dolibarr/htdocs/user/index.php

<?php
/* Copyright (C) 2002-2005 Rodolphe Quiedeville <rodolphe@quiedeville.org>
 * Copyright (C) 2004-2011 Laurent Destailleur  <eldy@users.sourceforge.net>
 * Copyright (C) 2005-2011 Regis Houssin        <regis@dolibarr.fr>
 *
 * This program is free software; you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
 * the Free Software Foundation; either version 2 of the License, or
 * (at your option) any later version.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
 * along with this program. If not, see <http://www.gnu.org/licenses/>.
 */

/**
 *      \file       htdocs/user/index.php
 * 		\ingroup	core
 *      \brief      Page of users
 */

require("../main.inc.php");
if(! empty($conf->multicompany->enabled)) dol_include_once("/multicompany/class/actions_multicompany.class.php");


if (! $user->rights->user->user->lire && ! $user->admin) accessforbidden();

$langs->load("users");
$langs->load("companies");

// Security check (for external users)
$socid=0;
if ($user->societe_id > 0) $socid = $user->societe_id;

$sall=isset($_GET["sall"])?$_GET["sall"]:$_POST["sall"];

$sortfield = GETPOST("sortfield",'alpha');
$sortorder = GETPOST("sortorder",'alpha');
$page = GETPOST("page",'int');
if ($page == -1) { $page = 0; }
$offset = $conf->liste_limit * $page;
$pageprev = $page - 1;
$pagenext = $page + 1;
$limit = $conf->liste_limit;
if (! $sortfield) $sortfield="u.login";
if (! $sortorder) $sortorder="ASC";

$userstatic=new User($db);
$companystatic = new Societe($db);

/*
 * View
 */

llxHeader();

print_fiche_titre($langs->trans("ListOfUsers"));

$sql = "SELECT u.rowid, u.name, u.firstname, u.admin, u.fk_societe, u.login,";
$sql.= " u.datec,";
$sql.= " u.tms as datem,";
$sql.= " u.datelastlogin,";
$sql.= " u.ldap_sid, u.statut, u.entity,";
$sql.= " s.nom, s.canvas";
$sql.= " FROM ".MAIN_DB_PREFIX."user as u";
$sql.= " LEFT JOIN ".MAIN_DB_PREFIX."societe as s ON u.fk_societe = s.rowid";
if(! empty($conf->multicompany->enabled) && $conf->entity == 1 && ($conf->global->MULTICOMPANY_TRANSVERSE_MODE || ($user->admin && ! $user->entity)))
{
	$sql.= " WHERE u.entity IS NOT NULL";
}
else
{
	$sql.= " WHERE u.entity IN (0,".$conf->entity.")";
}
if (!empty($socid)) $sql.= " AND u.fk_societe = ".$socid;
if ($_POST["search_user"])
{
    $sql.= " AND (u.login like '%".$_POST["search_user"]."%' OR u.name like '%".$_POST["search_user"]."%' OR u.firstname like '%".$_POST["search_user"]."%')";
}
if ($sall) $sql.= " AND (u.login like '%".$sall."%' OR u.name like '%".$sall."%' OR u.firstname like '%".$sall."%' OR u.email like '%".$sall."%' OR u.note like '%".$sall."%')";
if ($sortfield) $sql.=" ORDER BY $sortfield $sortorder";

$result = $db->query($sql);
if ($result)
{
    $num = $db->num_rows($result);
    $i = 0;

    $param="search_user=$search_user&amp;sall=$sall";
    print '<table class="noborder" width="100%">';
    print '<tr class="liste_titre">';
    print_liste_field_titre($langs->trans("Login"),"index.php","u.login",$param,"","",$sortfield,$sortorder);
    print_liste_field_titre($langs->trans("LastName"),"index.php","u.name",$param,"","",$sortfield,$sortorder);
    print_liste_field_titre($langs->trans("FirstName"),"index.php","u.firstname",$param,"","",$sortfield,$sortorder);
    print_liste_field_titre($langs->trans("Company"),"index.php","u.fk_societe",$param,"","",$sortfield,$sortorder);
    print_liste_field_titre($langs->trans("DateCreation"),"index.php","u.datec",$param,"",'align="center"',$sortfield,$sortorder);
    print_liste_field_titre($langs->trans("LastConnexion"),"index.php","u.datelastlogin",$param,"",'align="center"',$sortfield,$sortorder);
    print_liste_field_titre($langs->trans("Status"),"index.php","u.status",$param,"",'align="right"',$sortfield,$sortorder);
    print "</tr>\n";
    $var=True;
    while ($i < $num)
    {
        $obj = $db->fetch_object($result);
        $var=!$var;

        print "<tr $bc[$var]>";
        print '<td><a href="fiche.php?id='.$obj->rowid.'">'.img_object($langs->trans("ShowUser"),"user").' '.$obj->login.'</a>';
        if (! empty($conf->multicompany->enabled) && $obj->admin && ! $obj->entity)
        {
          	print img_picto($langs->trans("SuperAdministrator"),'redstar');
        }
        else if ($obj->admin)
        {
        	print img_picto($langs->trans("Administrator"),'star');
        }
        print '</td>';
        print '<td>'.ucfirst($obj->name).'</td>';
        print '<td>'.ucfirst($obj->firstname).'</td>';
        print "<td>";
        if ($obj->fk_societe)
        {
            $companystatic->id=$obj->fk_societe;
            $companystatic->nom=$obj->nom;
            $companystatic->canvas=$obj->canvas;
            print $companystatic->getNomUrl(1);
        }
        else if (! empty($conf->multicompany->enabled))
        {
        	if (! $obj->entity)
        	{
        		print $langs->trans("AllEntities");
        	}
        	else
        	{
        		$mc = new ActionsMulticompany($db);
        		$mc->getInfo($obj->entity);
        		print $mc->label;
        	}
        }
        else if ($obj->ldap_sid)
        {
        	print $langs->trans("DomainUser");
        }
        else
        {
        	print $langs->trans("InternalUser");
        }
        print '</td>';

        // Date creation
        print '<td nowrap="nowrap" align="center">'.dol_print_date($db->jdate($obj->datec),"dayhour").'</td>';

        // Date last login
        print '<td nowrap="nowrap" align="center">'.dol_print_date($db->jdate($obj->datelastlogin),"dayhour").'</td>';

		// Statut
		$userstatic->statut=$obj->statut;
        print '<td width="100" align="right">'.$userstatic->getLibStatut(5).'</td>';
        print "</tr>\n";
        $i++;
    }
    print "</table>";
    $db->free($result);
}
else
{
    dol_print_error($db);
}

$db->close();

llxFooter();
?>
conversion PHP en php ajout de docs 2004-10-20 23:06:45 +02:00			`<?php`
Modif permissions 2005-08-23 13:40:19 +02:00			`/* Copyright (C) 2002-2005 Rodolphe Quiedeville <rodolphe@quiedeville.org>`
New: Date of user and group creation contains hour 2011-05-25 11:51:01 +02:00			`* Copyright (C) 2004-2011 Laurent Destailleur <eldy@users.sourceforge.net>`
multicompany enhancement (in progress) 2011-08-20 00:15:22 +02:00			`* Copyright (C) 2005-2011 Regis Houssin <regis@dolibarr.fr>`
Massive updates 2002-05-06 21:10:48 +02:00			`*`
			`* This program is free software; you can redistribute it and/or modify`
			`* it under the terms of the GNU General Public License as published by`
			`* the Free Software Foundation; either version 2 of the License, or`
			`* (at your option) any later version.`
			`*`
			`* This program is distributed in the hope that it will be useful,`
			`* but WITHOUT ANY WARRANTY; without even the implied warranty of`
			`* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the`
			`* GNU General Public License for more details.`
			`*`
			`* You should have received a copy of the GNU General Public License`
Fix: Avoid errors into rpm packages 2011-08-01 01:19:04 +02:00			`* along with this program. If not, see <http://www.gnu.org/licenses/>.`
Massive updates 2002-05-06 21:10:48 +02:00			`*/`
Fix: Search of user scan also login 2009-01-31 01:15:34 +01:00
Qual: Suppression de 2 champs non utilis�s et obsol�tes par le nouveau system des droits 2005-01-18 20:44:23 +01:00			`/**`
Restore changes after 27 may due to from savannah Crash. 2009-06-04 01:05:52 +02:00			`* \file htdocs/user/index.php`
			`* \ingroup core`
New: Date of user and group creation contains hour 2011-05-25 11:51:01 +02:00			`* \brief Page of users`
Restore changes after 27 may due to from savannah Crash. 2009-06-04 01:05:52 +02:00			`*/`
Look: Modifications esth�tiques mineures. 2004-11-03 23:00:47 +01:00
Qual: First change to remove pre.inc.php 2010-03-01 09:08:49 +01:00			`require("../main.inc.php");`
Fix: avoid warning 2011-08-21 12:01:36 +02:00			`if(! empty($conf->multicompany->enabled)) dol_include_once("/multicompany/class/actions_multicompany.class.php");`
multi-company module enhancement 2011-08-19 09:22:17 +02:00
Massive updates 2002-05-06 21:10:48 +02:00
New: Ajout des droits sur le module user. Les modules "base" (requis) sont actifs par d�faut (a l'install) et non d�sactivables. 2005-10-22 15:48:19 +02:00			`if (! $user->rights->user->user->lire && ! $user->admin) accessforbidden();`
Modif permissions 2005-08-23 13:40:19 +02:00
Fix: Quelques messages oubli�s et corrections pour register_globals. 2004-07-31 17:42:28 +02:00			`$langs->load("users");`
Fix: Affichage statut sur liste des users. 2007-02-26 01:00:03 +01:00			`$langs->load("companies");`
Fix: Quelques messages oubli�s et corrections pour register_globals. 2004-07-31 17:42:28 +02:00
Fix: uniformize code 2010-10-29 18:08:54 +02:00			`// Security check (for external users)`
			`$socid=0;`
			`if ($user->societe_id > 0) $socid = $user->societe_id;`

La recherche sur les utilisateurs et groupe se fait aussi sur les notes, emails, logins 2005-09-06 21:17:12 +02:00			`$sall=isset($_GET["sall"])?$_GET["sall"]:$_POST["sall"];`

Sec: Removed security holes 2010-11-20 14:08:44 +01:00			`$sortfield = GETPOST("sortfield",'alpha');`
			`$sortorder = GETPOST("sortorder",'alpha');`
			`$page = GETPOST("page",'int');`
			`if ($page == -1) { $page = 0; }`
			`$offset = $conf->liste_limit * $page;`
			`$pageprev = $page - 1;`
			`$pagenext = $page + 1;`
New: Ajout page accueil de l'espace utilisateurs et groupes 2005-01-31 17:21:47 +01:00			`$limit = $conf->liste_limit;`
New: Ajout possibilit� de mettre des permissions sur les groupes New: Possibilit� de supprimer un groupe 2005-02-26 15:23:54 +01:00			`if (! $sortfield) $sortfield="u.login";`
New: Ajout page accueil de l'espace utilisateurs et groupes 2005-01-31 17:21:47 +01:00			`if (! $sortorder) $sortorder="ASC";`

Fix: Affichage statut sur liste des users. 2007-02-26 01:00:03 +01:00			`$userstatic=new User($db);`
Fix: uniformize code 2010-10-29 18:08:54 +02:00			`$companystatic = new Societe($db);`
Fix: Affichage statut sur liste des users. 2007-02-26 01:00:03 +01:00
Fix: Search of user scan also login 2009-01-31 01:15:34 +01:00			`/*`
			`* View`
			`*/`
New: Ajout page accueil de l'espace utilisateurs et groupes 2005-01-31 17:21:47 +01:00
			`llxHeader();`
Fix: Quelques messages oubli�s et corrections pour register_globals. 2004-07-31 17:42:28 +02:00
Look: Uniformize pages look 2009-03-02 20:07:12 +01:00			`print_fiche_titre($langs->trans("ListOfUsers"));`
. 2002-07-03 14:46:00 +02:00
Affiche date derniere connexion 2007-11-16 04:30:07 +01:00			`$sql = "SELECT u.rowid, u.name, u.firstname, u.admin, u.fk_societe, u.login,";`
Remove pdate functions 2010-05-08 18:29:37 +02:00			`$sql.= " u.datec,";`
			`$sql.= " u.tms as datem,";`
			`$sql.= " u.datelastlogin,";`
New: early development of multi-company module 2009-04-27 22:37:50 +02:00			`$sql.= " u.ldap_sid, u.statut, u.entity,";`
Fix: uniformize code 2010-10-29 18:08:54 +02:00			`$sql.= " s.nom, s.canvas";`
Possibilit� pour un user de modifier ces infos (pour pouvoir modifier le mot de passe, il faut que la constante USER_ALLOW_PASSWORD_CHANGE soit d�finie). 2005-09-26 03:01:53 +02:00			`$sql.= " FROM ".MAIN_DB_PREFIX."user as u";`
Fix: changement de idp en rowid pour llx_societe et llx_socpeople afin d'unifier le code. 2007-06-12 00:51:47 +02:00			`$sql.= " LEFT JOIN ".MAIN_DB_PREFIX."societe as s ON u.fk_societe = s.rowid";`
Fix: avoid warning 2011-08-21 12:01:36 +02:00			`if(! empty($conf->multicompany->enabled) && $conf->entity == 1 && ($conf->global->MULTICOMPANY_TRANSVERSE_MODE \|\| ($user->admin && ! $user->entity)))`
multicompany enhancement (in progress) 2011-08-20 00:15:22 +02:00			`{`
			`$sql.= " WHERE u.entity IS NOT NULL";`
			`}`
multi-company module enhancement 2011-08-19 09:22:17 +02:00			`else`
multicompany enhancement (in progress) 2011-08-20 00:15:22 +02:00			`{`
			`$sql.= " WHERE u.entity IN (0,".$conf->entity.")";`
			`}`
Fix: uniformize code 2010-10-29 18:08:54 +02:00			`if (!empty($socid)) $sql.= " AND u.fk_societe = ".$socid;`
Possibilit� pour un user de modifier ces infos (pour pouvoir modifier le mot de passe, il faut que la constante USER_ALLOW_PASSWORD_CHANGE soit d�finie). 2005-09-26 03:01:53 +02:00			`if ($_POST["search_user"])`
			`{`
Fix: Search of user scan also login 2009-01-31 01:15:34 +01:00			`$sql.= " AND (u.login like '%".$_POST["search_user"]."%' OR u.name like '%".$_POST["search_user"]."%' OR u.firstname like '%".$_POST["search_user"]."%')";`
New: Ajout page accueil de l'espace utilisateurs et groupes 2005-01-31 17:21:47 +01:00			`}`
Suppression du champ "code" de la table llx_user 2007-03-10 23:14:14 +01:00			`if ($sall) $sql.= " AND (u.login like '%".$sall."%' OR u.name like '%".$sall."%' OR u.firstname like '%".$sall."%' OR u.email like '%".$sall."%' OR u.note like '%".$sall."%')";`
Possibilit� pour un user de modifier ces infos (pour pouvoir modifier le mot de passe, il faut que la constante USER_ALLOW_PASSWORD_CHANGE soit d�finie). 2005-09-26 03:01:53 +02:00			`if ($sortfield) $sql.=" ORDER BY $sortfield $sortorder";`
Massive updates 2002-05-06 21:10:48 +02:00
			`$result = $db->query($sql);`
* empty log message * 2002-12-23 00:40:26 +01:00			`if ($result)`
			`{`
Fix: Conditionnement de l'onglet clicktodial sur l'activation du module ou non 2005-03-06 17:01:38 +01:00			`$num = $db->num_rows($result);`
Look: Modifications esth�tiques mineures. 2004-11-03 23:00:47 +01:00			`$i = 0;`

La recherche sur les utilisateurs et groupe se fait aussi sur les notes, emails, logins 2005-09-06 21:17:12 +02:00			`$param="search_user=$search_user&sall=$sall";`
multicompany enhancement (in progress) 2011-08-20 00:15:22 +02:00			`print '<table class="noborder" width="100%">';`
Look: Modifications esth�tiques mineures. 2004-11-03 23:00:47 +01:00			`print '<tr class="liste_titre">';`
Oubli du param sortorder dans les appels de print_liste_field_titre 2007-11-11 16:55:45 +01:00			`print_liste_field_titre($langs->trans("Login"),"index.php","u.login",$param,"","",$sortfield,$sortorder);`
			`print_liste_field_titre($langs->trans("LastName"),"index.php","u.name",$param,"","",$sortfield,$sortorder);`
			`print_liste_field_titre($langs->trans("FirstName"),"index.php","u.firstname",$param,"","",$sortfield,$sortorder);`
			`print_liste_field_titre($langs->trans("Company"),"index.php","u.fk_societe",$param,"","",$sortfield,$sortorder);`
New: early development of multi-company module 2009-04-27 22:37:50 +02:00			`print_liste_field_titre($langs->trans("DateCreation"),"index.php","u.datec",$param,"",'align="center"',$sortfield,$sortorder);`
			`print_liste_field_titre($langs->trans("LastConnexion"),"index.php","u.datelastlogin",$param,"",'align="center"',$sortfield,$sortorder);`
Oubli du param sortorder dans les appels de print_liste_field_titre 2007-11-11 16:55:45 +01:00			`print_liste_field_titre($langs->trans("Status"),"index.php","u.status",$param,"",'align="right"',$sortfield,$sortorder);`
Look: Modifications esth�tiques mineures. 2004-11-03 23:00:47 +01:00			`print "</tr>\n";`
			`$var=True;`
			`while ($i < $num)`
* empty log message * 2002-12-23 00:40:26 +01:00			`{`
Fix: Conditionnement de l'onglet clicktodial sur l'activation du module ou non 2005-03-06 17:01:38 +01:00			`$obj = $db->fetch_object($result);`
Look: Modifications esth�tiques mineures. 2004-11-03 23:00:47 +01:00			`$var=!$var;`

			`print "<tr $bc[$var]>";`
Fix: Affichage statut sur liste des users. 2007-02-26 01:00:03 +01:00			`print '<td><a href="fiche.php?id='.$obj->rowid.'">'.img_object($langs->trans("ShowUser"),"user").' '.$obj->login.'</a>';`
Fix: avoid warning 2011-08-21 12:01:36 +02:00			`if (! empty($conf->multicompany->enabled) && $obj->admin && ! $obj->entity)`
Look: Modifications esth�tiques mineures. 2004-11-03 23:00:47 +01:00			`{`
Qual: Mutualize a lot of duplicate functions into functions.lib.php 2011-08-17 17:56:22 +02:00			`print img_picto($langs->trans("SuperAdministrator"),'redstar');`
New: early development of multi-company module 2009-04-27 22:37:50 +02:00			`}`
			`else if ($obj->admin)`
			`{`
			`print img_picto($langs->trans("Administrator"),'star');`
Look: Modifications esth�tiques mineures. 2004-11-03 23:00:47 +01:00			`}`
Fix: Affichage statut sur liste des users. 2007-02-26 01:00:03 +01:00			`print '</td>';`
New: Ajout possibilit� de mettre des permissions sur les groupes New: Possibilit� de supprimer un groupe 2005-02-26 15:23:54 +01:00			`print '<td>'.ucfirst($obj->name).'</td>';`
			`print '<td>'.ucfirst($obj->firstname).'</td>';`
Possibilit� pour un user de modifier ces infos (pour pouvoir modifier le mot de passe, il faut que la constante USER_ALLOW_PASSWORD_CHANGE soit d�finie). 2005-09-26 03:01:53 +02:00			`print "<td>";`
			`if ($obj->fk_societe)`
			`{`
Fix: uniformize code 2010-10-29 18:08:54 +02:00			`$companystatic->id=$obj->fk_societe;`
			`$companystatic->nom=$obj->nom;`
			`$companystatic->canvas=$obj->canvas;`
			`print $companystatic->getNomUrl(1);`
Possibilit� pour un user de modifier ces infos (pour pouvoir modifier le mot de passe, il faut que la constante USER_ALLOW_PASSWORD_CHANGE soit d�finie). 2005-09-26 03:01:53 +02:00			`}`
Fix: avoid warning 2011-08-21 12:01:36 +02:00			`else if (! empty($conf->multicompany->enabled))`
multi-company module enhancement 2011-08-19 09:22:17 +02:00			`{`
problem synchro git<->cvs !!! 2011-09-22 12:55:37 +02:00			`if (! $obj->entity)`
multicompany enhancement (in progress) 2011-08-20 00:15:22 +02:00			`{`
			`print $langs->trans("AllEntities");`
			`}`
			`else`
			`{`
			`$mc = new ActionsMulticompany($db);`
			`$mc->getInfo($obj->entity);`
			`print $mc->label;`
			`}`
multi-company module enhancement 2011-08-19 09:22:17 +02:00			`}`
D�but ajout gestion utilisateurs ldap Modification de la classe ldap.lib.php en authldap.lib.php 2006-06-24 17:13:29 +02:00			`else if ($obj->ldap_sid)`
			`{`
			`print $langs->trans("DomainUser");`
			`}`
multicompany enhancement (in progress) 2011-08-20 00:15:22 +02:00			`else`
			`{`
			`print $langs->trans("InternalUser");`
			`}`
Possibilit� pour un user de modifier ces infos (pour pouvoir modifier le mot de passe, il faut que la constante USER_ALLOW_PASSWORD_CHANGE soit d�finie). 2005-09-26 03:01:53 +02:00			`print '</td>';`
Fix: Search of user scan also login 2009-01-31 01:15:34 +01:00
Affiche date derniere connexion 2007-11-16 04:30:07 +01:00			`// Date creation`
New: Date of user and group creation contains hour 2011-05-25 11:51:01 +02:00			`print '<td nowrap="nowrap" align="center">'.dol_print_date($db->jdate($obj->datec),"dayhour").'</td>';`
Affiche date derniere connexion 2007-11-16 04:30:07 +01:00
			`// Date last login`
Remove pdate functions 2010-05-08 18:29:37 +02:00			`print '<td nowrap="nowrap" align="center">'.dol_print_date($db->jdate($obj->datelastlogin),"dayhour").'</td>';`
Fix: Affichage statut sur liste des users. 2007-02-26 01:00:03 +01:00
			`// Statut`
			`$userstatic->statut=$obj->statut;`
			`print '<td width="100" align="right">'.$userstatic->getLibStatut(5).'</td>';`
Look: Modifications esth�tiques mineures. 2004-11-03 23:00:47 +01:00			`print "</tr>\n";`
			`$i++;`
* empty log message * 2002-12-23 00:40:26 +01:00			`}`
Look: Modifications esth�tiques mineures. 2004-11-03 23:00:47 +01:00			`print "</table>";`
Fix: Conditionnement de l'onglet clicktodial sur l'activation du module ou non 2005-03-06 17:01:38 +01:00			`$db->free($result);`
* empty log message * 2002-12-23 00:40:26 +01:00			`}`
Look: Modifications esth�tiques mineures. 2004-11-03 23:00:47 +01:00			`else`
* empty log message * 2002-12-23 00:40:26 +01:00			`{`
Qual: All call to dolibarr_ functions are made on dol_ functions. 2009-02-20 23:53:15 +01:00			`dol_print_error($db);`
Massive updates 2002-05-06 21:10:48 +02:00			`}`

			`$db->close();`

Fix: remove obsolete tags (in progress) 2011-08-27 16:24:16 +02:00			`llxFooter();`
Massive updates 2002-05-06 21:10:48 +02:00			`?>`