--- html/obavijest.php	2000/05/10 06:26:12	1.3
+++ html/obavijest.php	2001/10/03 15:00:25	1.19
@@ -1,16 +1,48 @@
 <?
 
 include("inc/head.inc");
+include("inc/prava.inc");
+include("inc/print_bool2.inc");
+include("inc/bgcolor.inc");
+include("inc/show_bool.inc");
+include("inc/auth_pop3.inc");
+
+if (isset($kontakt_osoba_id) && $what!="relogin") {
+	$result = pg_Exec ($conn, "select ime,prezime,passwd,prava from kontakt_osobe where aktivna=true and id=$kontakt_osoba_id");
+	$korow=pg_fetch_array($result,0);
+#	print "--$korow[passwd] | $md5_passwd | $passwd ";
+	$prava=$korow[prava];
+	print "<small>Trenutno ste prijavljeni kao $korow[ime] $korow[prezime], ako je to krivo odaberite <a href=\"$PHP_SELF?what=relogin\">ovaj link</a>.</small>";
+	$curr_md5_passwd=md5($korow[passwd]);
+	if ( (!isset($md5_passwd) && $korow[passwd] != $passwd) ||
+		(isset($md5_passwd) && $curr_md5_passwd != $md5_passwd) ) {
+		include("inc/auth.inc");
+		$what="auth";
+		echo "<big>Upisana je neispravna loznika!</big>";
+		session_destroy();
+		print '<p><a href="index.php">Povratak na početnu stranicu</a>';
+	} else {
+		session_register("md5_passwd");
+		$md5_passwd=md5($korow[passwd]);
+	}
+}
+
+#print "--$pr_ko--";
+
+if (! isset($kontakt_osoba_id)) {
+	include("inc/auth.inc");
+	$what="auth";
 
-if (! isset($id)) {
+} elseif (! isset($id)) {
 	include("inc/obavjest-forma.inc");
-} else {
+} elseif (isset($id) && $what!="auth") {
 
 
 $result = pg_Exec ($conn, "
 	select osobe.id as id,ime,prezime,tel,lokacije.naziv as lok,sifra,
 		org_jed.naziv as orgjed,org_pod_jed.pod_naziv as orgpodjed,
-		lok_racunala as lokrac,objekt,kat,soba,z_rac
+		lok_racunala as lokrac,objekt,kat,soba,z_rac,podesavanje,
+		umrezavanje,shell
 	from osobe
 	where osobe.id=$id
 		and lokacija_id=lokacije.id and org_jed_id=org_jed.id
@@ -40,14 +72,56 @@
 <tr><td><small>Objekt/soba/kat:</small></td>
 	<td>$row[objekt] / $row[soba] / $row[kat]</td>
 	<td><small>Ž računala:</small> $row[z_rac]</td></tr>
+<tr><td>Shell: ".print_bool($row[shell])."</td>
+	<td>Umrežavanje: ".print_bool($row[umrezavanje])."</td>
+	<td>Podešavanje: ".print_bool($row[podesavanje])."</td>
 </table>
 	";
+
+
+if ($prava & $pr_promjena) {
+	print "<small><a href=\"osoba.php?what=select-osoba&id=$id\">[promjeni podatke o osobi]</a></small>";
+}
+
+// update nove lozinke i upis statusa
+if (($prava & $pr_lozinke) && $update_newpasswd) {
+	$sql="update racuni set passwd='$newpasswd' where racuni.id=$racuni_id";
+	pg_Exec ($conn, "$sql");
+	$sql="insert into status (osoba_id,kontakt_osoba_id,datum,status_tip_id) values ($id,$kontakt_osoba_id,'now'::datetime,7)";
+	$result = pg_Exec ($conn, $sql);
+	$promjena_lozinke_result="<b>Nova lozinka upisana u bazu! Treba je ručno promjeniti na serveru!</b>";
+}
+
+// kreiraj statuse, zapamti da li je instaliran
+
+$instaliran=0;
+
+$result = pg_Exec ($conn, "select status.id as status_id,datum,opis,ime,prezime,status_tip_id as st
+	from status,kontakt_osobe,status_tip
+	where kontakt_osoba_id=kontakt_osobe.id and status_tip_id=status_tip.id
+	and status.osoba_id=$id order by datum");
+
+$statusi="";
+
+$nr = pg_numrows($result);
+if ($nr > 0) {
+	for ($i=0; $i<$nr; $i++) {
+		$row=pg_fetch_array($result,$i);
+		if ($row[st] != 2) {
+			$statusi.="<tr ".bgcolor()."><td><small>$row[datum]</small></td><td>$row[opis]</td><td>$row[ime] $row[prezime]</td></tr>";
+		} else {
+			$statusi.="<tr ".bgcolor()."><td><small>$row[datum]</small></td><td><a href=\"promjene.php?osoba_id=$id&status_id=$row[status_id]\">$row[opis]</a></td><td>$row[ime] $row[prezime]</td></tr>";
+		}
+		if ($row[st] == 6) { $instaliran = 1; };
+	}
 } else {
-	print "<p><big>Nema podataka o osobi sa id-jem $id</big>";
+	$statusi.="<p><big>Nema podataka o korisničkom računu</big>";
 }
 
+
 $result = pg_Exec ($conn, "select racuni.login as login,
-	racuni.passwd as passwd,e_mail.alias as email
+	racuni.passwd as passwd,e_mail.alias as email,
+	racuni.id as racuni_id
 	where racuni.osoba_id=$id and e_mail.osoba_id=$id");
 
 if (pg_numrows($result) > 0) {
@@ -56,9 +130,48 @@
 	print "
 <h1>Podaci o korisničkom računu</h1>
 
+<form action=$PHP_SELF method=post>
+
 <table>
 <tr><td>Korisnička oznaka:</td><td><tt>$row[login]</tt></td></tr>
-<tr><td>Lozinka:</td><td><tt>$row[passwd]</tt></td></tr>
+";
+if ($prava & $pr_instalacija || $prava & $pr_lozinke) {
+	print "<tr><td>Lozinka:</td><td><tt>$row[passwd]</tt>";
+	$passwd_ok="?";
+	if ($check_pop) {
+		$pop3 = new POP3();
+		$pop3->connect("intranet.pliva.hr");
+		if ($pop3->checklogin($row[login],$row[passwd])) {
+			$passwd_ok="t";
+		} else {
+			$passwd_ok="f";
+		}
+		$pop3->quit();
+		print show_bool($passwd_ok);
+	} else {
+		print "<input type=hidden name=id value=$id>
+			<input type=submit name=check_pop value=\"Provjeri\">
+			";
+	}
+	if ($prava & $pr_lozinke) {
+	    if ($input_newpasswd) {
+		print "<input type=hidden name=id value=$id>
+			<input type=text name=newpasswd value=\"$row[passwd]\" size=8>
+			<input type=hidden name=racuni_id value=\"$row[racuni_id]\">
+			<input type=submit name=update_newpasswd value=\"Promjeni\">";
+
+	    } elseif ($update_newpasswd) {
+		print $promjena_lozinke_result;
+	    } else {
+		print "<input type=hidden name=id value=$id>
+			<input type=submit name=input_newpasswd value=\"Promjeni\">";
+	   }
+	}// prava=pr_lozinke
+	print "</td></tr>";
+} else {
+	print "<tr><td colspan=2><i>Nemate ovlaštenja vidjeti lozinku ovog korisnika!</i></td></tr>";
+}
+	print "
 <tr><td>E-mail adresa:</td><td><tt>$row[email]@pliva.hr</tt></td></tr>
 </table>
 	";
@@ -67,30 +180,87 @@
 	print "<p><big>Nema podataka o korisničkom računu</big>";
 }
 
-$result = pg_Exec ($conn, "select datum,opis,ime,prezime
-	from status,kontakt_osobe,status_tip
-	where kontakt_osoba_id=kontakt_osobe.id and status_tip_id=status_tip.id
-	and osoba_id=$id");
 
 	print "
-<h1>Podaci o statusima koriničkog računa</h1>
+</form>
 
-<table>
-<tr><th>datum</th><th>status</th><th>status postavio/la</th></tr>";
+<h1>Podaci o statusima korisničkog računa</h1>
 
-$nr = pg_numrows($result);
-if ($nr > 0) {
-	for ($i=0;$i<$nr; $i++) {
-		$row=pg_fetch_array($result,$i);
-		print "<tr><td><small>$row[datum]</small></td><td>$row[opis]</td><td>$row[ime] $row[prezime]</td></tr>";
+<form action=oznaci.php>
+<input type=hidden name=kontakt_osoba_id value=$kontakt_osoba_id>
+<input type=hidden name=osoba_id value=$id>
+
+<table border=0>
+<tr><th>datum</th><th>status</th><th>status postavio/la</th></tr>
+$statusi";
+
+$statusi="<tr>";
+
+if ($prava == $pr_admin) {
+	$statusi.="<td><select name=date_offset>
+		<option value=>danas</option>
+		<option value=1>sutra</option>";
+	$dani=array("nedjelju","ponedjeljak","utorak","srijedu",
+		"četvrtak","petak","subotu");
+	for ($d=2; $d<10; $d++) {
+		$statusi.="<option value=$d>u ".$dani[(date("w")+$d) % 7].", ". date("d.m.Y",time()+$d*24*60*60)."</option>";
 	}
+	$statusi.="</select></td>";
 } else {
-	print "<p><big>Nema podataka o korisničkom računu</big>";
+	$statusi.="<td align=right><b>Dodati status:</b></td>";
+}
+
+$statusi.="<td><select name=status_tip_id>";
+$min_status=5;
+if ($prava==$pr_admin) $min_status=3;
+
+	$result = pg_Exec ($conn, "select id,opis
+		from status_tip
+		where id >= $min_status
+		");
+
+	$num_prava=0;
+
+	for ($i=0; $i<pg_numrows($result); $i++) {
+		$row=pg_fetch_array($result,$i);
+		if ($prava & pow(2,$row[id])) {
+			$statusi.="<option value=$row[id]>$row[opis]</option>\n";
+			$num_prava++;
+		}
+	}
+
+$statusi.="</select></td>
+<td>$korow[ime] $korow[prezime]</td>
+<td><input type=submit value=\"Dodaj\"></td></tr>";
+
+if ($num_prava>0) {
+	print "$statusi";
 }
 
-print "</table>";
+print "
+</table>
+</form>
+
+<small>Broj trenutnog zahtjeva: $id</small>
+<hr>
+";
+
+} else { // pg_numrows($result) > 0
+	print "<p><big>Nema podataka o osobi sa id-jem $id</big>";
+}	// pg_numrows($result) > 0
+
+include("inc/obavjest-forma.inc");
 
 } // isset($id)
 
+print "<p>Povratak na ";
+if (isset($HTTP_REFERER)) {
+	print "<a href=\"$HTTP_REFERER\">stranicu sa koje ste došli</a> ili ";
+}
+print "<a href=\"/\">početnu stranicu</a>.";
+
+
+include("inc/footer.inc");
+
 ?>