<?php
include_once('include/config.php');
include_once('include/topmenu.php');
include_once('classes/mysql.class.php');
include_once('include/use_template.php');
$page_title = 'Utilisateurs';
session_start();
if (isset($_SESSION['rights'])) {
if ($_SESSION['rights'] != 0) { //Someone is trying to fool us !
header("Location: index.php"); //Let's send him to the main page
}
}
else header("Location: index.php"); //User is no connected, let's send him to the main page
$locations = BuildTopMenu($page_title, $_SESSION['rights'], $EXTERNAL_LINKS);
$actions = array ( 'Utilisateurs' => array ( 'Liste' => 'users.php',
'Ajouter' => '?action=addform'),
'Mon compte' => array ('Déconnecter' => 'logout.php'));
$mainframe = array();
if (!isset($_GET['action'])) { //Then the we should display the list of the servers
if (!isset($_GET['sort']) || !in_array($_GET['sort'], array('Login', 'FullName', 'Rights'))) {
$sort = 'Login';
} else {
$sort = $_GET['sort'];
}
$cols = array( 'Login' => '?sort=Login', 'Nom complet' => '?sort=FullName',
'Droits' => '?sort=Rights');
$table = '<table width="100%" class="serverList"><tr>';
foreach($cols as $col => $sort_href) {
$table .= '<td class="soustitre"><a href="'.$sort_href.'">'.$col.'</a></td>';
}
$table .= '</tr>';
$DB = new MySQL($MYSQL_SERVER, $MYSQL_DATABASE, $MYSQL_USER, $MYSQL_PASSWORD);
$usersMatrix = $DB->GetAllUsers($sort);
foreach ($usersMatrix as $row) {
if ($row['Rights'] == 0)
$rights = 'Administrateur';
else
$rights = 'Utilisateur';
$table .= '<tr><td><a href=user.php?user_id='.$row['User_ID'].'>'.$row['Login'].'</a></td>';
$table .= '<td>'.$row['FullName'].'</td>';
$table .= '<td>'.$rights.'</td>';
$table .= '</tr>';
}
$table .= '</table>';
$mainframe['Gestion des Utilisateurs'] = array('Tableau récapitulatif' => $table);
}
else {
switch ($_GET['action']) {
case 'addform': $form = '
<form action="?action=addnow" method="post" name="user">
<p>Si l\'utilisateur est sensé s\'authentifié grâce à NTLM, entrez son login windows (sans le "@domain.tld")</p><br>
<p>Login :<br>
<input name="Login" value="" size="20" />
</p>
<p> Nom complet (par exemple "Charles Dupont") : <br>
<input name="FullName" value="" size="20" />
</p>
<p> Mot de passe (laissez vide pour NTLM) : <br>
<input name="Password" type="password" value="" size="20" />
</p>
<p> Type d\'utilisateur : <br>
<select name="Rights">
<option value ="0">Administrateur</option>
<option value ="1" selected="selected">Utilisateur</option>
</select>
</p>
<p>
<input type="checkbox" name="Active" checked>Utilisateur actif
</p>
<p>
<input type="submit" value="Ajouter">
</p>
</form>
';
$mainframe['Ajouter un utilisateur'] = array('Remplissez le formulaire suivant :' => $form);
break;
case 'addnow':
if (empty($_POST['Login']) || empty($_POST['FullName']) || !is_numeric($_POST['Rights'])) {
$message = 'Vous devez choisir un login et un nom pour l\'utilisateur et lui attribuer des droits.';
} else {
$DB = new MySQL($MYSQL_SERVER, $MYSQL_DATABASE, $MYSQL_USER, $MYSQL_PASSWORD);
if ($DB->IsLoginFree($_POST['Login'])) {
//Let's add the user to the database :
$DB->AddUser($_POST); //Security checks are made in the function
$message = 'L\'utilisateur à été ajouté avec succès';
}
else {
$message = 'Le login existe déjà en base';
}
}
$mainframe['Ajouter un utilisateur'] = array('Ajout de '.$_POST['FullName'] => $message);
}
}
BuildPage($page_title, $locations, $mainframe, $actions);
?>