Ajout fonctionnement de la possibilité globale d'éditer ou pas
This commit is contained in:
Caribana
parent
093e50187a
commit
242dfa74c8
@ -8,11 +8,19 @@ require_once 'vendor/autoload.php';
|
|||||||
$aid = $_GET['aid'];
|
$aid = $_GET['aid'];
|
||||||
$isAdmin = $_SESSION['admin']==1;
|
$isAdmin = $_SESSION['admin']==1;
|
||||||
|
|
||||||
|
$isEditable = $_SESSION['allowedit']==1;
|
||||||
if(!$userid) {
|
if(!$userid) {
|
||||||
syslog(LOG_ERR, "Unauthorized access to form page aid:$aid from : {$_SERVER['REMOTE_ADDR']} ({$_SERVER['HTTP_USER_AGENT']})");
|
syslog(LOG_ERR, "Unauthorized access to form page aid:$aid from : {$_SERVER['REMOTE_ADDR']} ({$_SERVER['HTTP_USER_AGENT']})");
|
||||||
header('Location: accred_list');
|
header('Location: accred_list');
|
||||||
die();
|
die();
|
||||||
}
|
}
|
||||||
|
if(!$isAdmin && $isEditable!=1) {
|
||||||
|
syslog(LOG_ERR, "Unauthorized access to form page aid by non editable user :$aid from : {$_SERVER['REMOTE_ADDR']} ({$_SERVER['HTTP_USER_AGENT']})");
|
||||||
|
header('Location: accred_list');
|
||||||
|
die();
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
$uname = $_SESSION['name'];
|
$uname = $_SESSION['name'];
|
||||||
if($_POST['btncancel']) {
|
if($_POST['btncancel']) {
|
||||||
header('Location: accred_list');
|
header('Location: accred_list');
|
||||||
|
|||||||
@ -9,9 +9,9 @@
|
|||||||
// CSRF Counter-measure
|
// CSRF Counter-measure
|
||||||
$token = md5(uniqid(rand(), TRUE));
|
$token = md5(uniqid(rand(), TRUE));
|
||||||
$_SESSION['state'] = $token;
|
$_SESSION['state'] = $token;
|
||||||
|
|
||||||
$userid = $_SESSION['uid'];
|
$userid = $_SESSION['uid'];
|
||||||
$isAdmin = $_SESSION['admin']==1;
|
$isAdmin = $_SESSION['admin']==1;
|
||||||
|
$isEditable = $_SESSION['allowedit']==1;
|
||||||
// Bail out if not logged in
|
// Bail out if not logged in
|
||||||
if($userid=='') {
|
if($userid=='') {
|
||||||
header("location: index?");
|
header("location: index?");
|
||||||
@ -240,13 +240,21 @@ if ($mysqli->connect_errno) {
|
|||||||
|
|
||||||
<body <?php if($isAdmin) echo 'class="admin" '; else echo 'class="user" '; ?>>
|
<body <?php if($isAdmin) echo 'class="admin" '; else echo 'class="user" '; ?>>
|
||||||
<div class="right-blob"><span id="identification">Bienvenue <?php echo $_SESSION['name']; if($isAdmin) echo ", tu es admin";?></span><br>
|
<div class="right-blob"><span id="identification">Bienvenue <?php echo $_SESSION['name']; if($isAdmin) echo ", tu es admin";?></span><br>
|
||||||
|
<?php if($isEditable) { ?>
|
||||||
|
|
||||||
|
<span class="identification">Le formulaire est ouvert, les utilisateurs peuvent modifier ou ajouter des demandes</span><br>
|
||||||
|
<?php } else { ?>
|
||||||
|
<span class="identification">Le formulaire est fermé, les utilisateurs ne peuvent plus modifier ou ajouter des demandes</span><br>
|
||||||
|
<?php } ?>
|
||||||
<div id="uid" style="display:none"><?php echo $userid;?></div></div>
|
<div id="uid" style="display:none"><?php echo $userid;?></div></div>
|
||||||
<h1>Commande</h1>
|
<h1>Commande</h1>
|
||||||
<div id="tblContent">
|
<div id="tblContent">
|
||||||
<table id="example" class="display" cellspacing="0" width="100%">
|
<table id="example" class="display" cellspacing="0" width="100%">
|
||||||
<thead>
|
<thead>
|
||||||
<ul>
|
<ul>
|
||||||
|
<?php if($isAdmin || $isEditable==1) { ?>
|
||||||
<li> <a href="accred_form">Nouvelle demande</a></li>
|
<li> <a href="accred_form">Nouvelle demande</a></li>
|
||||||
|
<?php } ?>
|
||||||
<?php if($isAdmin) { ?>
|
<?php if($isAdmin) { ?>
|
||||||
<li> <a href="./accred_list?o=excel">Export Excel</a></li>
|
<li> <a href="./accred_list?o=excel">Export Excel</a></li>
|
||||||
<?php } ?>
|
<?php } ?>
|
||||||
@ -347,9 +355,9 @@ $(document).ready(function(){
|
|||||||
$(td).addClass('bck-check <?php if($isAdmin) echo " editable"; ?>');
|
$(td).addClass('bck-check <?php if($isAdmin) echo " editable"; ?>');
|
||||||
break;
|
break;
|
||||||
case "1":
|
case "1":
|
||||||
$(td).addClass('bck-edit editable');
|
$(td).addClass('bck-edit <?php if($isAdmin || $isEditable==1) echo " editable"; ?>');
|
||||||
break;
|
break;
|
||||||
case "2":
|
case "3":
|
||||||
$(td).addClass('bck-processed');
|
$(td).addClass('bck-processed');
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user