evolix/evoauth
Archived
21
0
Fork 0
Code Issues Pull requests Releases Wiki Activity
This repository has been archived on 2020-01-20. You can view files and clone it, but cannot push or open issues or pull requests.
evoauth/htdocs/edit.php

554 lines
13 KiB
PHP
Raw Normal View History

Initial revision
2005-09-12 21:51:19 +02:00
<?php
require_once "includes/config.php";
require "includes/database.php";
require "includes/fonctions.php";
correctifs.
2005-09-13 22:45:04 +02:00
session_name("EVOAUTH_PHPSESSION");
Initial revision
2005-09-12 21:51:19 +02:00
session_start ();
$mode = $_GET['mode'];
$flag = $_GET['flag'];
// acc<63>s OK
if (isset($_SESSION['login']))
{
if (!empty($_POST))
{
if (isset($_POST['ajout']))
{
$mode = "add";
$flag = 0;
}
elseif (isset($_POST['suppression']))
{
$mode = "suppression";
$flag = 1;
}
elseif (isset($_POST['activation']))
{
$mode = "activation";
$flag = 1;
}
elseif (isset($_POST['desactivation']))
{
$mode = "desactivation";
$flag = 1;
}
elseif (isset($_POST['kick']))
{
$mode = "kick";
$flag = 1;
}
else
{
echo '';
}
}
/* mode changement du mot de passe utilisateur */
if ($mode == "pass" && $flag == 1)
{
if ($_POST['pass1'] == $_POST['pass2'])
{
// mise <20> jour du pass
$newpass = md5($_POST['pass1']);
update_pass($newpass);
// changement effectu<74>, on redirige vers la page d'accueil
echo '<meta http-equiv="refresh" content="3;URL=membre.php">';
echo 'Le changement de mot de passe a <20>t<EFBFBD> effectu<74>.';
}
else
{
// le changement a <20>chou<6F>
echo '<meta http-equiv="refresh" content="3;URL=membre.php">';
echo 'Le changement a <20>chou<6F>.';
}
} /* fin mode changement du mot de passe utilisateur */
/* mode ajout d'un utilisateur */
elseif ($mode == "add" && $flag == 1 && $_SESSION['login'] == "admin")
{
// l'utilisateur a cr<63>er existe d<>j<EFBFBD>
$resultat = seek_for_user($_POST['newlogin']);
if ($resultat == 1)
{
echo '<meta http-equiv="refresh" content="3;URL=membre.php">';
echo 'L\'utilisateur existe d<>j<EFBFBD>.';
}
// les 2 mots de passe saisis sont diff<66>rents
elseif ($_POST['pass1'] != $_POST['pass2'])
{
echo '<meta http-equiv="refresh" content="3;URL=membre.php">';
echo 'Les mots de passe sont diff<66>rents.';
}
// le nouvel utilisateur a un cr<63>dit nul
elseif ($_POST['utype'] == 1 && $_POST['credit'] == 0)
{
echo '<meta http-equiv="refresh" content="3;URL=membre.php">';
echo 'Cr<43>dit nul impossible.';
}
// tout est OK, on peut ajouter l'utilisateur
else
{
// cr<63>ation des param<61>tres
$newlogin = $_POST['newlogin'];
$newpass = md5($_POST['pass1']);
(defined($_POST['newgroup'])) ? $newgroup=$_POST['newgroup'] : $newgroup="general";
if ($_POST['utype'] == 0)
$newutype="0";
elseif ($_POST['utype'] == 1)
$newutype="1";
else
$newutype="0";
$newcredit = $_POST['credit'];
// ajout proprement dit
$resultat = add_user($newlogin, $newpass, $newgroup, $newutype, $newcredit);
if ($resultat)
{
echo '<meta http-equiv="refresh" content="3;URL=edit.php?mode=add">';
echo 'L\'ajout de l\'utilisateur a r<>ussi.';
}
else
{
echo '<meta http-equiv="refresh" content="3;URL=membre.php">';
echo 'L\'Ajout de l\'utilisateur a <20>chou<6F>.';
}
}
} /* fin mode ajout d'un utilisateur */
/* mode suppression */
elseif ($mode == "suppression" && $flag == 1 && $_SESSION['login'] == "admin")
{
if (!empty($_POST['coche']))
{
foreach ($_POST['coche'] as $coche)
{
$connexion = connexion();
$requete= "delete from users where id='$coche'";
$resultat =mysql_query($requete, $connexion);
if ($resultat == 1)
{
echo '<meta http-equiv="refresh" content="3;URL=edit.php?mode=listing">';
echo "La suppression a <20>t<EFBFBD> correctement effectu<74>e. <br>";
}
else
{
echo '<meta http-equiv="refresh" content="3;URL=membre.php">';
echo "La suppression a <20>chou<6F>e: ".mysql_error()."<br>";
}
}
}
else
{
echo '<meta http-equiv="refresh" content="3;URL=edit.php?mode=listing">';
echo "Aucun utilisateur <20> supprimer. <br>";
}
} /* mode suppresion */
/* mode activation */
elseif ($mode == "activation" && $flag == 1 && $_SESSION['login'] == "admin")
{
if (!empty($_POST['coche']))
{
foreach ($_POST['coche'] as $coche)
{
$connexion = connexion();
$requete= "update users set actif = 1 where id='$coche'";
$resultat =mysql_query($requete, $connexion);
if ($resultat == 1)
{
echo '<meta http-equiv="refresh" content="3;URL=edit.php?mode=listing">';
echo "L'activation a <20>t<EFBFBD> correctement effectu<74>e. <br>";
}
else
{
echo '<meta http-equiv="refresh" content="3;URL=membre.php">';
echo "L'activation a <20>chou<6F>e: ".mysql_error()."<br>";
}
}
}
else
{
echo '<meta http-equiv="refresh" content="3;URL=edit.php?mode=listing">';
echo "Aucun utilisateur <20> activer. <br>";
}
} /* fin mode activation */
/* mode desactivation */
elseif ($mode == "desactivation" && $flag == 1 && $_SESSION['login'] == "admin")
{
if (!empty($_POST['coche']))
{
foreach ($_POST['coche'] as $coche)
{
$connexion = connexion();
$requete= "update users set actif = 0 where id='$coche'";
$resultat =mysql_query($requete, $connexion);
if ($resultat == 1)
{
echo '<meta http-equiv="refresh" content="3;URL=edit.php?mode=listing">';
echo "La d<>sactivation a <20>t<EFBFBD> correctement effectu<74>e. <br>";
}
else
{
echo '<meta http-equiv="refresh" content="3;URL=membre.php">';
echo "La d<>sactivation a <20>chou<6F>e: ".mysql_error()."<br>";
}
}
}
else
{
echo '<meta http-equiv="refresh" content="3;URL=edit.php?mode=listing">';
echo "Aucun utilisateur <20> d<>sactiver. <br>";
}
} /* fin mode desactivation */
/* mode kick */
elseif ($mode == "kick" && $flag == 1 && $_SESSION['login'] == "admin")
{
if (!empty($_POST['coche']))
{
foreach ($_POST['coche'] as $coche)
{
$connexion = connexion();
$requete= "select ip from users where id='$coche' and statut='1'";
$resultat = mysql_fetch_row(mysql_query ($requete, $connexion));
// l'utilisateur
if ($resultat == 0)
{
echo '<meta http-equiv="refresh" content="3;URL=edit.php?mode=listing">';
echo "L'utilisateur n'est pas connect<63>.<br>";
}
else
{
$ip = current($resultat);
// d<>sactivation de l'utilisateur dans le firewall
verification de l'activation et chemins des binaires.
2005-09-13 16:29:42 +02:00
system("/usr/bin/sudo /usr/local/share/evoauth/Evoauth.pl -d $ip");
Initial revision
2005-09-12 21:51:19 +02:00
// variable n<>cessaire pour interdir le prochain refresh
setkick($ip, "1");
echo '<meta http-equiv="refresh" content="3;URL=edit.php?mode=listing">';
echo "L'utilisateur a <20>t<EFBFBD> kick<63>.<br>";
}
}
}
else
{
echo '<meta http-equiv="refresh" content="3;URL=edit.php?mode=listing">';
echo "Aucun utilisateur <20> kicker. <br>";
}
} /* fin mode kick */
/* mode accueil */
elseif ($mode == accueil)
{
?>
<html>
<head>
<link rel="StyleSheet" href="style.css" type="text/css">
<title>Intranet <?=$title;?></title>
</head>
<body>
<p align="center"><img src="images/<?=$pic;?>"></p>
<br>
<?
// relecture de la page et enregistrement
if ($flag == 1) {
if (!$file = fopen("accueil.txt", "w")) {
echo "Echec de l'ouverture du texte d'accueil (accueil.txt)";
}
$text = $_POST["acc"];
fputs($file, $text);
fclose($file);
}
// on ouvre accueil.txt
if (!$file = fopen("accueil.txt", "r")) {
echo "Echec de l'ouverture du texte d'accueil (accueil.txt)";
}
else {
// on parcourt accueil.txt
while (!feof($file))
{
$accueil .= fgets($file, 255);
}
}
?>
<p align="center">Modifier le texte d'accueil</p>
<form action="edit.php?mode=accueil&flag=1" method="post">
<table align="center">
<tr>
<td>Votre texte :</td>
<td>
<textarea name="acc" rows="10" cols="80" wrap="PHYSICAL">
<?=$accueil?>
</textarea>
</td>
</tr>
<tr>
<td colspan="2" align="center"><input type="submit" name="submit" value="Mise a jour"></td>
</tr>
</table>
</form>
<p align="center"><br><br>
<a href="membre.php">Accueil</a>
<a href="index.php">D<EFBFBD>connexion</a>
</body>
</html>
<?
fclose($file);
} /* fin mode accueil */
/* mode normal de visualisation */
else
{
?>
<html>
<head>
<link rel="StyleSheet" href="style.css" type="text/css">
<title>Intranet <?=$title;?></title>
</head>
<body>
<p align="center"><img src="images/<?=$pic;?>"></p>
<br>
<?
if ($mode == "pass" && $_SESSION['login'] != "admin")
{
?>
<p align="center">Changer votre mot de passe</p>
<form action="edit.php?mode=pass&flag=1" method="post">
<table align="center">
<tr>
<td>Login :</td>
<td><?=$_SESSION['login']?></td>
</tr>
<tr>
<td>Nouveau mot de passe :</td>
<td><input type="password" name="pass1" style="background:red;color:yellow"></td>
</tr>
<tr>
<td>Confirmation :</td>
<td><input type="password" name="pass2" style="background:red;color:yellow"></td>
</tr>
<tr>
<td>&nbsp;</td>
</tr>
<tr>
<td colspan="2" align="center"><input type="submit" name="submit" value="Mise <20> jour"></td>
</tr>
<?
}
// ajout d'utilisateur si la personnes est admin
elseif ($mode == "add" && $_SESSION['login'] == "admin")
{
?>
<p align="center">Ajouter un utilisateur</p>
<form method="post" action="edit.php?mode=add&flag=1">
<table align="center">
<tr>
<td>Login :</td>
<td><input type="text" name="newlogin"></td>
</tr>
<tr>
<td>Groupe :</td>
<td><input type="text" name="newgroup" value="general"></td>
</tr>
<tr>
<td>Mot de passe :</td>
<td><input type="password" name="pass1" style="background:red;color:yellow"></td>
</tr>
<tr>
<td>Confirmation :</td>
<td><input type="password" name="pass2" style="background:red;color:yellow"></td>
</tr>
<?
if ($prepaid == 1)
{
?>
<tr>
<td>Type :</td>
<td>
Permanent <input type="radio" name="utype" value="0">
<input type="radio" name="utype" value="1"> Cr<EFBFBD>dit<EFBFBD>
</td>
</tr>
<tr>
<td>Cr<EFBFBD>dit (utile si utilisateur cr<EFBFBD>dit<EFBFBD>) :</td>
<td><input type="text" name="credit"></td>
</tr>
<?
}
?>
<tr>
<td>&nbsp;</td>
</tr>
<tr>
<td colspan="2" align="center"><input type="submit" name="submit" value="Ajout"></td>
<?
}
// listing dans une optique de suppression
elseif ($mode == "listing" && $_SESSION['login'] == "admin")
{
$connexion = connexion();
$resultat= mysql_query ("select * from users order by id", $connexion);
?>
<form method="post" action="edit.php?mode=listing&flag=1">
<table border="1" bordercolor="black" align="center" width="95%">
<tr>
<td align="center">&nbsp;</td>
<td align="center"><b>N<EFBFBD></b></td>
<td align="center"><b>Login</b></td>
<td align="center"><b>Groupe</b></td>
<td align="center"><b>Statut</b></td>
<td align="center"><b>Derni<EFBFBD>re connexion</b></td>
<td align="center"><b>Compte</b></td>
<?
if ($prepaid == 1)
{
?>
<td align="center"><b>Type</b></td>
<td align="center"><b>Cr<EFBFBD>dit restant</b></td>
</tr>
<?
}
while ($byblos = mysql_fetch_object ($resultat))
{
// g<>n<EFBFBD>ration d'un horodatage agr<67>able
if ($byblos->lastupdate != 0)
{
$horodatage = date("d/m/Y, H:i:s", $byblos->lastupdate);
}
else { $horodatage = "Aucune"; }
?>
<tr>
<td><input type="checkbox" name="coche[]" value=<?=$byblos->id?>></td>
<td><?=$byblos->id?></td>
<td><?=$byblos->login?></td>
<td><?=$byblos->groupe?></td>
<td><b><font color="red"><?=($byblos->statut==1)?"Connect<EFBFBD>":"Non connect<63>"?></font></b></td>
<td><?=$horodatage?></td>
<td><b><?=($byblos->actif==1)?"Activ<EFBFBD>":"D<EFBFBD>sactiv<EFBFBD>"?></b></td>
<?
if ($prepaid == 1)
{
?>
<td><?=($byblos->utype==0)?"Permanent":"Cr<EFBFBD>dit<EFBFBD>"?></td>
<?
if ($byblos->utype == 0)
{
?>
<td bgcolor="lightgrey"></td>
<?
}
else
{
?>
<td><?=$byblos->credit?> minutes</td>
<?
}
?>
</tr>
<?
}
}
?>
<tr>
<td colspan="<?=($prepaid==1)?11:8?>" align="center">
<input type="submit" name="ajout" value="ajout">
<input type="submit" name="suppression" value="suppression">
<input type="submit" name="activation" value="activation">
<input type="submit" name="desactivation" value="desactivation">
<input type="submit" name="kick" value="kick">
</td>
</tr>
<?
}
?>
</form>
</table>
<p align="center"><br><br>
<a href="membre.php">Accueil</a>
<a href="index.php">D<EFBFBD>connexion</a>
</body>
</html>
<?
} /* fin mode normal de visualisation */
}
// acc<63>s refus<75> //
else
{
kick("Acc<EFBFBD>s refus<75>.");
}
?>
Reference in a new issue Copy permalink