ACC SHELL
<?php
include('../inc/template-admin.php');
$content='';
if ( (TRUE==$_GET['sp']) && (TRUE==in_array($GLOBALS['user']['rights'], array('1', '2', '3'))) )
{
if ('3'==$GLOBALS['user']['rights'])
{
$tmp_where=' AND id_tic='.(int)$GLOBALS['user']['id_tic'];
}
else
{
$tmp_where='';
}
$data=$db->select('*', 'sys_users', 'id='.(int)$_GET['sp'].$tmp_where, '1');
// pokud uzivatel jeste nema ani login, vygeneruje se
if (FALSE==$data['login'])
{
$logins_tmp=$db->select(
'login',
'sys_users'
);
$logins=array();
for ($i=0; $i<count($logins_tmp); $i++)
{
$logins[]=$logins_tmp[$i]['login'];
}
$i='';
while (TRUE==in_array(sys_name($data['surname']).$i, $logins))
{
$i=(int)$i+1;
}
$data['login']=sys_name($data['surname']).$i;
$db->queryN('UPDATE sys_users SET login=\''.addslashes($data['login']).'\' WHERE id='.(int)$_GET['sp']);
}
// vygeneruje se heslo
$sam=array('a', 'e', 'i', 'o', 'u', 'y');
$sou=array('b', 'c', 'd', 'f', 'g', 'h', 'k', 'l', 'm', 'n', 'q', 'r', 's', 't', 'v', 'w', 'x', 'z');
$spec=array('.', '-', '*');
$length=rand(6, 8);
$flag=FALSE;
$spec_pos=rand(2, 4);
$data['password']='';
for ($i=0; $i<$length; $i++)
{
if ($spec_pos==$i)
{
$data['password'].=$spec[rand(0, 2)];
}
else
{
if (FALSE==$flag)
{
$letter=$sou[rand(0, count($sou)-1)];
if ('0'==rand(0, 5))
{
$letter=strtoupper($letter);
}
$data['password'].=$letter;
$flag=TRUE;
}
else
{
$letter=$sam[rand(0, count($sam)-1)];
if ('0'==rand(0, 5))
{
$letter=strtoupper($letter);
}
$data['password'].=$letter;
$flag=FALSE;
}
}
}
$db->queryN('UPDATE sys_users SET password=\''.addslashes(md5($data['password'])).'\' WHERE id='.(int)$_GET['sp']);
$header="From: ".$GLOBALS['admin_email']."\n";
$header.="Content-Type: text/plain; charset=utf-8\n";
$subject='Udaje pro prihlaseni do systemu';
$message="Dobrý den,\n\nZasíláme Vám informace pro přihlášení do systému.\n\nAdresa: ".$GLOBALS['web_url'].$GLOBALS['http_root']."admin/login.php\nPřihlašovací jméno: ".$data['login']."\nHeslo: ".$data['password']."\n";
//die($message);
mail($data['email'], $subject, $message, $header);
header('location: ?'.str_replace('&', '&', get_params($_GET, array('sp')))).')';
die();
}
$actions=array(
'add'=>'Přidat uživatele',
'add_now'=>'přidat',
'list'=>'Seznam uživatelů',
'edit'=>'upravit',
'edit_confirm'=>'uložit',
'after_add'=>'Seznam uživatelů',
'delete'=>'smazat uživatele',
'delete_confirm'=>'Ano, smazat'
);
if (3>(int)$GLOBALS['user']['rights'])
{
$tics=
array(
'type'=>'reference',
'name'=>'TIC',
'field'=>'id_tic',
'reg'=>'^.*$',
'ftable'=>'tics_languages',
'fkey'=>'id_tic',
'ffield'=>'name',
'order'=>'name',
'where'=>' AND id_language=1',
'reg'=>'^.*$',
'help'=>'Turistické informační centrum, pod kterým uživatel vystupuje.'
);
}
else
{
$tics=
array(
'type'=>'hidden',
'name'=>'TIC',
'field'=>'id_tic',
'default'=>(int)$GLOBALS['user']['id_tic']
);
$where_rights=' AND user_rights.id>2';
}
if (2<(int)$GLOBALS['user']['rights'])
{
$tmp_db=$db->select(
'DISTINCT o.id',
'objects AS o
LEFT JOIN objects_object_types AS oot ON (o.id=oot.id_object)
LEFT JOIN object_types AS ot ON (ot.id=oot.id_object_type)
',
'
ot.active!=\'N\'
AND
id_tic='.(int)$GLOBALS['user']['id_tic']
);
$tmp=array();
for ($i=0; $i<count($tmp_db); $i++)
{
$tmp[]=(int)$tmp_db[$i]['id'];
}
if (0<count($tmp))
{
$obj_where=' AND objects_languages.id_object IN ('.implode(', ', $tmp).')';
}
else
{
$obj_where=' AND 0';
}
}
$args=array(
'name'=>'user',
'table'=>'sys_user',
'item_title'=>'CONCAT(sys_users.name, \' \', surname)',
'disctinc'=>' DISTINCT ',
'actions'=>$actions,
'order'=>'surname, sys_users.name',
'items'=>array(
array(
'type'=>'text',
'name'=>'Jméno',
'field'=>'name',
'reg'=>'^.+$',
),
array(
'type'=>'text',
'name'=>'Přijmení',
'field'=>'surname',
'reg'=>'^.+$',
),
array(
'type'=>'text',
'name'=>'Login',
'field'=>'login',
'reg'=>'^.+$',
),
array(
'type'=>'text',
'name'=>'Email',
'field'=>'email',
'reg'=>'^.*$',
),
array(
'type'=>'void',
'name'=>'name',
'field'=>'CONCAT(sys_users.name, \' \', surname)',
'table'=>'',
),
),
'list'=>array(
'columns'=>array(
array(
'name'=>'Jméno',
'field'=>'name',
'sort'=>'users.surname, users.name',
'href'=>'this',
),
array(
'name'=>'Login',
'field'=>'Login',
'sort'=>'login',
'href'=>'this',
),
array(
'name'=>'Práva',
'field'=>'Prava',
'sort'=>'id_user_right',
),
array(
'name'=>'Přítup',
'field'=>'',
'alt_text'=>'Odeslat',
'href'=>'?'.get_params($_GET, array('sp')).'&sp=',
),
),
),
/*'templates'=>array(
'detail'=>'inc/templates/users-detail.tpl',
),*/
);
if ('edit'!=$_GET['actionuser'])
{
$args['items'][]=
array(
'type'=>'reference',
'name'=>'Práva',
'field'=>'id_user_group',
'ftable'=>'sys_user_groups',
'ffield'=>'name',
'fkey'=>'id',
'reg'=>'^.+$',
'where'=>$where_rights,
);
}
if ('3'==$GLOBALS['user']['rights'])
{
$args['where'].=' AND sys_users.id_tic='.(int)$GLOBALS['user']['id_tic'];
}
$admin=new Admin($args);
//print_r($admin->data);
if (0<count($admin->dataRow))
{
$content.='
<div>
<a class="button" href="?sp='.$admin->id.get_params($_GET, array('sp')).'">Odeslat přístupové údaje uživateli na email</a>
</div>
';
}
$content.='
'.$admin->getHTML().'<div class="clear_both"><!-- --></div>';
echo html('Uživatelé', $content, array('../inc/pages-tree.php'));
?>
ACC SHELL 2018