| [ Index ] |
|
Code source de Dolibarr 2.0.1 |
1 <?PHP 2 /* Copyright (C) 2005 Rodolphe Quiedeville <rodolphe@quiedeville.org> 3 * 4 * This program is free software; you can redistribute it and/or modify 5 * it under the terms of the GNU General Public License as published by 6 * the Free Software Foundation; either version 2 of the License, or 7 * (at your option) any later version. 8 * 9 * This program is distributed in the hope that it will be useful, 10 * but WITHOUT ANY WARRANTY; without even the implied warranty of 11 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 12 * GNU General Public License for more details. 13 * 14 * You should have received a copy of the GNU General Public License 15 * along with this program; if not, write to the Free Software 16 * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. 17 * 18 * $Id: permissions.php,v 1.3 2005/08/30 13:29:32 rodolphe Exp $ 19 * $Source: /cvsroot/dolibarr/dolibarr/htdocs/telephonie/tarifs/permissions.php,v $ 20 * 21 */ 22 require ("./pre.inc.php"); 23 24 if (!$user->rights->telephonie->tarif->permission) 25 accessforbidden(); 26 27 if ($_POST["action"] == 'perms') 28 { 29 30 if ($_POST["perms"] == 0) 31 { 32 $sql = "DELETE FROM ".MAIN_DB_PREFIX."telephonie_tarif_grille_rights"; 33 $sql .= " WHERE fk_user = '".$_POST["user"]."'"; 34 $sql .= " AND fk_grille = '".$_POST["grille"]."';"; 35 $db->query($sql); 36 } 37 38 if ($_POST["perms"] == 1) 39 { 40 $sql = "UPDATE ".MAIN_DB_PREFIX."telephonie_tarif_grille_rights"; 41 $sql .= " SET pread= 1, pwrite = 0, fk_user_creat ='".$user->id."' WHERE fk_user = '".$_POST["user"]."'"; 42 $sql .= " AND fk_grille = '".$_POST["grille"]."';"; 43 if ( $db->query($sql) ) 44 { 45 if ($db->affected_rows($resql) == 0) 46 { 47 $sql = "INSERT INTO ".MAIN_DB_PREFIX."telephonie_tarif_grille_rights"; 48 $sql .= " (pread,pwrite, fk_user, fk_grille, fk_user_creat) VALUES "; 49 $sql .= " (1,0,'".$_POST["user"]."','".$_POST["grille"]."','".$user->id."');"; 50 if ( $db->query($sql) ) 51 { 52 53 } 54 } 55 } 56 } 57 58 if ($_POST["perms"] == 2) 59 { 60 $sql = "UPDATE ".MAIN_DB_PREFIX."telephonie_tarif_grille_rights"; 61 $sql .= " SET pread= 1, pwrite = 1, fk_user_creat ='".$user->id."' WHERE fk_user = '".$_POST["user"]."'"; 62 $sql .= " AND fk_grille = '".$_POST["grille"]."';"; 63 if ( $db->query($sql) ) 64 { 65 66 if ($db->affected_rows($resql) == 0) 67 { 68 69 $sql = "INSERT INTO ".MAIN_DB_PREFIX."telephonie_tarif_grille_rights"; 70 $sql .= " (pread,pwrite, fk_user, fk_grille, fk_user_creat) VALUES "; 71 $sql .= " (1,1,'".$_POST["user"]."','".$_POST["grille"]."','".$user->id."');"; 72 if ( $db->query($sql) ) 73 { 74 75 } 76 else 77 { 78 print $sql; 79 } 80 } 81 82 } 83 } 84 85 } 86 87 88 llxHeader(); 89 90 /* 91 * Sécurité accés client 92 */ 93 if ($user->societe_id > 0) 94 { 95 $action = ''; 96 $socidp = $user->societe_id; 97 } 98 99 100 101 /* 102 * 103 * 104 */ 105 $grilles = array(); 106 $sql = "SELECT d.rowid, d.libelle FROM ".MAIN_DB_PREFIX."telephonie_tarif_grille as d"; 107 $resql = $db->query($sql); 108 if ($resql) 109 { 110 while ($row = $db->fetch_row($resql)) 111 { 112 $grilles[$row[0]] = $row[1]; 113 } 114 $db->free($resql); 115 } 116 117 $users = array(); 118 119 $sql = "SELECT u.rowid, u.firstname, u.name FROM ".MAIN_DB_PREFIX."user as u"; 120 $resql = $db->query($sql); 121 if ($resql) 122 { 123 while ($row = $db->fetch_row($resql)) 124 { 125 $users[$row[0]] = $row[1] . ' '.$row[2]; 126 } 127 $db->free($resql); 128 } 129 130 $form = new Form($db); 131 print '<form action="permissions.php" method="POST">'; 132 print '<input type="hidden" name="action" value="perms">'; 133 print '<table class="noborder" width="100%" cellspacing="0" cellpadding="4">'; 134 print '<tr class="liste_titre"><td>Grille</td>'; 135 print '<td>Utilisateur</td><td>Permissions</td><td> </td>'; 136 print "</tr>\n"; 137 138 print '<tr class="liste_titre">'; 139 print '<td>'; 140 print $form->select_array("grille",$grilles); 141 print '</td><td>'; 142 print $form->select_array("user",$users); 143 print '</td><td><select name="perms">'; 144 print '<option value="0">Aucun</option>'; 145 print '<option value="1">Lecture</option>'; 146 print '<option value="2">Lecture/Ecriture</option>'; 147 print '<td><input type="submit"></td>'; 148 print "</tr>\n"; 149 print "</form>\n"; 150 print "</table>\n"; 151 152 153 /* 154 * 155 * 156 * 157 * 158 */ 159 160 $page = $_GET["page"]; 161 $sortorder = $_GET["sortorder"]; 162 $sortfield = $_GET["sortfield"]; 163 164 if ($sortorder == "") $sortorder="ASC"; 165 if ($sortfield == "") $sortfield="d.libelle ASC, d.rowid "; 166 167 $offset = $conf->liste_limit * $page ; 168 169 /* 170 * Mode Liste 171 * 172 * 173 * 174 */ 175 176 $sql = "SELECT d.rowid as grille, d.libelle as tarif_desc, d.type_tarif"; 177 $sql .= " , u.code, u.name, u.firstname"; 178 $sql .= " , r.pread, r.pwrite"; 179 $sql .= " FROM ".MAIN_DB_PREFIX."telephonie_tarif_grille as d"; 180 $sql .= "," . MAIN_DB_PREFIX."telephonie_tarif_grille_rights as r"; 181 $sql .= "," . MAIN_DB_PREFIX."user as u"; 182 183 $sqlc .= " WHERE d.rowid = r.fk_grille"; 184 $sqlc .= " AND r.fk_user = u.rowid"; 185 186 if ($_GET["search_user"]) 187 { 188 $sqlc .=" AND t.libelle LIKE '%".$_GET["search_libelle"]."%'"; 189 } 190 191 if ($_GET["search_grille"]) 192 { 193 $sqlc .=" AND d.libelle LIKE '%".$_GET["search_grille"]."%'"; 194 } 195 196 197 $sql = $sql . $sqlc . " ORDER BY u.name ASC " . $db->plimit($conf->liste_limit+1, $offset); 198 199 $result = $db->query($sql); 200 if ($result) 201 { 202 $num = $db->num_rows(); 203 $i = 0; 204 205 print_barre_liste("Tarifs", $page, "index.php", "&type=".$_GET["type"], $sortfield, $sortorder, '', $num); 206 207 print '<form action="permissions.php" method="GET">'; 208 209 print '<table class="noborder" width="100%" cellspacing="0" cellpadding="4">'; 210 print '<tr class="liste_titre">'; 211 212 print_liste_field_titre("Tarif","index.php","d.libelle"); 213 214 print '<td>Utilisateur</td><td align="center">Lecture</td><td align="center">Ecriture</td>'; 215 print "</tr>\n"; 216 217 print '<tr class="liste_titre">'; 218 print '<input type="hidden" name="type" value="'.$_GET["type"].'">'; 219 print '<td><input type="text" name="search_grille" size="10" value="'.$_GET["search_grille"].'"></td>'; 220 print '<td><input type="text" name="search_user" size="20" value="'.$_GET["search_user"].'"></td>'; 221 print '<td> </td>'; 222 print '<td><input type="submit"></td>'; 223 print '</form>'; 224 print '</tr>'; 225 226 $var=True; 227 228 while ($i < min($num,$conf->liste_limit)) 229 { 230 $obj = $db->fetch_object($i); 231 $var=!$var; 232 233 print "<tr $bc[$var]>"; 234 235 print '<td><a href="grille.php?id='.$obj->grille.'">'; 236 print $obj->tarif_desc."</td>\n"; 237 print '<td>'.$obj->firstname." ".$obj->name."</td>\n"; 238 239 if ($obj->pread == 1) 240 { 241 print '<td align="center">'.img_tick().'</td>'; 242 } 243 else 244 { 245 print '<td align="center"> </td>'; 246 } 247 248 if ($obj->pwrite == 1) 249 { 250 print '<td align="center">'.img_tick().'</td>'; 251 } 252 else 253 { 254 print '<td align="center"> </td>'; 255 } 256 print "</tr>\n"; 257 $i++; 258 } 259 print "</table>"; 260 $db->free(); 261 } 262 else 263 { 264 print $db->error() . ' ' . $sql; 265 } 266 267 $db->close(); 268 269 llxFooter("<em>Dernière modification $Date: 2005/08/30 13:29:32 $ révision $Revision: 1.3 $</em>"); 270 ?>
titre
Description
Corps
titre
Description
Corps
titre
Description
Corps
titre
Corps
| Généré le : Mon Nov 26 12:29:37 2007 | par Balluche grâce à PHPXref 0.7 |
|
|