diff --git a/accred_form.php b/accred_form.php
index 4a9ecf6f..7c5b3d15 100644
--- a/accred_form.php
+++ b/accred_form.php
@@ -97,14 +97,19 @@ if($_POST['btnunfinalise']) {
$status = '1';
$updateStatus = true;
}
-
+if($_POST['btnprocess'] && $isAdmin) {
+ $status = '3';
+ $updateStatus = true;
+}
+// Escape string, mostly in case of quotes
+$d = $mysqli->real_escape_string(serialize($_POST));
if(!$aid) {
- $query = "INSERT INTO submissions (uid, status, name, created, formdata,modified) values('$userid',$status,'$username',null,'".serialize($_POST)."',NOW())";
+ $query = "INSERT INTO submissions (uid, status, name, created, formdata,modified) values('$userid',$status,'$username',null,'".$d."',NOW())";
syslog(LOG_INFO, "Create entry by uid: $userid / $uname from: {$_SERVER['REMOTE_ADDR']} ({$_SERVER['HTTP_USER_AGENT']})");
}
else {
- $query = "UPDATE submissions set modifieduid=$userid,formdata='".serialize($_POST)."'";
+ $query = "UPDATE submissions set modifieduid=$userid,formdata='".$d."'";
if($updateStatus) {
$query .= ",status=$status ";
}
@@ -113,7 +118,7 @@ else {
$query .= " AND uid=$userid";
}
syslog(LOG_INFO, "Update entry aid:$aid by uid: $userid / $uname from: {$_SERVER['REMOTE_ADDR']} ({$_SERVER['HTTP_USER_AGENT']})");
- $logquery = "INSERT INTO log (uid,aid,name,isadmin,operation,new,prev) SELECT '$userid',$aid,'$username', $isAdmin, 'update','".serialize($_POST)."', formdata FROM submissions WHERE ID=$aid";
+ $logquery = "INSERT INTO log (uid,aid,name,isadmin,operation,new,prev) SELECT '$userid',$aid,'$username', $isAdmin, 'update','".$d."', formdata FROM submissions WHERE ID=$aid";
}
$mysqli->query($logquery);
if (!$mysqli->query($query) ) {
@@ -145,7 +150,7 @@ die();
syslog(LOG_INFO, "Load entry aid:$aid by uid: $userid / $uname from: {$_SERVER['REMOTE_ADDR']} ({$_SERVER['HTTP_USER_AGENT']})");
$ar = unserialize($row['formdata']);
// Return to list if we are not admin and trying to edit a finalised form. Shame on us
- if(!$isAdmin && $row['status']==0) {
+ if(!$isAdmin && $row['status']!=1) {
header("location: accred_list");
die();
}
@@ -407,8 +412,12 @@ die();
if($row['status']==1) {
$form->add('submit', 'btnfinalise', 'Enregistrer et Finaliser');
}
+ if($row['status']==0 && $isAdmin) {
+ $form->add('submit', 'btnprocess', 'Marquer comme traité');
+ }
+
// Admins can un-finalise
- if($isAdmin && $row['status']==0) {
+ if($isAdmin && $row['status']==0 && $aid) {
$form->add('submit', 'btnunfinalise', 'Enregistrer et rendre éditable');
}
// $form->add('submit', 'btncancel', 'Annuler');
diff --git a/accred_list.php b/accred_list.php
index 7dbfc64f..5e135be8 100644
--- a/accred_list.php
+++ b/accred_list.php
@@ -63,7 +63,7 @@ if ($mysqli->connect_errno) {
}
// Now remove unwanted columns
foreach($master_array as $key => $val ) {
- if(!($key=='UID' || $key=='modifieduid' || $key=='btnsubmit' || $key=='btnfinalise' || $key=='formdata' || $key=='name_form')) {
+ if(!($key=='UID' || $key=='modifieduid' || $key=='btnsubmit' || $key=='btnfinalise' || $key=='btnprocess' || $key=='formdata' || $key=='name_form')) {
$header[$key] = $key;
}
}
@@ -80,7 +80,19 @@ $line = 1;
unset($fr);
foreach($header as $key => $val) {
if($key=='status') {
- $fr[$key] = $or[$key]==0 ? 'Finalisé' : 'Ouvert';
+ $disp = 'Indéfini';
+ switch($or[$key]) {
+ case 0:
+ $disp = 'Finalisé';
+ break;
+ case 1:
+ $disp = 'Ouvert';
+ break;
+ case 2:
+ $disp = 'Traité';
+ break;
+ }
+ $fr[$key] = $disp;
}
else {
$fr[$key] = $or[$key];
@@ -131,7 +143,19 @@ $line = 1;
unset($fr);
foreach($header as $key => $val) {
if($key=='status') {
- $fr[$key] = $or[$key]==0 ? 'Finalisé' : 'Ouvert';
+ $disp = 'Indéfini';
+ switch($or[$key]) {
+ case 0:
+ $disp = 'Finalisé';
+ break;
+ case 1:
+ $disp = 'Ouvert';
+ break;
+ case 2:
+ $disp = 'Traité';
+ break;
+ }
+ $fr[$key] = $disp;
}
else {
$fr[$key] = $or[$key];
@@ -325,6 +349,9 @@ $(document).ready(function(){
case "1":
$(td).addClass('bck-edit editable');
break;
+ case "2":
+ $(td).addClass('bck-processed');
+ break;
}
}
diff --git a/accred_style.css b/accred_style.css
index 62542711..581705d6 100644
--- a/accred_style.css
+++ b/accred_style.css
@@ -32,13 +32,13 @@ color: #e50350;
}
- .bck-check {
+.bck-check {
background-image: url("sign-check-icon.png");
background-size: contain;
background-repeat: no-repeat;
}
-.bck-edit:before, .bck-check:before {
+.bck-edit:before, .bck-check:before, .bck-processed:before {
position : absolute;
opacity : 0;
}
@@ -46,6 +46,9 @@ color: #e50350;
.editable:before {
content : "Clique ici pour editer cette commande";
}
+.bck-processed:before {
+ content: "Cette commande a été traitée"
+}
.user .bck-check:before {
content: "Cette demande a été finalisée et ne peut plus être modifiée";
}
@@ -53,7 +56,7 @@ color: #e50350;
opacity : 1;
}
-.editable:hover:before, .bck-check:hover:before {
+.editable:hover:before, .bck-check:hover:before, .bck-processed:hover:before {
opacity : 1;
background-color:#999; color: White;
@@ -68,6 +71,12 @@ background-color:#999; color: White;
background-repeat: no-repeat;
cursor: pointer;
}
+.bck-processed {
+
+ background-image: url("processed-icon.png");
+ background-size: contain;
+ background-repeat: no-repeat;
+ }
td.details-control {
background: url('details_open.png') no-repeat center center;
cursor: pointer;
diff --git a/custom-template.php b/custom-template.php
index bbbf5f50..9fe4ca90 100644
--- a/custom-template.php
+++ b/custom-template.php
@@ -69,4 +69,5 @@
diff --git a/processed-icon.png b/processed-icon.png
new file mode 100644
index 00000000..00ae467b
Binary files /dev/null and b/processed-icon.png differ
diff --git a/tokensignin.php b/tokensignin.php
index 471d4b73..928807ea 100644
--- a/tokensignin.php
+++ b/tokensignin.php
@@ -21,7 +21,7 @@ die();
$id_token = $_POST['idtoken'];
$admins = array('106388451999977183087' => 'Y', // Jess
- '113391142723644034553' => 'Y' // Lars
+ '113391142723644034553x' => 'Y' // Lars
);
$client = new Google_Client(['client_id' => '538635499162-g21v86gk87qm863u03er6vnm3q15bl82.apps.googleusercontent.com']);