--- html/obavijest.php	2000/07/13 08:21:14	1.14
+++ html/obavijest.php	2001/10/03 15:00:25	1.19
@@ -4,6 +4,8 @@
 include("inc/prava.inc");
 include("inc/print_bool2.inc");
 include("inc/bgcolor.inc");
+include("inc/show_bool.inc");
+include("inc/auth_pop3.inc");
 
 if (isset($kontakt_osoba_id) && $what!="relogin") {
 	$result = pg_Exec ($conn, "select ime,prezime,passwd,prava from kontakt_osobe where aktivna=true and id=$kontakt_osoba_id");
@@ -11,7 +13,7 @@
 #	print "--$korow[passwd] | $md5_passwd | $passwd ";
 	$prava=$korow[prava];
 	print "<small>Trenutno ste prijavljeni kao $korow[ime] $korow[prezime], ako je to krivo odaberite <a href=\"$PHP_SELF?what=relogin\">ovaj link</a>.</small>";
-	$curr_md5_passwd=base64_encode(mhash(MHASH_MD5,$korow[passwd]));
+	$curr_md5_passwd=md5($korow[passwd]);
 	if ( (!isset($md5_passwd) && $korow[passwd] != $passwd) ||
 		(isset($md5_passwd) && $curr_md5_passwd != $md5_passwd) ) {
 		include("inc/auth.inc");
@@ -21,7 +23,7 @@
 		print '<p><a href="index.php">Povratak na početnu stranicu</a>';
 	} else {
 		session_register("md5_passwd");
-		$md5_passwd=base64_encode(mhash(MHASH_MD5,$korow[passwd]));
+		$md5_passwd=md5($korow[passwd]);
 	}
 }
 
@@ -81,6 +83,15 @@
 	print "<small><a href=\"osoba.php?what=select-osoba&id=$id\">[promjeni podatke o osobi]</a></small>";
 }
 
+// update nove lozinke i upis statusa
+if (($prava & $pr_lozinke) && $update_newpasswd) {
+	$sql="update racuni set passwd='$newpasswd' where racuni.id=$racuni_id";
+	pg_Exec ($conn, "$sql");
+	$sql="insert into status (osoba_id,kontakt_osoba_id,datum,status_tip_id) values ($id,$kontakt_osoba_id,'now'::datetime,7)";
+	$result = pg_Exec ($conn, $sql);
+	$promjena_lozinke_result="<b>Nova lozinka upisana u bazu! Treba je ručno promjeniti na serveru!</b>";
+}
+
 // kreiraj statuse, zapamti da li je instaliran
 
 $instaliran=0;
@@ -88,7 +99,7 @@
 $result = pg_Exec ($conn, "select status.id as status_id,datum,opis,ime,prezime,status_tip_id as st
 	from status,kontakt_osobe,status_tip
 	where kontakt_osoba_id=kontakt_osobe.id and status_tip_id=status_tip.id
-	and osoba_id=$id order by datum");
+	and status.osoba_id=$id order by datum");
 
 $statusi="";
 
@@ -109,7 +120,8 @@
 
 
 $result = pg_Exec ($conn, "select racuni.login as login,
-	racuni.passwd as passwd,e_mail.alias as email
+	racuni.passwd as passwd,e_mail.alias as email,
+	racuni.id as racuni_id
 	where racuni.osoba_id=$id and e_mail.osoba_id=$id");
 
 if (pg_numrows($result) > 0) {
@@ -118,11 +130,44 @@
 	print "
 <h1>Podaci o korisničkom računu</h1>
 
+<form action=$PHP_SELF method=post>
+
 <table>
 <tr><td>Korisnička oznaka:</td><td><tt>$row[login]</tt></td></tr>
 ";
-if ($prava & $pr_instalacija) {
-	print "<tr><td>Lozinka:</td><td><tt>$row[passwd]</tt></td></tr>";
+if ($prava & $pr_instalacija || $prava & $pr_lozinke) {
+	print "<tr><td>Lozinka:</td><td><tt>$row[passwd]</tt>";
+	$passwd_ok="?";
+	if ($check_pop) {
+		$pop3 = new POP3();
+		$pop3->connect("intranet.pliva.hr");
+		if ($pop3->checklogin($row[login],$row[passwd])) {
+			$passwd_ok="t";
+		} else {
+			$passwd_ok="f";
+		}
+		$pop3->quit();
+		print show_bool($passwd_ok);
+	} else {
+		print "<input type=hidden name=id value=$id>
+			<input type=submit name=check_pop value=\"Provjeri\">
+			";
+	}
+	if ($prava & $pr_lozinke) {
+	    if ($input_newpasswd) {
+		print "<input type=hidden name=id value=$id>
+			<input type=text name=newpasswd value=\"$row[passwd]\" size=8>
+			<input type=hidden name=racuni_id value=\"$row[racuni_id]\">
+			<input type=submit name=update_newpasswd value=\"Promjeni\">";
+
+	    } elseif ($update_newpasswd) {
+		print $promjena_lozinke_result;
+	    } else {
+		print "<input type=hidden name=id value=$id>
+			<input type=submit name=input_newpasswd value=\"Promjeni\">";
+	   }
+	}// prava=pr_lozinke
+	print "</td></tr>";
 } else {
 	print "<tr><td colspan=2><i>Nemate ovlaštenja vidjeti lozinku ovog korisnika!</i></td></tr>";
 }
@@ -137,6 +182,8 @@
 
 
 	print "
+</form>
+
 <h1>Podaci o statusima korisničkog računa</h1>
 
 <form action=oznaci.php>
@@ -164,10 +211,12 @@
 }
 
 $statusi.="<td><select name=status_tip_id>";
+$min_status=5;
+if ($prava==$pr_admin) $min_status=3;
 
 	$result = pg_Exec ($conn, "select id,opis
 		from status_tip
-		where id >= 5
+		where id >= $min_status
 		");
 
 	$num_prava=0;

Korisnička oznaka:	`$row[login]`
Lozinka:	`$row[passwd]`
Lozinka:	`$row[passwd]`"; + $passwd_ok="?"; + if ($check_pop) { + $pop3 = new POP3(); + $pop3->connect("intranet.pliva.hr"); + if ($pop3->checklogin($row[login],$row[passwd])) { + $passwd_ok="t"; + } else { + $passwd_ok="f"; + } + $pop3->quit(); + print show_bool($passwd_ok); + } else { + print " + + "; + } + if ($prava & $pr_lozinke) { + if ($input_newpasswd) { + print " + + + "; + + } elseif ($update_newpasswd) { + print $promjena_lozinke_result; + } else { + print " + "; + } + }// prava=pr_lozinke + print "
Nemate ovlaštenja vidjeti lozinku ovog korisnika!