 1.4 2004-09-01 18:46:21 x2000habouzit Exp $ - ***************************************************************************} - - -{literal} - - - - -{/literal} - -{* vim:set et sw=2 sts=2 sws=2: *} diff --git a/templates/admin/utilisateurs.tpl b/templates/admin/utilisateurs.tpl index c08ba0c..9733e03 100644 --- a/templates/admin/utilisateurs.tpl +++ b/templates/admin/utilisateurs.tpl @@ -17,7 +17,7 @@ * Foundation, Inc., * * 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA * *************************************************************************** - $Id: utilisateurs.tpl,v 1.11 2004-09-02 09:47:07 x2000habouzit Exp $ + $Id: utilisateurs.tpl,v 1.12 2004-09-02 17:43:14 x2000habouzit Exp $ ***************************************************************************} @@ -33,20 +33,22 @@ Attention, d {dynamic} +{foreach from=$errors item=e} +

{$e}

+{/foreach} + {if $smarty.post.u_kill_conf} -
-
- - Confirmer la suppression de {$smarty.request.login}   + +
+ + Confirmer la suppression de {$smarty.request.user_id}   - -
-{/if} - -{/dynamic} +
+ +{else} -
- + +
Administrer @@ -54,12 +56,12 @@ Attention, d
- +
- +       @@ -68,166 +70,198 @@ Attention, d
-{dynamic on="0`$smarty.request.select`"} +{if $mr} +

Derniére connexion le {$lastlogin|date_format:"%d %B %Y, %T"} -depuis {$mr.host} +depuis {$host}

-
- - - -
- Password + +{literal} + +{/literal} + + + + + - - - + - - - - + + - + + + - - - + - - - + - - - + - - - - + - - - - - + + +
+ UID et Matricule - Perms + + {$mr.user_id} / {$mr.matricule} +
+ Mot de passe + - - +
UID
+ Nom + - {$mr.user_id} - - + - +
+ Prénom + +
- Matricule - - {$mr.matricule} +
+ Droits - + +
+
Date de naissance - - - -   + +
+
Promo - - - -   + +
- Nom - - +
+ [Voir fiche] - [Voir fiche] + +
- Prénom - - - +
[Trombino] + +
+ + +
+ - {foreach from=$aliases item=a} - - - - + + + {if $a.for_life} + + {else} + + {/if} {/foreach} + + + + +
Alias e-mail  
{if $a.for_life}garantie à vie*{/if}{if $a.for_life}{$a.alias}{else}{$a.alias}{/if} 
{if $a.for_life}{$a.alias}{else}{$a.alias}{/if}garanti à vie* + delete +
+ + + + + +
+
+ +

+* à ne modifier qu'avec l'accord express de l'utilisateur !!! +

+ +
+ - - {foreach item=mail from=$xorgmails} - - - + - + {/foreach} - - + +
+ Redirections  
- e-mail forward {$mail.num} ({$mail.flags}) - - +
+ n°{$mail.num} ({$mail.flags}) - - - - - + + {$mail.email} + + delete
+
Ajouter un email - - + - - + - +
-

-* à ne modifier qu'avec l'accord express de l'utilisateur !!! -

+

{foreach from=$email_panne item=e} {$p}
{/foreach}

+{/if} +{/if} + {/dynamic} {* vim:set et sw=2 sts=2 sws=2: *}