PHP authUserAccesArea函数代码示例

if (isset($_SERVER['HTTP_REFERER'])) {
    $back = htmlspecialchars($_SERVER['HTTP_REFERER']);
}
Definition_ressource_domaine_site();
/* for plugins */
use Grr\Event\EntryEventClass;
use Grr\Event\DayEvent;
/* get id site by id area */
$id_site = mrbsGetAreaSite($area);
/* end plugins */
$tplArray['tplHeader'] = print_header($day, $month, $year, $type_session, false, false);
if (check_begin_end_bookings($day, $month, $year)) {
    showNoBookings($day, $month, $year, $back);
    exit;
}
if (authGetUserLevel(getUserName(), -1) < 1 && Settings::get('authentification_obli') == 1 || authUserAccesArea(getUserName(), $area) == 0) {
    showAccessDenied($back);
    exit;
}
if (Settings::get('verif_reservation_auto') == 0) {
    verify_confirm_reservation();
    verify_retard_reservation();
}
get_planning_area_values($area);
if ($enable_periods == 'y') {
    $resolution = 60;
    $morningstarts = 12;
    $morningstarts_minutes = 0;
    $eveningends = 12;
    $eveningends_minutes = count($periods_name) - 1;
}

} else {
    $type_session = "with_session";
}
get_planning_area_values($area);
if ($area <= 0) {
    print_header($day, $month, $year, $type_session);
    echo '<h1>' . get_vocab("noareas") . '</h1>';
    echo '<a href="./admin/admin_accueil.php">' . get_vocab("admin") . '</a>' . PHP_EOL . '</body>' . PHP_EOL . '</html>';
    exit;
}
print_header($day, $month, $year, $type_session);
if (authGetUserLevel(getUserName(), -1) < 1 && $settings->get("authentification_obli") == 1) {
    showAccessDenied($back);
    exit;
}
if (authUserAccesArea(getUserName(), $area) == 0) {
    showAccessDenied($back);
    exit;
}
if (check_begin_end_bookings($day, $month, $year)) {
    showNoBookings($day, $month, $year, $back);
    exit;
}
if ($settings->get("verif_reservation_auto") == 0) {
    verify_confirm_reservation();
    verify_retard_reservation();
}
$ind = 1;
$test = 0;
$i = 0;
while ($test == 0 && $ind <= 7) {

/**
 * Affichage des area sous la forme d'un input
 *
 * @param string $link
 * @param string $current_site
 * @param string $current_area
 * @param string $year
 * @param string $month
 * @param string $day
 * @return string
 */
function make_area_item_html($link, $current_site, $current_area, $year, $month, $day, $user)
{
    global $vocab;
    if (Settings::get("module_multisite") == "Oui") {
        $use_multi_site = 'y';
    } else {
        $use_multi_site = 'n';
    }
    if ($use_multi_site == 'y') {
        // on a activé les sites
        if ($current_site != -1) {
            $sql = "SELECT a.id, a.area_name,a.access\n\t\tFROM " . TABLE_PREFIX . "_area a, " . TABLE_PREFIX . "_j_site_area j\n\t\tWHERE a.id=j.id_area and j.id_site={$current_site}\n\t\tORDER BY a.order_display, a.area_name";
        } else {
            $sql = "";
        }
    } else {
        $sql = "SELECT id, area_name,access\n\t\tFROM " . TABLE_PREFIX . "_area\n\t\tORDER BY order_display, area_name";
    }
    $out_html = '<br />' . PHP_EOL . '<div class="panel panel-default">' . PHP_EOL . '<div class="panel-heading">' . get_vocab("areas") . '</div>' . PHP_EOL . '<div class="panel-body">' . PHP_EOL;
    $out_html .= '<form class="ressource" id="area_001" action="' . $_SERVER['PHP_SELF'] . '">' . PHP_EOL;
    $res = grr_sql_query($sql);
    if ($res) {
        for ($i = 0; $row = grr_sql_row($res, $i); $i++) {
            $link2 = $link . '?year=' . $year . '&amp;month=' . $month . '&amp;day=' . $day . '&amp;area=' . $row[0];
            if (authUserAccesArea($user, $row[0]) == 1) {
                /* Couleur du domaine selectionné*/
                if ($current_area != null) {
                    if ($current_area == $row[0]) {
                        $out_html .= '<input class="btn btn-primary btn-lg btn-block item_select" name="' . $row[0] . '" value="' . htmlspecialchars($row[1]) . '" onclick="location.href=\'' . $link2 . '\' ;charger();"/>' . PHP_EOL;
                    } else {
                        $out_html .= '<input class="btn btn-default btn-lg btn-block item " name="' . $row[0] . '" value="' . htmlspecialchars($row[1]) . '" onclick="location.href=\'' . $link2 . '\' ;charger();"/>' . PHP_EOL;
                    }
                } else {
                    $out_html .= '<input class="btn btn-default btn-lg btn-block item" name="' . $row[0] . '" value="' . htmlspecialchars($row[1]) . '" onclick="location.href=\'' . $link2 . '\' ;charger();"/>' . PHP_EOL;
                }
            }
        }
    }
    $out_html .= '</form>' . PHP_EOL . '</div>' . PHP_EOL . '</div>' . PHP_EOL;
    return $out_html;
}

WHERE ((etat!='inactif' and (statut='utilisateur' or statut='administrateur' or statut='gestionnaire_utilisateur'))
AND (".TABLE_PREFIX."_j_useradmin_area.login is null or (".TABLE_PREFIX."_j_useradmin_area.login=u.login and ".TABLE_PREFIX."_j_useradmin_area.id_area!=".$id_area.")))  order by u.nom, u.prenom";

    $res = grr_sql_query($sql);
    $nb_users = grr_sql_count($res);
    if ($nb_users > 0) {
    ?>
    <tr><td>
   	<h3><?php echo get_vocab("add_multiple_user_to_list").get_vocab("deux_points");?></h3>

    <form action="admin_right_admin.php" method='post'>
	  <div><select name="agent" size="8" style="width:200px;" multiple="multiple" ondblclick="Deplacer(this.form.agent,this.form.elements['reg_multi_admin_login[]'])">

    <?php
	if ($res) for ($i = 0; ($row = grr_sql_row($res, $i)); $i++) {
		if (authUserAccesArea($row[0],$id_area) == 1) {
        echo "<option value='$row[0]'>".grr_htmlSpecialChars($row[1])." ".grr_htmlSpecialChars($row[2])."</option>";
		}
	}
    ?>

	</select>
	<input type="button" value="&lt;&lt;" onclick="Deplacer(this.form.elements['reg_multi_admin_login[]'],this.form.agent)"/>
	<input type="button" value="&gt;&gt;" onclick="Deplacer(this.form.agent,this.form.elements['reg_multi_admin_login[]'])"/>
	<select name="reg_multi_admin_login[]" id="reg_multi_admin_login" size="8" style="width:200px;" multiple="multiple" ondblclick="Deplacer(this.form.elements['reg_multi_admin_login[]'],this.form.agent)">
  <option>&nbsp;</option>
  </select>
    <input type="hidden" name="id_area" value="<?php echo $id_area;?>" />
    <input type="submit" value="Enregistrer"  onclick="selectionner_liste(this.form.reg_multi_admin_login);"/></div>

    <script type="text/javascript">

} else {
    $type_session = "with_session";
}
//Récupération des informations relatives au serveur.
$back = '';
if (isset($_SERVER['HTTP_REFERER'])) {
    $back = htmlspecialchars($_SERVER['HTTP_REFERER']);
}
//Affiche les informations dans l'header
print_header($day, $month, $year, $type = "with_session");
//Renseigne les droits de l'utilisateur, si les droits sont insufisants, l'utilisateur est avertit.
if (check_begin_end_bookings($day, $month, $year)) {
    showNoBookings($day, $month, $year, $back);
    exit;
}
if (authGetUserLevel(getUserName(), -1) < 1 && Settings::get("authentification_obli") == 1 || !$verif_acces_ressource || authUserAccesArea(getUserName(), $area) == 0) {
    showAccessDenied($back);
    exit;
}
// On vérifie une fois par jour si le délai de confirmation des réservations est dépassé
// Si oui, les réservations concernées sont supprimées et un mail automatique est envoyé.
// On vérifie une fois par jour que les ressources ont été rendue en fin de réservation
// Si non, une notification email est envoyée
if (Settings::get("verif_reservation_auto") == 0) {
    verify_confirm_reservation();
    verify_retard_reservation();
}
//Heure de dénut du mois, cela ne sert à rien de reprndre les valeur morningstarts/eveningends
$month_start = mktime(0, 0, 0, $month, 1, $year);
//Dans quel colonne l'affichage commence: 0 veut dire $weekstarts
$weekday_start = (date("w", $month_start) - $weekstarts + 7) % 7;

echo '<tr ';
if ($nb_areas == 1) {
    echo 'style="display:none" ';
}
echo "><td class=\"CL\" style=\"vertical-align:top;\" >\n";
echo '<div class="col-xs-3"><select class="form-control" id="areas" name="areas" onchange="changeRooms(this.form);insertChampsAdd();insertTypes()" >';*/
if ($enable_periods == 'y') {
    $sql = 'SELECT id, area_name FROM ' . TABLE_PREFIX . "_area WHERE id='" . $area . "' ORDER BY area_name";
} else {
    $sql = 'SELECT id, area_name FROM ' . TABLE_PREFIX . "_area WHERE enable_periods != 'y' ORDER BY area_name";
}
$res = grr_sql_query($sql);
if ($res) {
    $incrementForValidArea = 0;
    for ($i = 0; $row = grr_sql_row($res, $i); $i++) {
        if (authUserAccesArea(getUserName(), $row[0]) == 1) {
            $selected = '';
            $tplArrayEditEntry['areasAuth'][$incrementForValidArea]['0'] = $row[0];
            $tplArrayEditEntry['areasAuth'][$incrementForValidArea]['1'] = $row[1];
            if ($row[0] == $area) {
                //$selected = 'selected="selected"';
                $tplArrayEditEntry['areasAuth'][$incrementForValidArea]['selected'] = true;
            } else {
                $tplArrayEditEntry['areasAuth'][$incrementForValidArea]['selected'] = false;
            }
            //print '<option '.$selected.' value="'.$row[0].'">'.$row[1].'</option>'.PHP_EOL;
            $incrementForValidArea++;
        }
    }
}
//echo '</select>',PHP_EOL,'</div>',PHP_EOL,'</td>',PHP_EOL,'</tr>',PHP_EOL;

           FROM ".TABLE_PREFIX."_area
           ORDER BY order_display, area_name";
 }
 if (($id_site!=-1) or ($use_site=='n'))
    $resultat = grr_sql_query($sql);
 $display_liste = '
        <table border="0"><tr>
          <td>'.get_vocab('default_area').'</td>
          <td>
            <select id="id_area" name="id_area"  onchange="modifier_liste_ressources(1)">
              <option value="-1">'.get_vocab('choose_an_area').'</option>'."\n";

  if (($id_site!=-1) or ($use_site=='n')) {
 for ($enr = 0; ($row = grr_sql_row($resultat, $enr)); $enr++)
 {
  if (authUserAccesArea($session_login, $row[0])!=0)
  {
    $display_liste .=  '              <option value="'.$row[0].'"';
    if ($default_area == $row[0])
      $display_liste .= ' selected="selected" ';
    $display_liste .= '>'.grr_htmlSpecialChars($row[1]);
    if ($row[2]=='r')
      $display_liste .= ' ('.get_vocab('restricted').')';
    $display_liste .= '</option>'."\n";
  }
 }
 }
 $display_liste .= '            </select>';
 $id_area=5;
 $display_liste .=  '</td>
        </tr></table>'."\n";

/**
 * Menu gauche affichage des area via $fieldType
 *
 * @param string $link
 * @param string $current_site
 * @param string $current_area
 * @param string $year
 * @param string $month
 * @param string $day
 * @param string $user
 * @param string $fieldType
 *
 * @return string
 */
function make_area_selection_fields($link, $current_site, $current_area, $year, $month, $day, $user, $fieldType)
{
    global $twig;
    $tplArray['fieldType'] = $fieldType;
    $tplArray['vocab']['areas'] = get_vocab('areas');
    $tplArray['formAction'] = urlencode(strip_tags($_SERVER['PHP_SELF']));
    if (Settings::get('module_multisite') == 'Oui') {
        $use_multi_site = 'y';
    } else {
        $use_multi_site = 'n';
    }
    /*echo '<b><i><span class="bground">'.get_vocab('areas').'</span></i></b><br />';*/
    if ($use_multi_site == 'y') {
        // on a activé les sites
        if ($current_site != -1) {
            $sql = 'SELECT a.id, a.area_name,a.access
		FROM ' . TABLE_PREFIX . '_area a, ' . TABLE_PREFIX . "_j_site_area j\n\t\tWHERE a.id=j.id_area and j.id_site={$current_site}\n\t\tORDER BY a.order_display, a.area_name";
        } else {
            $sql = '';
        }
    } else {
        $sql = 'SELECT id, area_name,access
		FROM ' . TABLE_PREFIX . '_area
		ORDER BY order_display, area_name';
    }
    $res = 0;
    if ($current_site != -1 || $use_multi_site == 'n') {
        $res = grr_sql_query($sql);
    }
    if ($res) {
        for ($i = 0; $row = grr_sql_row($res, $i); ++$i) {
            if (authUserAccesArea($user, $row[0]) == 1) {
                $tplArray['areas'][$i]['linkToArea'] = $link . '?year=' . $year . '&month=' . $month . '&day=' . $day . '&area=' . $row[0];
                $tplArray['areas'][$i]['txtOption'] = htmlspecialchars(strip_tags($row[1]));
                /*if ($row[0] == $current_area) {*/
                $tplArray['areas'][$i]['current'] = $row[0] == $current_area ? true : false;
                //echo '<a id="liste_select" onclick="charger();" href="'.$link."?year=$year&month=$month&day=$day&area=$row[0]\">&gt; ".htmlspecialchars($row[1])."</a></b><br />\n";
                /* } else {*/
                //echo '<a id="liste" onclick="charger();" href="'.$link."?year=$year&month=$month&day=$day&area=$row[0]\">&gt; ".htmlspecialchars($row[1])."</a><br />\n";
                /*}*/
            }
        }
    }
    grr_sql_free($res);
    return $tplArray;
}

function make_area_list_html($link, $current_site, $current_area, $year, $month, $day, $user) {
   global $vocab;
   if (getSettingValue("module_multisite") == "Oui")
     $use_multi_site = 'y';
   else
     $use_multi_site = 'n';
   echo "<b><i><span class=\"bground\">".get_vocab("areas")."</span></i></b><br />";
   if ($use_multi_site=='y') { // on a activé les sites
     if ($current_site!=-1)
       $sql = "SELECT a.id, a.area_name,a.access
             FROM ".TABLE_PREFIX."_area a, ".TABLE_PREFIX."_j_site_area j
             WHERE a.id=j.id_area and j.id_site=$current_site
             ORDER BY a.order_display, a.area_name";
     else
       $sql = "";
   } else {
     $sql = "SELECT id, area_name,access
           FROM ".TABLE_PREFIX."_area
           ORDER BY order_display, area_name";
   }
   if (($current_site!=-1) or ($use_multi_site=='n'))
     $res = grr_sql_query($sql);
   if ($res) for ($i = 0; ($row = grr_sql_row($res, $i)); $i++)
    {
    if (authUserAccesArea($user,$row[0])==1) {
       if ($row[0] == $current_area)
          {
             echo "<b><span class=\"week\">&gt;&nbsp;<a href=\"".$link."?year=$year&amp;month=$month&amp;day=$day&amp;area=$row[0]\">".grr_htmlSpecialChars($row[1])."</a></span></b><br />\n";
          } else {
             echo "<a href=\"".$link."?year=$year&amp;month=$month&amp;day=$day&amp;area=$row[0]\">".grr_htmlSpecialChars($row[1])."</a><br />\n";
          }
       }
   }
   grr_sql_free($res);
}