--- html/obavijest.php	2000/06/27 11:43:01	1.9
+++ html/obavijest.php	2002/01/25 14:47:46	1.21
@@ -2,8 +2,11 @@
 
 include("inc/head.inc");
 include("inc/prava.inc");
-include("inc/show_bool.inc");
+include("inc/print_bool2.inc");
 include("inc/bgcolor.inc");
+include("inc/show_bool.inc");
+include("inc/auth_pop3.inc");
+include("inc/sap_org_jed.inc");
 
 if (isset($kontakt_osoba_id) && $what!="relogin") {
 	$result = pg_Exec ($conn, "select ime,prezime,passwd,prava from kontakt_osobe where aktivna=true and id=$kontakt_osoba_id");
@@ -11,7 +14,7 @@
 #	print "--$korow[passwd] | $md5_passwd | $passwd ";
 	$prava=$korow[prava];
 	print "<small>Trenutno ste prijavljeni kao $korow[ime] $korow[prezime], ako je to krivo odaberite <a href=\"$PHP_SELF?what=relogin\">ovaj link</a>.</small>";
-	$curr_md5_passwd=base64_encode(mhash(MHASH_MD5,$korow[passwd]));
+	$curr_md5_passwd=md5($korow[passwd]);
 	if ( (!isset($md5_passwd) && $korow[passwd] != $passwd) ||
 		(isset($md5_passwd) && $curr_md5_passwd != $md5_passwd) ) {
 		include("inc/auth.inc");
@@ -21,7 +24,7 @@
 		print '<p><a href="index.php">Povratak na početnu stranicu</a>';
 	} else {
 		session_register("md5_passwd");
-		$md5_passwd=base64_encode(mhash(MHASH_MD5,$korow[passwd]));
+		$md5_passwd=md5($korow[passwd]);
 	}
 }
 
@@ -38,14 +41,12 @@
 
 $result = pg_Exec ($conn, "
 	select osobe.id as id,ime,prezime,tel,lokacije.naziv as lok,sifra,
-		org_jed.naziv as orgjed,org_pod_jed.pod_naziv as orgpodjed,
 		lok_racunala as lokrac,objekt,kat,soba,z_rac,podesavanje,
 		umrezavanje,shell
 	from osobe
 	where osobe.id=$id
-		and lokacija_id=lokacije.id and org_jed_id=org_jed.id
-		and org_pod_jed_id=org_pod_jed.pod_id
-	order by lokacije.naziv,org_jed.naziv
+		and lokacija_id=lokacije.id
+	order by lokacije.naziv
 	");
 
 if (pg_numrows($result) > 0) {
@@ -59,10 +60,9 @@
 	<td>$row[ime] $row[prezime]</td>
 	<td><small>Tel:</small> $row[tel]</td></tr>
 <tr><td><small>Org. jedinica:</small></td>
-	<td>$row[orgjed]</td>
+	<td rowspan=2>".sap_org_jed($row[sifra])." </td>
 	<td><small>Šifra radnika:</small> $row[sifra]</td></tr>
-<tr><td><small>Podjedinica:</small></td>
-	<td>$row[orgpodjed]</td>
+<tr><td></td>
 	<td><small>Lokacija računala:</small></td></tr>
 <tr><td><small>Lokacija:</small></td>
 	<td>$row[lok]</td>
@@ -70,38 +70,69 @@
 <tr><td><small>Objekt/soba/kat:</small></td>
 	<td>$row[objekt] / $row[soba] / $row[kat]</td>
 	<td><small>Ž računala:</small> $row[z_rac]</td></tr>
-<tr><td>Shell: ".show_bool($row[shell])."</td>
-	<td>Umrežavanje: ".show_bool($row[umrezavanje])."</td>
-	<td>Podešavanje: ".show_bool($row[podesavanje])."</td>
+<tr><td>Shell: ".print_bool($row[shell])."</td>
+	<td>Umrežavanje: ".print_bool($row[umrezavanje])."</td>
+	<td>Podešavanje: ".print_bool($row[podesavanje])."</td>
 </table>
 	";
 
+
+if ($prava & $pr_promjena) {
+	print "<small><a href=\"osoba.php?what=select-osoba&id=$id\">[promjeni podatke o osobi]</a></small>";
+}
+
+// update nove lozinke i upis statusa
+if (($prava & $pr_lozinke) && $update_newpasswd) {
+	$result = pg_Exec ($conn, "select login,passwd from racuni where id=$racuni_id");
+	$row=pg_fetch_array($result,0);
+
+	include("inc/poppassd.inc");
+	$tmp=poppassd($row[login],$row[passwd],$newpasswd);
+
+	if ($tmp[0]) {
+
+		$sql="update racuni set passwd='$newpasswd' where racuni.id=$racuni_id";
+		pg_Exec ($conn, "$sql");
+		$sql="insert into status (osoba_id,kontakt_osoba_id,datum,status_tip_id) values ($id,$kontakt_osoba_id,'now'::datetime,7)";
+		$result = pg_Exec ($conn, $sql);
+		$promjena_lozinke_result="Lozinka upisana! ".$tmp[1];
+	} else {
+		$promjena_lozinke_result="<b>Greška</b>: ".$tmp[1];
+	}
+}
+
 // kreiraj statuse, zapamti da li je instaliran
 
 $instaliran=0;
 
-$result = pg_Exec ($conn, "select datum,opis,ime,prezime,status_tip_id as st
+$result = pg_Exec ($conn, "select status.id as status_id,datum,opis,ime,prezime,status_tip_id as st
 	from status,kontakt_osobe,status_tip
 	where kontakt_osoba_id=kontakt_osobe.id and status_tip_id=status_tip.id
-	and osoba_id=$id order by datum");
+	and status.osoba_id=$id order by datum");
 
 $statusi="";
 
 $nr = pg_numrows($result);
 if ($nr > 0) {
-	for ($i=0;$i<$nr; $i++) {
+	for ($i=0; $i<$nr; $i++) {
 		$row=pg_fetch_array($result,$i);
-		$statusi.="<tr ".bgcolor()."><td><small>$row[datum]</small></td><td>$row[opis]</td><td>$row[ime] $row[prezime]</td></tr>";
+		if ($row[st] != 2) {
+			$statusi.="<tr ".bgcolor()."><td><small>$row[datum]</small></td><td>$row[opis]</td><td>$row[ime] $row[prezime]</td></tr>";
+		} else {
+			$statusi.="<tr ".bgcolor()."><td><small>$row[datum]</small></td><td><a href=\"promjene.php?osoba_id=$id&status_id=$row[status_id]\">$row[opis]</a></td><td>$row[ime] $row[prezime]</td></tr>";
+		}
 		if ($row[st] == 6) { $instaliran = 1; };
 	}
 } else {
 	$statusi.="<p><big>Nema podataka o korisničkom računu</big>";
 }
 
-
+$server=3;
 $result = pg_Exec ($conn, "select racuni.login as login,
-	racuni.passwd as passwd,e_mail.alias as email
-	where racuni.osoba_id=$id and e_mail.osoba_id=$id");
+	racuni.passwd as passwd,e_mail.alias as email,
+	racuni.id as racuni_id
+	where racuni.osoba_id=$id and e_mail.osoba_id=$id 
+        and racuni.server_id=$server");
 
 if (pg_numrows($result) > 0) {
 	$row=pg_fetch_array($result,0);
@@ -109,11 +140,44 @@
 	print "
 <h1>Podaci o korisničkom računu</h1>
 
+<form action=$PHP_SELF method=post>
+
 <table>
 <tr><td>Korisnička oznaka:</td><td><tt>$row[login]</tt></td></tr>
 ";
-if ($prava & $pr_instalacija) {
-	print "<tr><td>Lozinka:</td><td><tt>$row[passwd]</tt></td></tr>";
+if ($prava & $pr_instalacija || $prava & $pr_lozinke) {
+	print "<tr><td>Lozinka:</td><td><tt>".htmlspecialchars($row[passwd])."</tt>";
+	$passwd_ok="?";
+	if ($check_pop) {
+		$pop3 = new POP3();
+		$pop3->connect("intranet.pliva.hr");
+		if ($pop3->checklogin($row[login],$row[passwd])) {
+			$passwd_ok="t";
+		} else {
+			$passwd_ok="f";
+		}
+		$pop3->quit();
+		print show_bool($passwd_ok);
+	} else {
+		print "<input type=hidden name=id value=$id>
+			<input type=submit name=check_pop value=\"Provjeri\">
+			";
+	}
+	if ($prava & $pr_lozinke) {
+	    if ($input_newpasswd) {
+		print "<input type=hidden name=id value=$id>
+			<input type=text name=newpasswd value=\"$row[passwd]\" size=8>
+			<input type=hidden name=racuni_id value=\"$row[racuni_id]\">
+			<input type=submit name=update_newpasswd value=\"Promjeni\">";
+
+	    } elseif ($update_newpasswd) {
+		print $promjena_lozinke_result;
+	    } else {
+		print "<input type=hidden name=id value=$id>
+			<input type=submit name=input_newpasswd value=\"Promjeni\">";
+	   }
+	}// prava=pr_lozinke
+	print "</td></tr>";
 } else {
 	print "<tr><td colspan=2><i>Nemate ovlaštenja vidjeti lozinku ovog korisnika!</i></td></tr>";
 }
@@ -128,6 +192,8 @@
 
 
 	print "
+</form>
+
 <h1>Podaci o statusima korisničkog računa</h1>
 
 <form action=oznaci.php>
@@ -136,28 +202,52 @@
 
 <table border=0>
 <tr><th>datum</th><th>status</th><th>status postavio/la</th></tr>
-$statusi
-<tr><td align=right><b>Dodati status:</b></td>
+$statusi";
+
+$statusi="<tr>";
+
+if ($prava == $pr_admin) {
+	$statusi.="<td><select name=date_offset>
+		<option value=>danas</option>
+		<option value=1>sutra</option>";
+	$dani=array("nedjelju","ponedjeljak","utorak","srijedu",
+		"četvrtak","petak","subotu");
+	for ($d=2; $d<10; $d++) {
+		$statusi.="<option value=$d>u ".$dani[(date("w")+$d) % 7].", ". date("d.m.Y",time()+$d*24*60*60)."</option>";
+	}
+	$statusi.="</select></td>";
+} else {
+	$statusi.="<td align=right><b>Dodati status:</b></td>";
+}
 
-<td><select name=status_tip_id>";
+$statusi.="<td><select name=status_tip_id>";
+$min_status=5;
+if ($prava==$pr_admin) $min_status=3;
 
 	$result = pg_Exec ($conn, "select id,opis
 		from status_tip
-		where id >= 5
+		where id >= $min_status
 		");
 
-//		where id >= 5 and (2^id && $prava)
+	$num_prava=0;
+
 	for ($i=0; $i<pg_numrows($result); $i++) {
 		$row=pg_fetch_array($result,$i);
 		if ($prava & pow(2,$row[id])) {
-			print "<option value=$row[id]>$row[opis]</option>\n";
+			$statusi.="<option value=$row[id]>$row[opis]</option>\n";
+			$num_prava++;
 		}
 	}
 
-print "</select></td>
-
+$statusi.="</select></td>
 <td>$korow[ime] $korow[prezime]</td>
-<td><input type=submit value=\"Dodaj\"></td></tr>
+<td><input type=submit value=\"Dodaj\"></td></tr>";
+
+if ($num_prava>0) {
+	print "$statusi";
+}
+
+print "
 </table>
 </form>
 
@@ -173,8 +263,12 @@
 
 } // isset($id)
 
-print '<p>Povratak na <a href="lista.php">listu zahtjeva</a> ili
-	<a href="/">početnu stranicu</a>.';
+print "<p>Povratak na ";
+if (isset($HTTP_REFERER)) {
+	print "<a href=\"$HTTP_REFERER\">stranicu sa koje ste došli</a> ili ";
+}
+print "<a href=\"/\">početnu stranicu</a>.";
+
 
 include("inc/footer.inc");
 

Korisnička oznaka:	`$row[login]`
Lozinka:	`$row[passwd]`
Lozinka:	`".htmlspecialchars($row[passwd])."`"; + $passwd_ok="?"; + if ($check_pop) { + $pop3 = new POP3(); + $pop3->connect("intranet.pliva.hr"); + if ($pop3->checklogin($row[login],$row[passwd])) { + $passwd_ok="t"; + } else { + $passwd_ok="f"; + } + $pop3->quit(); + print show_bool($passwd_ok); + } else { + print " + + "; + } + if ($prava & $pr_lozinke) { + if ($input_newpasswd) { + print " + + + "; + + } elseif ($update_newpasswd) { + print $promjena_lozinke_result; + } else { + print " + "; + } + }// prava=pr_lozinke + print "
Nemate ovlaštenja vidjeti lozinku ovog korisnika!
datum	status
Dodati status:
	Dodati status:	$korow[ime] $korow[prezime]