dolibarr/htdocs/user/fiche.php

<?PHP
/* Copyright (C) 2002-2004 Rodolphe Quiedeville <rodolphe@quiedeville.org>
 * Copyright (C) 2002-2003 Jean-Louis Bergamo   <jlb@j1b.org>
 * Copyright (C) 2004      Laurent Destailleur  <eldy@users.sourceforge.net>
 *
 * This program is free software; you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
 * the Free Software Foundation; either version 2 of the License, or
 * (at your option) any later version.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
 * along with this program; if not, write to the Free Software
 * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
 *
 * $Id$
 * $Source$
 */

require("./pre.inc.php");

$form = new Form($db);

$action=isset($_GET["action"])?$_GET["action"]:$_POST["action"];

if ($_GET["subaction"] == 'addrights' && $user->admin)
{
    $edituser = new User($db,$_GET["id"]);
    $edituser->addrights($_GET["rights"]);
}

if ($_GET["subaction"] == 'delrights' && $user->admin)
{
    $edituser = new User($db,$_GET["id"]);
    $edituser->delrights($_GET["rights"]);
}

if ($_POST["action"] == 'confirm_delete' && $_POST["confirm"] == "yes")
{
    if ($id <> $user->id)
    {
        $edituser = new User($db, $id);
        $edituser->fetch($id);
        $edituser->delete();
        Header("Location: index.php");
    }
}

if ($_POST["action"] == 'add' && $user->admin)
{
    $edituser = new User($db,0);

    $edituser->nom    = $_POST["nom"];
    $edituser->note   = $_POST["note"];
    $edituser->prenom = $_POST["prenom"];
    $edituser->login  = $_POST["login"];
    $edituser->email  = $_POST["email"];
    $edituser->admin  = $_POST["admin"];
    $edituser->webcal_login  = $_POST["webcal_login"];

    $id = $edituser->create();
    if (isset($_POST['password']) && $_POST['password']!='' )
    {
        $edituser->password($_POST['password'],$conf->password_encrypted);
    }
}

if ($_POST["action"] == 'update' && $user->admin)
{
  $edituser = new User($db, $_GET["id"]);
  $edituser->fetch();

  $edituser->nom           = $_POST["nom"];
  $edituser->note          = $_POST["note"];
  $edituser->prenom        = $_POST["prenom"];
  $edituser->login         = $_POST["login"];
  $edituser->email         = $_POST["email"];
  $edituser->admin         = $_POST["admin"];
  $edituser->webcal_login  = $_POST["webcal_login"];
  
  if (! $edituser->update())
    {
      print $edituser->error();
    }
  if (isset($password) && $password !='' )
    {
      $edituser->password($password,$conf->password_encrypted);
    }
}

if ($action == 'password' && $user->admin)
{
    $edituser = new User($db, $id);
    $edituser->fetch();

    if ($edituser->password('',$conf->password_encrypted))
    {
        $message = "Mot de passe chang<6E> et envoy<6F> <20> $edituser->email";
    }
}


llxHeader();


/* ************************************************************************** */
/*                                                                            */
/* Nouvel utilisateur                                                         */
/*                                                                            */
/* ************************************************************************** */

if ($action == 'create')
{

    print_titre('Nouvel utilisateur');

    print '<form action="fiche.php" method="post">';
    print '<input type="hidden" name="action" value="add">';

    print '<table class="border" width="100%" cellpadding="3" cellspacing="0">';

    print '<tr><td valign="top" width="20%">Pr<50>nom</td>';
    print '<td class="valeur"><input size="30" type="text" name="prenom" value=""></td></tr>';

    print "<tr>".'<td valign="top">Nom</td>';
    print '<td class="valeur"><input size="30" type="text" name="nom" value=""></td></tr>';

    print "<tr>".'<td valign="top">Login</td>';
    print '<td class="valeur"><input size="20" type="text" name="login" value=""></td></tr>';

    print "<tr>".'<td valign="top">Password</td>';
    print '<td class="valeur"><input size="30" type="text" name="password" value=""></td></tr>';

    print "<tr>".'<td valign="top">Email</td>';
    print '<td class="valeur"><input size="40" type="text" name="email" value=""></td></tr>';

    print "<tr>".'<td valign="top">Admin</td>';
    print '<td class="valeur">';
    $form->selectyesnonum('admin',0);
    print "</td></tr>\n";

    if (defined("MAIN_MODULE_WEBCALENDAR"))
    {
        print "<tr>".'<td valign="top">Login Webcal</td>';
        print '<td class="valeur"><input size="30" type="text" name="webcal_login" value=""></td></tr>';
    }

    print "<tr>".'<td valign="top">Note</td><td>';
    print "<textarea name=\"note\" rows=\"12\" cols=\"40\">";
    print "</textarea></td></tr>\n";

    print "<tr>".'<td align="center" colspan="2"><input value="Enregistrer" type="submit"></td></tr>';
    print "</form>";
    print "</table>\n";
}
/* ************************************************************************** */
/*                                                                            */
/* Visu et edition                                                            */
/*                                                                            */
/* ************************************************************************** */
else
{
    if ($_GET["id"])
    {
        $fuser = new User($db, $_GET["id"]);
        $fuser->fetch();

        /*
         * Confirmation suppression
         */
        if ($action == 'delete')
        {
            print_fiche_titre("Suppression fiche utilisateur",$message);
            print '<br>';

            $html = new Form($db);
            $html->form_confirm("$PHP_SELF?id=$fuser->id","D<EFBFBD>sactiver cet utilisateur","Etes-vous s<>r de vouloir d<>sactiver cet utilisateur ?","confirm_delete");
        }

        if ($_GET["action"] == 'perms')
        {
            print_fiche_titre("Permissions utilisateur",$message);
            print '<br>';

            /*
             * Ecran ajout/suppression permission
             */

            print '<table class="border" width="100%" border="0" cellpadding="3" cellspacing="0">';

            print '<tr><td width="25%" valign="top">Nom</td>';
            print '<td width="25%" class="valeur">'.$fuser->nom.'</td>';
            print '<td width="25%" valign="top">Pr<50>nom</td>';
            print '<td width="25%" class="valeur">'.$fuser->prenom.'</td></tr>';

            // Droits existant
            print "<tr>".'<td valign="top" colspan="2">';
            print '<table width="100%" class="noborder" cellpadding="2" cellspacing="0">';
            $sql = "SELECT r.id, r.libelle, r.module FROM ".MAIN_DB_PREFIX."rights_def as r ORDER BY r.id ASC";

            if ($db->query($sql))
            {
                $num = $db->num_rows();
                $i = 0;
                $var = True;
                while ($i < $num)
                {
                    $obj = $db->fetch_object($i);
                    if ($oldmod <> $obj->module)
                    {
                        $oldmod = $obj->module;
                        $var = !$var;
                    }
                    print '<tr '. $bc[$var].'><td><a href="fiche.php?id='.$fuser->id.'&amp;action=perms&amp;subaction=addrights&amp;rights='.$obj->id.'">Ajouter</a></td>';
                    print '<td>'.$obj->libelle . '</td><td>'.$obj->module . '</td></tr>';

                    $i++;
                }
            }
            print '</table>';

            print '</td><td colspan="2" valign="top">';

            // Droits poss<73>d<EFBFBD>s
            print '<table class="noborder" width="100%" cellpadding="2" cellspacing="0">';
            $sql = "SELECT r.id, r.libelle, r.module FROM ".MAIN_DB_PREFIX."rights_def as r, ".MAIN_DB_PREFIX."user_rights as ur";
            $sql .= " WHERE ur.fk_id = r.id AND ur.fk_user = ".$fuser->id. " ORDER BY r.id ASC";
            $var = True;
            if ($db->query($sql))
            {
                $num = $db->num_rows();
                $i = 0;
                while ($i < $num)
                {
                    $obj = $db->fetch_object($i);
                    if ($oldmod <> $obj->module)
                    {
                        $oldmod = $obj->module;
                        $var = !$var;
                    }

                    print "<tr $bc[$var]><td>".$obj->libelle . '</td><td>'.$obj->module . '</td>';
                    print '<td align="right"><a href="fiche.php?id='.$fuser->id.'&amp;action=perms&amp;subaction=delrights&amp;rights='.$obj->id.'">'.img_delete().'</a></td></tr>';
                    $i++;
                }
            }
            print '</table>';
            print '</td></tr>';
            print "<tr>".'<td align="center" colspan="4"><a href="fiche.php?id='.$id.'">ok</a></td></tr></table>';
        }


        if ($_GET["action"] != 'perms' && $_GET["action"] != 'edit')
        {

            /*
             * Affichage onglet
             */
            $h = 0;

            $head[$h][0] = DOL_URL_ROOT.'/user/fiche.php?id='.$fuser->id;
            $head[$h][1] = "Fiche utilisateur";
            $h++;

            dolibarr_fiche_head($head, $hselected);


            print '<table class="border" width="100%" cellpadding="3" cellspacing="0">';

            print "<tr>".'<td width="25%" valign="top">Nom</td>';
            print '<td width="25%" class="valeur">'.$fuser->nom.'</td>';
            print '<td width="25%" valign="top">Pr<50>nom</td>';
            print '<td width="25%" class="valeur">'.$fuser->prenom.'</td>';
            print "</tr>\n";

            print "<tr>".'<td width="25%" valign="top">Login</td>';
            print '<td width="25%"  class="valeur">'.$fuser->login.'</td>';
            print '<td width="25%" valign="top">Email</td>';
            print '<td width="25%" class="valeur"><a href="mailto:'.$fuser->email.'">'.$fuser->email.'</a></td>';
            print "</tr>\n";
            
            print "<tr>".'<td width="25%" valign="top">Administrateur</td>';
            print '<td colspan="3" class="valeur">'.$yn[$fuser->admin].'</td>';
            print "</tr>\n";

            print "<tr>".'<td width="25%" valign="top">Id Soci<63>t<EFBFBD></td>';
            print '<td colspan="3" class="valeur">'.$fuser->societe_id.'&nbsp;</td>';
            print "</tr>\n";

            print "<tr>".'<td width="25%" valign="top">Fiche contact</td>';
            print '<td colspan="3" valign="top">';
            if ($fuser->contact_id)
            {
                print '<a href="../comm/people.php?contactid='.$fuser->contact_id.'&amp;socid='.$fuser->societe_id.'">Fiche contact</a>';
            }
            else
            {
                print "Pas de fiche parmi les Contacts";
            }
            print '</td>';
            print "</tr>\n";

            print "<tr>".'<td width="25%" valign="top">Note</td>';
            print '<td colspan="3" class="valeur">'.nl2br($fuser->note).'&nbsp;</td>';
            print "</tr>\n";

            // Autres caract<63>ristiques issus des autres modules
            if (defined("MAIN_MODULE_WEBCALENDAR"))
            {
                print "<tr>".'<td width="25%" valign="top">Webcal Login</td>';
                print '<td colspan="3">'.$fuser->webcal_login.'&nbsp;</td>';
                print "</tr>\n";
            }

            print "</table>\n";
            print "<br>\n";
            
            print "</div>\n";

            /*
             * Droits
             */
            print '<table width="100%" class="noborder" cellpadding="0" cellspacing="0">';
            print '<tr class="liste_titre"><td>Droits</td><td>Module</td></tr>';
            $sql = "SELECT r.libelle, r.module FROM ".MAIN_DB_PREFIX."rights_def as r, ".MAIN_DB_PREFIX."user_rights as ur";
            $sql .= " WHERE ur.fk_id = r.id AND ur.fk_user = ".$fuser->id. " ORDER BY r.id ASC";
            $var = True;
            if ($db->query($sql))
            {
                $num = $db->num_rows();
                $i = 0;
                while ($i < $num)
                {
                    $obj = $db->fetch_object($i);
                    if ($oldmod <> $obj->module)
                    {
                        $oldmod = $obj->module;
                        $var = !$var;
                    }

                    print "<tr $bc[$var]><td>".$obj->libelle . '</td><td>'.$obj->module."</td></tr>\n";
                    $i++;
                }
            }
            print "</table>\n";
            print "<br>\n";

            /*
             * Barre d'actions
             *
             */
            print '<div class="tabsAction">';

            if ($user->admin)
            {
                print '<a class="tabAction" href="fiche.php?action=edit&amp;id='.$fuser->id.'">Editer</a>';
            }

            if ($user->id == $id or $user->admin)
            {
                print '<a class="tabAction" href="fiche.php?action=password&amp;id='.$fuser->id.'">Envoyer nouveau mot de passe</a>';
            }

            if ($user->admin)
            {
                print '<a class="tabAction" href="fiche.php?action=perms&amp;id='.$fuser->id.'">Permissions</a>';
            }

            if ($user->admin && $user->id <> $id)
            {
                print '<a class="tabAction" href="fiche.php?action=delete&amp;id='.$fuser->id.'">D<>sactiver utilisateur</a>';
            }

            print "</div>\n";
            print "<br>\n";

        }

        /* ************************************************************************** */
        /*                                                                            */
        /* Edition                                                                    */
        /*                                                                            */
        /* ************************************************************************** */
        if ($action == 'edit' && $user->admin && !$fuser->societe_id)
        {
            print_fiche_titre("Edition fiche utilisateur",$message);
            print '<br>';

            print '<form action="fiche.php?id='.$fuser->id.'" method="post">';
            print '<input type="hidden" name="action" value="update">';
            print '<table class="border" border="1" cellpadding="3" cellspacing="0">';

            print "<tr>".'<td valign="top">Nom</td>';
            print '<td><input size="30" type="text" name="nom" value="'.$fuser->nom.'"></td></tr>';

            print "<tr>".'<td valign="top">Pr<50>nom</td>';
            print '<td><input size="20" type="text" name="prenom" value="'.$fuser->prenom.'"></td></tr>';

            print "<tr>".'<td valign="top">Login</td>';
            print '<td><input size="10" maxlength="8" type="text" name="login" value="'.$fuser->login.'"></td></tr>';

            print "<tr>".'<td valign="top">Email</td>';
            print '<td><input size="30" type="text" name="email" value="'.$fuser->email.'"></td></tr>';

            print "<tr>".'<td valign="top">Admin ?</td>';
            print '<td class="valeur">';
            $form->selectyesnonum('admin',$fuser->admin);
            print '</td></tr>';

            print "<tr>".'<td valign="top">Login Webcal</td>';
            print '<td class="valeur"><input size="30" type="text" name="webcal_login" value="'.$fuser->webcal_login.'"></td></tr>';

            print "<tr>".'<td valign="top">Note</td><td>';
            print "<textarea name=\"note\" rows=\"12\" cols=\"40\">";
            print $fuser->note;
            print "</textarea></td></tr>";

            print "<tr>".'<td align="center" colspan="3"><input value="Enregistrer" type="submit"></td></tr>';
            print '</form>';
            print '</table>';
        }

    }

}

$db->close();

llxFooter("<em>Derni&egrave;re modification $Date$ r&eacute;vision $Revision$</em>");
?>