<?php
class Change_id_class {
var $change_id_user_name;
var $change_id_org_id;
var $change_id_access_level;
var $change_id_org_name;
var $change_id_group_id;
var $change_id_system_type;
var $change_id_group_name;
//var $change_or_revert;
function Change_id ($change_or_revert, $new_user_id, $user_access_level, $current_user_id, $org_id, $group_id) {
GLOBAL $question_validation_error, $message, $message_type, $user_name;
//echo "new user id is: ".$new_user_id."<p>";
if( ereg ( "[^0-9]", $new_user_id ) || strlen ( $new_user_id ) > 5 ) {
$message = "Illegal attempt to change ID. IP Logged. ";
$message_type = "error";
}
else {
$this->pull_related_user_variables ($new_user_id);
if ( $change_or_revert == "change" ) {
switch ( $user_access_level ) {
case "10":
if ( !$_SESSION["super_user_idB"] ) {
$_SESSION["super_user_idB"] = $current_user_id;
$_SESSION["super_user_nameB"] = $user_name;
//echo "Current user id is: ".$current_user_id."<p>";
//echo "10 Super User id is: ".$_SESSION["super_user_id"]."<p>";
}
$this->log_id_change ( $_SESSION['super_user_idB'], $current_user_id, $new_user_id );
$this->execute_id_change ($new_user_id);
break;
case "20":
if($group_id == $this->change_id_group_id) {
if(!$_SESSION["super_user_idB"]) {
$_SESSION["super_user_idB"] = $current_user_id;
$_SESSION["super_user_nameB"] = $user_name;
//echo "20 Super User id is: ".$_SESSION["super_user_id"]."<p>";
}
$this->log_id_change ( $_SESSION['super_user_idB'], $current_user_id, $new_user_id );
$this->execute_id_change( $new_user_id );
}
else {
$message = "Illegal attempt to change ID. IP Logged. ";
$message_type = "error";
}
break;
case "30":
if($org_id == $this->change_id_org_id) {
if(!$_SESSION["super_user_idB"]) {
$_SESSION["super_user_idB"] = $current_user_id;
$_SESSION["super_user_nameB"] = $user_name;
}
$this->log_id_change ( $_SESSION['super_user_idB'], $current_user_id, $new_user_id );
$this->execute_id_change( $new_user_id );
}
else {
$message = "Illegal attempt to change ID. IP Logged. ";
$message_type = "error";
}
break;
default:
if($new_user_id != $current_user_id) {
$message = "Illegal attempt to change ID. IP Logged. ";
$message_type = "error";
}
}
}
elseif ( $change_or_revert == 'revert' && $_SESSION['super_user_idB'] ) {
$this->log_id_change ( $_SESSION['super_user_idB'], $current_user_id, $new_user_id );
$_SESSION["super_user_idB"] = "";
$_SESSION["super_user_nameB"] = "";
$this->execute_id_change ( $new_user_id );
}
else {
$message = "No change or revert defined, or no superuser variable. IP Logged. ";
$message_type = "error";
}
}
//echo "End of Func Super User id is: ".$_SESSION["super_user_id"]."<p>";
}
function execute_id_change ( $new_user_id ) {
GLOBAL $user_id, $user_name, $org_id, $access_level, $org_name, $group_id, $system_type, $group_name;
$user_id = $this->user_id;
$_SESSION["user_idB"] = $this->user_id;
$user_name = $this->change_id_user_name;
$_SESSION["user_nameB"] = $this->change_id_user_name;
$org_id = $this->change_id_org_id;
$_SESSION["org_idB"] = $this->change_id_org_id;
$access_level = $this->change_id_access_level;
$_SESSION["access_levelB"] = $this->change_id_access_level;
$org_name = $this->change_id_org_name;
$_SESSION["org_nameB"] = $this->change_id_org_name;
$group_id = $this->change_id_group_id;
$_SESSION["group_idB"] = $this->change_id_group_id;
$group_name = $this->change_id_group_name;
$_SESSION["group_nameB"] = $this->change_id_group_name;
$system_type = $this->change_id_system_type;
$_SESSION["system_typeB"] = $this->change_id_system_type;
// echo "NEW Org name in execture change is: ".$_SESSION["org_nameB"]."<p/>";
//Clear the client_info session varible
$_SESSION['client_infoB'] = '';
}
function log_id_change ( $real_user_id, $current_user_id, $assumed_user_id ) {
GLOBAL $unix_date;
$sql = "
INSERT INTO log_id_change (
log_real_user_id,
log_current_user_id,
log_assumed_user_id,
log_session_id,
log_date_stamp
)
VALUES (
'".$real_user_id."',
'".$current_user_id."',
'".$assumed_user_id."',
'".$_SESSION['sess_idB']."',
'".$unix_date."'
)";
run_query ( $sql, 'Log id change' );
}
function pull_related_user_variables ($user_id) {
//global $unique_seq;
$this->user_id = $user_id;
$sql = "SELECT user_name_first, user_name_last, org_id, user_access_level FROM user_info WHERE user_id = '".$user_id."'";
$query_org = run_query ($sql, "No user_info login query");
$user_info_query = fetch_array ($query_org, "No login user_info IIIIII", "0");
$this->change_id_user_name = $user_info_query["user_name_first"]." ".$user_info_query["user_name_last"];
$this->change_id_org_id = $user_info_query["org_id"];
$this->change_id_access_level = $user_info_query["user_access_level"];
$org_info_query = fetch_array (run_query ("SELECT group_id, org_name, org_system_type FROM organizations WHERE org_id = '".$this->change_id_org_id."'", "No org_info login query"), "No login user_info", "0");
$this->change_id_org_name = $org_info_query["org_name"];
$this->change_id_group_id = $org_info_query["group_id"];
$this->change_id_system_type = $org_info_query["org_system_type"];
$group_info_query = fetch_array (run_query ("SELECT group_name FROM groups WHERE group_id = '".$this->change_id_group_id."'", "No group_info login query"), "No login user_info", "0");
$this->change_id_group_name = $group_info_query["group_name"];
//echo "NEW GROUP name is: ".$this->change_id_group_name."<p/>";
}
function display_related_users ($user_id) {
GLOBAL $organization_term, $group_term, $system_directory, $head_dynamic_style;// $unique_seq;
$this->pull_related_user_variables ($user_id);
switch ($this->change_id_access_level) {
case "10":
$column_head["0"] = $group_term;
$column_head["1"] = "User Name";
$column_head["2"] = "Access Level";
$sql = "SELECT * FROM user_info WHERE user_access_level = '20'";
$result = run_query($sql, "Change id 10 display");
$total_matches = num_rows ($result);
for ($i = 0; $i < $total_matches; $i++) {
$current_row = fetch_array($result, "No pull_related_user_variables", $i);
$row_sql = "SELECT org_name FROM organizations WHERE org_id LIKE '".$current_row["org_id"]."'";
$resultB = run_query($row_sql, "Finding name org for 10 display");
$row_org_name = fetch_result ($resultB, "No name fetched in display for change id 10");
$final_html .= "<tr><td class=\"generictd\"><a href=\"".$system_directory."change_id.php?new_id=".$current_row["user_id"]."\">".$row_org_name."</a></td>";
$final_html .= "<td class=\"generictd\"><a href=\"".$system_directory."change_id.php?new_id=".$current_row["user_id"]."\">".$current_row["user_name_last"].", ".$current_row["user_name_first"]."</a></td>";
$final_html .= "<td class=\"generictd\">".pull_access_description_based_on_access_number ($current_row["user_access_level"])."</td></tr>";
}
break;
case "20":
$column_head["0"] = $organization_term;
$column_head["1"] = "User Name";
$column_head["2"] = "Access Level";
$sql = "SELECT * FROM organizations WHERE group_id LIKE '".$this->change_id_group_id."' AND org_id NOT LIKE '".$this->change_id_org_id."'";
$result = run_query($sql, "Change id 20 display");
$total_matches = num_rows ($result);
for ($i = 0; $i < $total_matches; $i++) {
$current_row = fetch_array($result, "No name fetched in display for change id 20", $i);
$z_org_id = "org_id";
$row_sql = "SELECT * FROM user_info WHERE org_id LIKE '".$current_row[$z_org_id]."' AND user_access_level = '30' ";
$resultB = run_query($row_sql, "Finding name org for 20 display");
$row_user_info = fetch_array ($resultB, "No name fetched in display for change id 20", "0");
$final_html .= "<tr><td class=\"generictd\"><a href=\"".$system_directory."change_id.php?new_id=".$row_user_info["user_id"]."\">".$current_row["org_name"]."</a></td>";
$final_html .= "<td class=\"generictd\"><a href=\"".$system_directory."change_id.php?new_id=".$row_user_info["user_id"]."\">".$row_user_info["user_name_last"].", ".$row_user_info["user_name_first"]."</a></td>";
$final_html .= "<td class=\"generictd\">".pull_access_description_based_on_access_number ($row_user_info["user_access_level"])."</td></tr>";
}
break;
case "30":
$column_head["0"] = "User Name";
$column_head["1"] = "Access Level";
$sql = "SELECT * FROM user_info WHERE org_id LIKE '".$this->change_id_org_id."' AND user_access_level != '30'";
$result = run_query($sql, "Change id 30 display");
$total_matches = num_rows ($result);
for ($i = 0; $i < $total_matches; $i++) {
$current_row = fetch_array($result, "No name fetched in display for change id 30", $i);
$final_html .= "<tr>";
$final_html .= "<td class=\"generictd\"><a href=\"".$system_directory."change_id.php?new_id=".$current_row["user_id"]."\">".$current_row["user_name_last"].", ".$current_row["user_name_first"]."</a></td>";
$final_html .= "<td class=\"generictd\">".pull_access_description_based_on_access_number ($current_row["user_access_level"])."</td>";
$final_html .= "</tr>";
}
break;
default:
}
if (!$final_html) {$final_html = "No Identities Available to Change to.";}
else {
$table_top_html .= "<table class=\"generictable\">";
$table_top_html .= "<tr>";
foreach($column_head AS $current_head) {
$table_top_html .= "<td class=\"genericsubtop\">".$current_head."</td>";
}
$end_html .= "</tr></table>";
}
$assembled_html = $table_top_html.$final_html.$end_html;
return $assembled_html;
}
}
?>