<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
  <meta http-equiv="content-type" content="text/html; charset=utf-8">
  <meta name="generator" content="PSPad editor, www.pspad.com">
  <title>User management</title>
  <link rel="stylesheet" href="sc/style.css" type="text/css">
</head>
<body>
<div id="menu">
<?
  require ('inc/menu.php');
?>  
</div>

<?  	
 	ConnectIt();
  if(isset($_GET["new"]) && isLoggedIn()):
    $view = 0;
?>
  <br>
  <h1>Add new user</h1>
  <form action="users.php" method="post" accept="text/html" class="frm">
  <input type="hidden" name="insert" value="1">
  
  <div class="item">
    &nbsp;<label for="uname">Username</label><span style="margin-left: 6em;">
    &nbsp;<label for="umail">E-mail</label></span><span style="margin-left: 6em;">
    &nbsp;<label for="usms">SMS E-mail</label></span><br>
    <input type="text" name="uname" maxlength="25">
    <input type="text" name="umail" maxlength="35">
    <input type="checkbox" name="usms">
  </div>  
  <input type="submit" value="add" class="item">
  
  </form>
<?
  elseif(isset($_GET["edit"]) && isset($_GET["un"]) && isLoggedIn()):
    if ($usdata = Query("SELECT * FROM user WHERE id=".mysql_escape_string($_GET["un"]).";")) {
      $uslist = $usdata[0];
      $view = 0;
?>
  <br>
  <h1>Edit user</h1>
  <form action="users.php" method="post" accept="text/html" class="frm">
  <input type="hidden" name="update" value="1">
  <input type="hidden" name="usindex" value="<? echo $uslist[0]; ?>">
  
  
  <div class="item">
    &nbsp;<label for="uname">Username</label><span style="margin-left: 6em;">
    &nbsp;<label for="umail">E-mail</label></span><span style="margin-left: 6em;">
    &nbsp;<label for="usms">SMS E-mail</label></span><br>
    <input type="text" name="uname" maxlength="25" value="<? echo $uslist[1]; ?>">
    <input type="text" name="umail" maxlength="35" value="<? echo $uslist[2]; ?>">
    <input type="checkbox" name="usms"<? if ($uslist[3]) { echo " checked"; } ?>>
  </div>  
  <input type="submit" value="add" class="item">
  
  </form>
<?
    } else {
      $view = 1;
    }
  elseif(isLoggedIn() && isset($_GET["del"]) && $_GET["del"]):                          // DELeting users
      $todel = $_GET["del"]+0;
      if ($ustddata=Query("SELECT id,name FROM user WHERE id=$todel;")) {
        $view = 0;
        $ustdlist = $ustddata[0];
?>
  <br>
  <h1>Remove user</h1>
  <form action="users.php" method="post" accept="text/html">
    <div class="question"><h3>Are you sure?</h3>
    <p align="left"><? echo "Do You want to delete user<br>&nbsp;name:&nbsp;<b>".$ustdlist[1]."</b>"; ?> </p>
    
<?
        if (Query("SELECT us_id FROM mailing WHERE us_id=$todel;")) {
          echo "<p align=\"left\"><u>NOTE:</u>&nbsp;This user takes care of:<b><br>";

          if ($mailusadata = Query("SELECT client.name,job.job FROM mailing JOIN (client, job) ON (client.id=mailing.cl_id AND job.id=mailing.jo_id) WHERE mailing.us_id=$todel AND mailing.cl_id<>0 AND mailing.jo_id<>0;")) {
            foreach ($mailusadata as $musl) {
              echo "&nbsp;".$musl[0]." / ".$musl[1]."<br>\n";
            }        
          } 
  
          if ($mailuscdata = Query("SELECT client.name FROM mailing JOIN (client) ON (client.id=mailing.cl_id) WHERE mailing.us_id=$todel AND mailing.cl_id<>0 AND mailing.jo_id=0;")) {
            foreach ($mailuscdata as $musl) {
              echo "&nbsp;".$musl[0]." / <span class=\"not_imp\">Anything</span><br>\n";
            }        
          } 

          if ($mailusjdata = Query("SELECT job.job FROM mailing JOIN (job) ON (job.id=mailing.jo_id) WHERE mailing.us_id=$todel AND mailing.cl_id=0 AND mailing.jo_id<>0;")) {
            foreach ($mailusjdata as $musl) {
              echo "&nbsp;"."<span class=\"not_imp\">Every</span> / ".$musl[0]."<br>\n";
            }
          }

          echo "</b></p>\n";
        }
?>
    
    <input type="checkbox" name="delete" value="<? echo $todel; ?>"><label for="delete">Yes, I want to delete this user and all his care of listed clients and jobs.</label>
    <input type="submit" value="submit" name="submit">
    </div>
  </form>
<?
      } else {
        $view = 1;
        echo "<div class=\"info\"><p>User id = $todel doesn't exist.</p></div>\n";
      }
      
  elseif(isLoggedIn() && isset($_POST["delete"])):
      $view = 1;  
      if (Query("SELECT us_id FROM mailing WHERE us_id=".($_POST["delete"]+0).";")) {
        echo "<div class=\"info\"><p>Removing user id = ".$_POST["delete"].".<br>\n";
        if (Query("DELETE FROM mailing WHERE us_id=".($_POST["delete"]+0).";")) {
          echo "User's care (from mailing list) was successfully removed.<br>\n";
          if (Query("DELETE FROM user WHERE id=".($_POST["delete"]+0).";")) {
            echo "User was successfully removed.</p></div>\n";
          }
        } else {
          echo "Can not remove user's care (from mailing list).</p></div>";
        }
      } else {
        if (Query("SELECT id FROM user WHERE id=".($_POST["delete"]+0).";")) {
          echo "<div class=\"info\"><p>User id = ".$_POST["delete"]." doesn't have any care.<br>\nDeleting only user:&nbsp;";
          if (Query("DELETE FROM user WHERE id=".($_POST["delete"]+0).";")) {
            echo "OK.</p></div>\n";
          } else {
            echo "ERROR.</p></div>\n";
          }
        } else {
          echo "<div class=\"info\"><p>Can not remove user ".$_POST["delete"].". User doesn't exist.</p></div>\n";
        }
      }
  
  else:
    $view = 1;
    if ((isset($_POST["insert"]) || isset($_POST["update"])) && isLoggedIn()){
      if (!isset($_POST["usms"])) {
        $schecked = 0;
      } else {
        $schecked = 1;
      }
    	loginput($_POST["uname"]." / ".$_POST["umail"]." / checked == $schecked");
    	$user = strtolower(mysql_escape_string($_POST["uname"]));
    	$mail = strtolower(mysql_escape_string($_POST["umail"]));
    	$u_ko = 0;
    	echo "<div class=\"info\"><p align=\"center\">";
      if ($user!="" && $mail!="") {
        if ($udata = Query("SELECT name,id FROM user;")) {
          foreach ($udata as $ulist) {
            if ($user == $ulist[0]) {
              if (isset($_POST["update"]) && $ulist[1]==$_POST["usindex"]) {
                logdebug("Name of user has not been changed. It means: User name exists, but there it doesn't matter...");
              } else {
                $u_ko = 1;
                logdebug("!!!!! $user == $ulist[0] !!!!!<br>");
              }          
            } else {
              logdebug("$user != $ulist[0]<br>");
            }
          }
        }
        if ($u_ko) {
          echo "Cann't add user $user!!!<br>User '$user' already exists.</div></p>\n";
          logdebug("User $user already exists.");
        } else {
          logdebug("User $user OK.<br>"); 
          if (isset($_POST["insert"])) {
            if (Query("INSERT INTO user(name,email,sms) VALUES('$user','$mail','$schecked');")) {
              echo "User '$user' successfully added into DB.\n";
              if ($schecked) {
                echo "<br>SMS E-mail option enabled.</div></p>\n";
              } else {
                echo "<br>SMS E-mail option disabled.</div></p>\n";
              }
            } else {
              echo "Some problem with adding user $user to database.</div></p>\n";
            }
          } else {
            if (Query("UPDATE user SET name='$user',email='$mail',sms='$schecked' WHERE id=".$_POST["usindex"].";")) {
              echo "User '$user' successfully updated.\n";
              if ($schecked) {
                echo "<br>SMS E-mail option enabled.</div></p>\n";
              } else {
              
                echo "<br>SMS E-mail option disabled.</div></p>\n";
              }
            } else {
              echo "Some problem with adding user $user to database.</div></p>\n";
            }
            
          }      
        }
     	  logdebug("Success, user name == ".$user." updated.");
     	} else {
     	  echo "Username or user's e-mail is empty!</p></div>";
        logdebug("Username or user's e-mail is empty!"); 
      }
    }      
  endif;
  if ($view) {
?>
<br>
<h1>User management</h1>
<?
    if ($ud = Query("SELECT * FROM user;")) {
      echo "<ul class=\"no_dec\">";
    	echo "<li>".sayifadmin("&nbsp;&nbsp;&nbsp;&nbsp;", 0)."&nbsp;<u>ID</u>&nbsp;&nbsp;<u>Username</u>".str_repeat("&nbsp;",17)."&nbsp;<u>SMS E-mail</u>&nbsp;&nbsp;<u>E-mail</u>".str_repeat("&nbsp;",17)."</li>";
      foreach ($ud as $ul) {
      	echo "<li>".sayifadmin("<a href=\"?del=".$ul[0]."\" title=\"Remove\">-</a>&nbsp;<a href=\"?edit=1&un=".$ul[0]."\" title=\"Edit\">~</a>&nbsp;",0)."&nbsp;$ul[0]".str_repeat("&nbsp;",3-strlen($ul[0]))."&nbsp;$ul[1]".str_repeat("&nbsp;",25-strlen($ul[1]))."&nbsp;".say_boolean($ul[3]).str_repeat("&nbsp;", 5)."&nbsp;$ul[2]</li>";
      }
      echo sayifadmin("<li>".str_repeat("&nbsp;",5)."<a href=\"?new=1\" title=\"Add new\">+</a></li>",0)."\n</ul>";
    } else {
      if (isLoggedIn()) {
        echo "<div class=\"info\"><p><u>No user in database</u><br>\nIf you want to filter reports by user, you should <a href=\"?new=1\" title=\"Add new\">add new user</a></p></div>\n";
      } else {
        echo "<div class=\"info\"><p><u>No user in database</u><br>\nIf you want to filter reports by user, you should add new user.<br>\nFor adding users you must <a href=\"?admin=1\" title=\"Log in as administrator\">log in as Repman's administrator</a></p></div>\n";      
      }  
    }
  }
?>
</body>
</html>