Revision 1 | Blame | Vergleich mit vorheriger | Letzte Änderung | Log anzeigen | RSS feed
<?php/*** @package Content-management* @author Lars Tiefland <tiefland@weban.de>* @copyright 2010 Webagentur Niewerth* @license propietary http://www.weban.de* @version $Rev: 4010 $* @filesource**//**** @package Content-management* @author Lars Tiefland <tiefland@weban.de>* @copyright 2010 Webagentur Niewerth*/// SVN: $Id: logins.php 4010 2011-10-21 21:52:41Z www-data $define( "Range", 100 );$self = basename( $PHP_SELF );$DB = "Logins";define( "modul_name", "logins" );define( "tool_name", "admin" );require_once "../toolbox/common.php";require_once "smarty/libs/SmartyPaginate.class.php";if ( !$_GET["ID"] ){require_once "includes/pagination.php";}$GLOBALS["ui"]->compile_id = "logins|" . $webs["ID"];$action = $_REQUEST["action"];$suchname = $_REQUEST["suchname"];$select = $_REQUEST["select"];$sort = $_REQUEST["sort"];$ex_knr = $_REQUEST["ex_knr"];$GLOBALS["ui"]->assign( "ex_knr", $ex_knr );$GLOBALS["ui"]->assign( "cur_kat", $select );$GLOBALS["ui"]->assign( "suchname", $suchname );$start = ( $_REQUEST["start"] ) ? $_REQUEST["start"] : 0;unset( $_POST["pwdcheck"] );if ( $_POST["action"] == "import" ){srand( ( double )microtime() * 1000000 );$filename = "/web/apache/temp/" . $site . "_" . rand() ."_importliste.cvs";move_uploaded_file( $_FILES['import_file']['tmp_name'], $filename );chmod( $filename, 0777 );$queries = array();$queries[] = "delete from $DB;";$queries[] = "LOAD DATA INFILE \"" . $filename . "\" INTO TABLE $DB FIELDS TERMINATED BY ';' IGNORE 1 LINES (" .$web_rechte[modul_name][tool_name]["import_feldliste"] . ");";$queries[] = "update $DB set erstellt_von='$PHP_AUTH_USER', erstellt_am=NOW(), letzte_Aenderung_von='$PHP_AUTH_USER'";foreach ( $queries as $query ){mysql_query( $query ) or die( mysql_errno() . ": " . mysql_error() . "<hr>" . $query . "<hr>" );}unlink( $filename );}if ( $action == "update" ){$mail = false;if ( !$ID ){ // insert Dummy-Entry$query = "insert into $DB (erstellt_am,erstellt_von) VALUES (NOW(),'$PHP_AUTH_USER')";$result = mysql_query( $query ) or die( mysql_errno() . ": " .mysql_error() . "<hr>" . $query . "<hr>" );$ID = mysql_insert_id();if ( file_exists( "$site.xml" ) && isset( $_POST["send_mail"] ) ){$mail = true;}}unset( $_POST["action"] );unset( $_POST["ID"] );if ( $_POST["passwd"] ){if ( !function_exists( "hash" ) ){switch ( strtolower( $web_rechte[modul_name][tool_name]["passwd"] ) ){case "sha1":$_POST["passwd"] = sha1( $_POST["passwd"] );break;case "md5":$_POST["passwd"] = md5( $_POST["passwd"] );break;case "crypt":default:$_POST["passwd"] = crypt( $_POST["passwd"] );break;}} elseif ( in_array( strtolower( $web_rechte[modul_name][tool_name]["passwd"] ),hash_algos() ) ){$_POST["passwd"] = hash( $web_rechte[modul_name][tool_name]["passwd"],$_POST["passwd"] );} elseif ( strtolower( $web_rechte[modul_name][tool_name]["passwd"] ) == "" ||strtolower( $web_rechte[modul_name][tool_name]["passwd"] ) =="crypt" ){$_POST["passwd"] = crypt( $_POST["passwd"] );}}else{unset( $_POST["passwd"] );}foreach ( array_keys( $_POST ) as $elem ){if ( in_array( $elem, array( "Datum1", "Datum2","Eintrittsdatum", "Austrittsdatum", "Beitrag_bezahlt","Beitrag_letztes", "Mitgliedskarte" ) ) ){$_POST[$elem] = human2date( $_POST[$elem] );}if ( $elem[0] == "_" ){unset( $_POST[$elem] );$button = $$elem;$elem = substr( $elem, 1 );$Pfad = $_POST[$elem . "_Pfad"];unset( $_POST[$elem . "_Pfad"] );$image = $$elem;$image_name = $elem . "_name";$image_name = urlencode( $$image_name );switch ( $button ){case 0:break;case 1:$_POST[$elem] = '';break;case 2://$image_name=$ID."_".$image_name;// copy( $image, $Pfad . $image_name );// $Imagenummer extrahieren$Imagenummer = explode( "_", $elem );$Imagenummer = $Imagenummer[1];$DatenID = "bild" . $Imagenummer;//$web_rechte[modul_name][tool_name][$DatenID] = "Bild:;500;500;180x180;180;180;120x120;120;120;80x120;80;120;30x30;30;30";$Imagedaten = array_chunk( explode( ";", $web_rechte[modul_name][tool_name][$DatenID] ),3 );$Imagedaten[0][0] = "";// Höhe und Breite des Bildes bestimmen$imgsize = GetImageSize( $image );// $imgsize[0] $imgsize[1]$image_name = $ID . strrchr( $image_name, "." );$_POST[$elem] = $image_name;foreach ( $Imagedaten as $ImagedatenSet ){if ( $ImagedatenSet[0] != "" ){$ImagedatenSet[0] .= "/";}// ---- Hier wird abgefragt ob das Bild verkleinert werden soll ---- //if ( count( $ImagedatenSet ) == 3 ){if ( ( $imgsize[0] > $ImagedatenSet[1] ) or( $imgsize[1] > $ImagedatenSet[2] ) ){$cmd = "convert -scale " . $ImagedatenSet[1] ."x" . $ImagedatenSet[2] . " " . $image ." " . $Pfad . $ImagedatenSet[0] . $image_name;//pre($cmd);exec( $cmd );}else{copy( $image, $Pfad . $ImagedatenSet[0] .$image_name );}}else{copy( $image, $Pfad . $ImagedatenSet[0] . $image_name );}}break;default:break;}} elseif ( $elem == "rabatt" && isset( $user_rechte["logins"]["admin"]["rabatt"] ) ){if ( stristr( $_POST[$elem], "%" ) ){$_POST[$elem] *= -1;}}}$names = array();foreach ( array_keys( $_POST ) as $elem ){array_push( $names, "$elem='" . mysql_real_escape_string( $_POST[$elem] ) ."'" );}$query = "update $DB set " . join( $names, ', ' );$query = $query .", letzte_Aenderung_am=NOW(), letzte_Aenderung_von='$PHP_AUTH_USER' where ID = '$ID'";$result = mysql_query( $query ) or die( mysql_errno() . ": " .mysql_error() );if ( $mail ){require_once "Config.php";require_once "../Warenwirtschaft/MailClient/mail_func.php";$cfg = new Config();$conf = $cfg->parseConfig( $site . ".xml", "xml" );if ( PEAR::isError( $conf ) ){die( $conf->getMessage() );}$conf = $conf->toArray();$text = $conf["root"]["mail"]["text"];$subject = $conf["root"]["mail"]["subject"];$extra = $conf["root"]["mail"]["extra"];$text = sprintf( $text, $_POST["Name1"], $_POST["user"], $_POST["passwd"],$url );send_email( $_POST["E_Mail"], $subject, $text, $extra );}header( "Location: " . $self );}// Bilderuploadforeach ( array_keys( $_POST ) as $elem ){if ( $elem[0] == "_" ){unset( $_POST[$elem] );$button = $$elem;$elem = substr( $elem, 1 );$Pfad = $_POST[$elem . "_Pfad"];unset( $_POST[$elem . "_Pfad"] );$image = $$elem;$image_name = $elem . "_name";$image_name = urlencode( $$image_name );switch ( $button ){case 0:break;case 1:$_POST[$elem] = '';break;case 2:$image_name = $ID . "_" . $language . "_" . $image_name;//$image_name=$ID.strrchr($image_name,".");$_POST[$elem] = $image_name;// $Imagenummer extrahieren$Imagenummer = explode( "_", $elem );$Imagenummer = $Imagenummer[1];$DatenID = "bild" . $Imagenummer;//$web_rechte[modul_name][tool_name][$DatenID] = "Bild:;500;500;180x180;180;180;120x120;120;120;80x120;80;120;30x30;30;30";$Imagedaten = array_chunk( explode( ";", $web_rechte[modul_name][tool_name][$DatenID] ),3 );$Imagedaten[0][0] = "";/*Imagedaten möglich Werte:0: Titel des Feldes1: max. Breite für Bild1 (original)2: max. Höhe für Bild1 (original)3: Pfad für Bild4: max. Breite für Bild5: max. Höhe für Bild.........*/// Höhe und Breite des Bildes bestimmen$imgsize = GetImageSize( $image );// $imgsize[0] $imgsize[1]foreach ( $Imagedaten as $ImagedatenSet ){if ( $ImagedatenSet[0] != "" ){$ImagedatenSet[0] .= "/";}// ---- Hier wird abgefragt ob das Bild verkleinert werden soll ---- //if ( count( $ImagedatenSet ) == 3 ){if ( ( $imgsize[0] > $ImagedatenSet[1] ) or ( $imgsize[1] >$ImagedatenSet[2] ) ){$cmd = "convert -scale " . $ImagedatenSet[1] ."x" . $ImagedatenSet[2] . " " . $image ." " . $Pfad . $ImagedatenSet[0] . $image_name;pre( $cmd );exec( $cmd );}else{copy( $image, $Pfad . $ImagedatenSet[0] . $image_name );}}else{copy( $image, $Pfad . $ImagedatenSet[0] . $image_name );}}break;default:break;}}}if ( $action == "delete" ){if ( $ID ){$condition = array();$condition2 = array();foreach ( $ID as $elem ){array_push( $condition, " ID = '$elem'" );array_push( $condition2, " Logins = '$elem'" );}$cond = join( " or ", $condition );$cond2 = join( " or ", $condition2 );$query = "DELETE FROM $DB WHERE $cond";$result = mysql_query( "$query" ) or die( mysql_errno() . ": " .mysql_error() );$query = "delete from Logins_to_Verteiler WHERE $cond2";$result = mysql_query( "$query" );header( "Location: " . $self );}}if ( !$action ){$action = "select_edit";$_GET["action"] = $action;}if ( !$sort ){$sort = 'Status,user';}switch ( $action ){case "free_php":require_once $web_rechte[modul_name][tool_name]["php"];break;case "import":break;case "export":require_once "export_auswahl.php";break;case "edit":if ( $ID ){$_GET["login_id"] = $ID;unset( $_GET["ID"] );if ( isset( $user_rechte["logins"]["admin"]["user_orders"] ) ){require_once "../Warenwirtschaft/bestellungen_neu.php";$GLOBALS["ui"]->assign( "bestellungen_liste", $bestellungen_liste );}$felder = array( "*" );foreach ( array( "Datum1", "Datum2" ) as $fn ){if ( isset( $user_rechte[modul_name][tool_name][$fn] ) ){$felder[] = "date_format($fn ,'%d.%m.%Y') as $fn";}}if ( isset( $user_rechte[modul_name][tool_name]["Vereinsdaten"] ) ){foreach ( array( "Eintrittsdatum", "Austrittsdatum","Beitrag_bezahlt", "Beitrag_letztes","Mitgliedskarte" ) as $fn ){$felder[] = "date_format($fn ,'%d.%m.%Y') as $fn";}}if ( isset( $user_rechte["logins"]["admin"]["rabatt"] ) ){$felder[] = "rabatt";}$result = mysql_query( "SELECT" . implode( ", ", $felder ) . "FROM$DBwhereID = '$ID'" ) or die( mysql_errno() . ": " . mysql_error() );$zeile = mysql_fetch_assoc( $result );if ( $zeile["rabatt"] < 0 && isset( $user_rechte["logins"]["admin"]["rabatt"] ) ){$zeile["rabatt"] = abs( $zeile["rabatt"] ) . "%";}// ME: gibt es Zahlungsarten? STARTif ( isset( $user_rechte[modul_name][tool_name]["zahlungsart"] ) ){$sql = "select *fromzahlungsartenorder byid";if ( $q = mysql_query( $sql ) ){while ( $r = mysql_fetch_assoc( $q ) ){$zahlungsarten[] = $r;}$GLOBALS["ui"]->assign( "zahlungsarten", $zahlungsarten );}}// ME: gibt es Zahlungsarten? ENDE// ME: gibt es Zahlungsziele? STARTif ( isset( $user_rechte[modul_name][tool_name]["zahlungsziel"] ) ){$sql = "select *fromzahlungszieleorder byID";if ( $q = mysql_query( $sql ) ){while ( $r = mysql_fetch_assoc( $q ) ){$zahlungsziele[] = $r;}$GLOBALS["ui"]->assign( "zahlungsziele", $zahlungsziele );}}// ME: gibt es Zahlungsziele? ENDE$GLOBALS["ui"]->assign( "login", $zeile );}$GLOBALS["ui"]->assign( "file", "login.tpl" );break;case "select_edit":default:$query[] = "SELECT SQL_CALC_FOUND_ROWS * FROM $DB";if ( $suchname ){$search_query[] = "(Name1 like '%$suchname%' OR Vorname LIKE '%$suchname%' OR Name2 LIKE '%$suchname%')";}if ( $select != " " && $select != "" ){$search_query[] = "status='$select'";}if ( $ex_knr ){$search_query[] = "ex_knr='$ex_knr'";}if ( $plz ){$search_query[] = "plz LIKE '$plz%'";}if ( $search_query ){$query[] = "WHERE " . implode( " AND ", $search_query );}$query[] = "ORDER BY$sortLIMIT" . SmartyPaginate::getCurrentIndex() . "," . Range . "";$query = implode( " ", $query );$result = mysql_query( $query ) or die( mysql_errno() . ": " .mysql_error() . "<hr>$query" );while ( $row = mysql_fetch_assoc( $result ) ){$logins[] = $row;}$GLOBALS["ui"]->assign( "logins", $logins );$sql = "SELECTFOUND_ROWS() AS total";$res = mysql_query( $sql );$row = mysql_fetch_assoc( $res );$total = $row["total"];$GLOBALS["ui"]->assign( "total", $total );pagination( $total );$format_string = "Name1;, ;PLZ; ;ORT; / ;E_Mail";if ( $web_rechte[modul_name][tool_name][edit_string] ){$format_string = $web_rechte[modul_name][tool_name]["edit_string"];}$felder = explode( ";", $format_string );$GLOBALS["ui"]->assign( "felder", $felder );$GLOBALS["ui"]->assign( "file", "logins_select.tpl" );break;}if ( isset( $user_rechte[modul_name][tool_name]["auswahl"] ) ){$Feld = "userlevel";if ( isset( $user_rechte[modul_name][tool_name][$Feld] ) ){if ( !$web_rechte[modul_name][tool_name][$Feld] ){$web_rechte[modul_name][tool_name][$Feld] = " ;1;2;3;4;5;6";} elseif ( $web_rechte[modul_name][tool_name][$Feld][0] != " " ){$web_rechte[modul_name][tool_name][$Feld] = " ;" . $web_rechte[modul_name][tool_name][$Feld];}}$kats = explode( ";", $web_rechte[modul_name][tool_name][$Feld] );}$GLOBALS["ui"]->assign( "kats", $kats );$Feld = "Anrede";if ( !$web_rechte[modul_name][tool_name][$Feld] ){$web_rechte[modul_name][tool_name][$Feld] = " ;Herr;Frau;Firma";}else{$web_rechte[modul_name][tool_name][$Feld] = ( substr( stristr( $web_rechte[modul_name][tool_name][$Feld],';' ), 1 ) );}$anreden = explode( ";", $web_rechte[modul_name][tool_name][$Feld] );for ( $bild_nr = 1; $bild_nr <= 7; $bild_nr++ ){$Feld = "bild$bild_nr";if ( isset( $user_rechte[modul_name][tool_name][$Feld] ) ){$Felddaten = explode( ";", $web_rechte[modul_name][tool_name][$Feld] );if ( $Felddaten[0] ){$Bilddaten[$bild_nr]["name"] = $Felddaten[0];}else{$Bilddaten[$bild_nr]["name"] = "Bild " . $bild_nr;}$Bilddaten[$bild_nr]["img_name"] = "bild_" . $bild_nr . "_url";$Bilddaten[$bild_nr]["img_Path"] = $webs["verzeichnis"] ."/images/Login/Bild_" . $bild_nr . "/";if ( substr( $Felddaten[0], 0, 4 ) == "Doku" ){$Bilddaten[$bild_nr]["typ"] = "Dokument";}else{$Bilddaten[$bild_nr]["typ"] = "Bild";}}}$GLOBALS["ui"]->assign( "Bilddaten", $Bilddaten );$GLOBALS["ui"]->assign( "Language_neueintrag", $Language_neueintrag );$GLOBALS["ui"]->assign( "site", $site );$GLOBALS["ui"]->assign( "anreden", $anreden );$GLOBALS["ui"]->display( "logins.tpl" );?>