Talenttic_survey/CATI_Tool
2
0
Fork 0
mirror of https://github.com/ACSPRI/queXS synced 2024-04-02 12:12:16 +00:00
Code Issues Releases Activity

let's make clients accounts editable, check for duplicated clients username

Browse Source
This commit is contained in:
Alex
2015-10-05 18:52:59 +03:00
parent 48068aec5b
commit e2f91e470c
1 changed files with 127 additions and 49 deletions
Download Patch File Download Diff File Expand all files Collapse all files

176
admin/clients.php
View File

@@ -45,7 +45,7 @@ include ("../db.inc.php");
/**
* Authentication file
*/
include ("auth-admin.php");
require ("auth-admin.php");
/**
* XHTML functions
@@ -57,7 +57,9 @@ global $db;
$a = false;
if (isset($_POST['client']))
$client =""; $firstname="";$lastname="";$email=""; $time_zone_name="";
if (isset($_POST['client']) && !empty($_POST['client']))
{
$client = $db->qstr($_POST['client'],get_magic_quotes_gpc());
$firstname = $db->qstr($_POST['firstname'],get_magic_quotes_gpc());
@@ -65,46 +67,108 @@ if (isset($_POST['client']))
$lastname = $db->qstr($_POST['lastname'],get_magic_quotes_gpc());
$time_zone_name = $db->qstr($_POST['Time_zone_name'],get_magic_quotes_gpc());
if (!empty($_POST['client']))
{
$sql = "INSERT INTO client
(`client_id` ,`username` ,`firstName` ,`lastName`, `Time_zone_name`)
VALUES (NULL , $client, $firstname , $lastname, $time_zone_name);";
/* check if there'a record with this username*/
$sql = "SELECT `username`,`client_id` from client WHERE `username` LIKE $client";
$rs = $db->GetAll($sql);
if ($db->Execute($sql))
{
include_once("../include/limesurvey/admin/classes/core/sha256.php");
//Insert into lime_users
$sql = "INSERT INTO " . LIME_PREFIX . "users (`users_name`,`password`,`full_name`,`parent_id`,`superadmin`,`email`,`lang`)
VALUES ($client, '" . SHA256::hashing($_POST['password']) . "',$firstname,1,0,$email,'auto')";
$db->Execute($sql);
if (isset($_GET['edit']) && $_GET['edit'] >0 ) {
$clid = intval($_GET['edit']);
$uid = intval($_POST['uid']);
}
$a = T_("Added: $client");
if (empty($rs) || count($rs)==1 && $rs[0]['client_id'] == $clid){
// update client
if (isset($_GET['edit']) && $_GET['edit'] >0 ) {
$sql = "UPDATE `client` SET `username`= $client,`firstName` = $firstname,`lastName` = $lastname,`Time_zone_name` = $time_zone_name
WHERE `client_id` = $clid ";
if ($db->Execute($sql))
{
$sql = "UPDATE " . LIME_PREFIX . "users SET `users_name` = $client, `full_name` = $firstname, `email` = $email";
/* rewrite 'password' only if not blank in edit mode */
if (isset($_GET['edit']) && $_GET['edit'] >0 && isset($_POST['password']) && !empty($_POST['password'])) {
include_once("../include/limesurvey/admin/classes/core/sha256.php");
$sql .=",`password` = '" . SHA256::hashing($_POST['password']) . "'";
}
$sql .= "WHERE `uid` = $uid";
$db->Execute($sql);
if ($db->Execute($sql)) $a = T_("Updated") . ": " . $client; else $a = T_("Update error");
}
else
$a = T_("Could not update") . " " . $client;
}
else
$a = T_("Could not add") . " " . $client . ". " . T_("There may already be a client of this name");
else { //save as a new client
$sql = "INSERT INTO client (`client_id` ,`username` ,`firstName` ,`lastName`, `Time_zone_name`)
VALUES (NULL , $client, $firstname , $lastname, $time_zone_name);";
if ($db->Execute($sql)) {
include_once("../include/limesurvey/admin/classes/core/sha256.php");
//Insert into lime_users
$sql = "INSERT INTO " . LIME_PREFIX . "users (`users_name`,`password`,`full_name`,`parent_id`,`superadmin`,`email`,`lang`)
VALUES ($client, '" . SHA256::hashing($_POST['password']) . "', $firstname ,1,0,$email,'auto')";
$db->Execute($sql);
if ($db->Execute($sql)) $a = T_("Added") . ": " . $client; else $a = T_("Error adding client");
}
else
$a = T_("Could not add") . " " . $client;
}
}
else $a = T_("Username") . " " . $client . ". " . T_("is already in use");
}
$header = T_("Add a client");
$sbut = T_("Add new client");
$req = "required";
if (isset($_GET['edit']) && $_GET['edit'] >0 ) {
$header = T_("Edit client data");
$clid = intval($_GET['edit']);
$sql = "SELECT client.*, u.email, u.uid from client, " . LIME_PREFIX . "users as u WHERE client_id=$clid and u.users_name=username";
$cdata = $db->GetRow($sql);
if (!$cdata) {
unset($_GET['edit']);
die(T_("NO such client"));
}
else{
$uid = $cdata['uid'];
$client = $cdata['username'];
$firstname= $cdata['firstName'];
$lastname= $cdata['lastName'];
$email= $cdata['email'];
$time_zone_name = $cdata['Time_zone_name'];
$sbut = T_("Update client data");
$req = "";
}
}
xhtml_head(T_("Add a client"),true,array("../include/bootstrap/css/bootstrap.min.css","../css/custom.css"));
xhtml_head($header,true,array("../include/bootstrap/css/bootstrap.min.css","../css/custom.css"));
$sql = "SELECT Time_zone_name as value, Time_zone_name as description
FROM timezone_template";
$tzs = $db->GetAll($sql);
$rs = $db->GetAll($sql);
if ($a)
{
?>
if ($a) { ?>
<div class='alert alert-info'><?php echo $a; ?></div>
<?php
}
?>
<?php } ?>
<script type="text/javascript">
//Password generator
@@ -145,38 +209,52 @@ function generate() {
<div class="well">
<p><?php echo T_("Adding a client here will allow them to access project information in the client subdirectory. You can assign a client to a particular project using the"); ?> <a href="clientquestionnaire.php"><?php echo T_("Assign client to Questionnaire"); ?></a> <?php echo T_("tool."); ?></p>
<p><?php echo T_("Adding a client here will allow them to access project information in the client subdirectory.");
if (isset($_GET['edit']) && $_GET['edit'] >0 ){
echo "&emsp;" . T_("You can assign a client to a particular project with"). "&emsp;"; ?> <a href="clientquestionnaire.php" class="btn btn-default"><?php echo T_("Assign client to Questionnaire") . "</a>";
} ?>
</p>
</div>
<form enctype="multipart/form-data" action="" method="post" class="form-horizontal" name="addclient" >
<div class="form-group form-inline">
<label class="control-label col-sm-3"><?php echo T_("Enter the username of a client to add:"); ?></label>
<input name="client" type="text" class="form-control pull-left" required size="40" />
<label class="control-label col-lg-3"><?php echo T_("Username"); ?>:</label>
<input name="client" type="text" class="form-control" required size="40" value="<?php echo $client;?>"/>
</div>
<div class="form-group form-inline">
<label class="control-label col-sm-3"><?php echo T_("Enter the password of a client to add:"); ?></label>
<input name="password" type="text" class="form-control pull-left" size="40" required />
<label class="control-label col-lg-3"><?php echo T_("Password"); ?>:</label>
<input name="password" type="text" class="form-control pull-left" size="40" <?php echo $req;?> placeholder="<?php if (isset($_GET['edit']) && $_GET['edit'] >0 ) echo T_("Leave this blank to keep current password");?>"/>
<div class="form-inline">&emsp;&emsp;
<input type="button" onclick="generate();" value="<?php echo T_("Generate");?>" class="btn btn-default fa" />&emsp;<?php echo T_("Password with");?>&ensp;
<input type="number" name="number" value="25" min="8" max="50" style="width:5em;" class="form-control" />&ensp;<?php echo T_("characters");?>
</div>
</div>
<div class="form-group form-inline">
<label class="control-label col-sm-3"><?php echo T_("Enter the first name of a client to add:"); ?></label>
<input name="firstname" type="text" class="form-control pull-left" size="40" />
<label class="control-label col-lg-3"><?php echo T_("First name"); ?> :</label>
<input name="firstname" type="text" class="form-control" size="40" value="<?php echo $firstname;?>"/>
</div>
<div class="form-group form-inline">
<label class="control-label col-sm-3"><?php echo T_("Enter the surname of a client to add:"); ?></label>
<input name="lastname" type="text" class="form-control pull-left" size="40"/>
</div>
<div class="form-group form-inline">
<label class="col-sm-3 control-label"><?php echo T_("Email") . ": ";?></label>
<input name="email" type="text" class="form-control pull-left"/>
</div>
<div class="form-group form-inline">
<label class="control-label col-sm-3"><a href='timezonetemplate.php'><?php echo T_("Enter the Time Zone of a client to add:"); echo "</a></label>";
display_chooser($rs,"Time_zone_name","Time_zone_name",false,false,false,false,array("value",get_setting("DEFAULT_TIME_ZONE")),true,"pull-left"); ?>
<label class="control-label col-lg-3"><?php echo T_("Surname"); ?>:</label>
<input name="lastname" type="text" class="form-control" size="40"value="<?php echo $lastname;?>"/>
</div>
<div class="form-group form-inline">
<label class="col-lg-3 control-label"><?php echo T_("Email"); ?>:</label>
<input name="email" type="text" class="form-control" size="40" value="<?php echo $email;?>"/>
</div>
<div class="form-group form-inline">
<label class="control-label col-lg-3"><a href='timezonetemplate.php'><?php echo T_("Timezone"); echo ":</a></label><div size=\"40\">";
if (isset($_GET['edit']) && $_GET['edit'] >0) $dtz = $time_zone_name; else $dtz = get_setting("DEFAULT_TIME_ZONE");
display_chooser($tzs,"Time_zone_name","Time_zone_name",false,false,false,false,array("value", $dtz),true,"pull-left"); ?> </div>
</div>
<?php if (isset($_GET['edit']) && $_GET['edit'] >0 ) { ?>
<input name="uid" type="hidden" value="<?php echo $uid;?>"/>
<?php } ?>
<div class="form-group">
<a href="clientquestionnaire.php" style="" class="btn btn-default col-lg-1 col-lg-offset-1"><?php echo T_("Cancel"); ?></a>
<input type="submit" value="<?php echo $sbut; ?>" style="width:336px;" class="btn btn-primary col-lg-offset-1"/>
</div>
<input type="submit" value="<?php echo T_("Add a client"); ?>" class="btn btn-primary col-sm-offset-3 col-sm-3"/>
</form>
<?php