PEEL Shopping
Open source ecommerce : PEEL Shopping
list_admin_actions.php
Go to the documentation of this file.
1 <?php
2 // This file should be in UTF8 without BOM - Accents examples: éèê
3 // +----------------------------------------------------------------------+
4 // | Copyright (c) 2004-2015 Advisto SAS, service PEEL - contact@peel.fr |
5 // +----------------------------------------------------------------------+
6 // | This file is part of PEEL Shopping 8.0.0, which is subject to an |
7 // | opensource GPL license: you are allowed to customize the code |
8 // | for your own needs, but must keep your changes under GPL |
9 // | More information: https://www.peel.fr/lire/licence-gpl-70.html |
10 // +----------------------------------------------------------------------+
11 // | Author: Advisto SAS, RCS 479 205 452, France, https://www.peel.fr/ |
12 // +----------------------------------------------------------------------+
13 // $Id: list_admin_actions.php 46935 2015-09-18 08:49:48Z gboussin $
14 define('IN_PEEL_ADMIN', true);
15 include("../configuration.inc.php");
16 necessite_identification();
17 necessite_priv("admin_users,admin_moderation");
18 
19 $GLOBALS['DOC_TITLE'] = $GLOBALS['STR_ADMIN_ADMIN_ACTIONS_TITLE'];
20 include($GLOBALS['repertoire_modele'] . "/admin_haut.php");
21 
22 $id = intval(vn($_REQUEST['id']));
23 
24 if (!isset($form_error_object)) {
25  $form_error_object = new FormError();
26 }
27 
28 switch (vb($_REQUEST['mode'])) {
29  case "supp":
30  if (!empty($_POST['form_delete'])) {
31  foreach($_POST['form_delete'] as $action_id) {
32  delete_admin_action($action_id);
33  }
34  }
35  echo affiche_list_admin_action(null, true);
36  break;
37 
38  case "recherche":
39  echo affiche_list_admin_action($_POST, true);
40  break;
41 
42  default :
43  echo affiche_list_admin_action(null, true);
44  break;
45 }
46 
47 include($GLOBALS['repertoire_modele'] . "/admin_bas.php");
48 
56 function affiche_list_admin_action($frm = null, $return_mode = false)
57 {
58  $output = '';
59  $search_array = array();
60  if (!empty($frm)) {
61  // Recherche par id admin
62  if (!empty($frm['admin_id'])) {
63  $search_array[] = 'paa.id_user="' . intval(vn($frm['admin_id'])) . '" ';
64  }
65  // Recherche par type d'action
66  if (!empty($frm['action_cat'])) {
67  $search_array[] = 'paa.action="' . nohtml_real_escape_string(vb($frm['action_cat'])) . '" ';
68  }
69  // Recherche par id de membre
70  if (!empty($frm['account']) && is_numeric($frm['account'])) {
71  $search_array[] = 'paa.id_membre="' . intval($frm['account']) . '" ';
72  } elseif (!empty($frm['account'])) {
73  $search_array[] = '(pu2.email LIKE "%' . nohtml_real_escape_string($frm['account']) . '%" OR pu2.pseudo LIKE "%' . nohtml_real_escape_string($frm['account']) . '%")';
74  }
75  // Recherche par date
76  if (!empty($frm['date_input1']) && !empty($frm['date'])) {
77  $this_get = 'date';
78  $this_sql_field = 'paa.date';
79  $first_value = get_mysql_date_from_user_input($frm[$this_get . '_input1']);
80  if ($frm[$this_get] == '1') {
81  // Une valeur cherchée uniquement : le X
82  $last_value = $first_value . ' 23:59:59';
83  } elseif ($frm[$this_get] == '2') {
84  // Si "a partir de...", on va recupérer tous les utilisateurs
85  $last_value = '2030-12-31 23:59:59';
86  } elseif ($frm[$this_get] == '3') {
87  // Entre le jour X et le jour Y
88  $last_value = str_replace('0000-00-00', '2030-12-31', get_mysql_date_from_user_input($frm[$this_get . '_input2']));
89  $last_value .= ' 23:59:59';
90  } else {
91  echo $GLOBALS['tplEngine']->createTemplate('global_success.tpl', array('message' => $GLOBALS['STR_ADMIN_CASE_NOT_FORECASTED'] . ' : ' . $frm[$this_get]))->fetch();
92  }
93  $this_cond_temp_expression = word_real_escape_string($this_sql_field) . '>="' . nohtml_real_escape_string($first_value) . '"';
94  if ($last_value != '2030-12-31 23:59:59') {
95  // On ne passe jamais ici normalement car on ne serait pas dans le cas "à partir du" - mais on laisse pour sécurité
96  $this_cond_temp_expression .= ' AND ' . word_real_escape_string($this_sql_field) . '<"' . nohtml_real_escape_string($last_value) . '"';
97  }
98  $search_array[] = $this_cond_temp_expression;
99  }
100  // Recherche par mot
101  if (!empty($frm['search']) && !empty($frm['type'])) {
102  // Recherche par different mot
103  $terms = build_search_terms($frm['search'], $frm['type']);
104  $fields[] = 'paa.data';
105  $fields[] = 'paa.raison';
106  $fields[] = 'paa.remarque';
107  $search_array[] = build_terms_clause($terms, $fields, $frm['type']);
108  }
109  }
110  // Gestion des actions
111  if (!empty($_GET['action_cat'])) {
112  if ($_GET['action_cat'] == 'PHONE') {
113  $search_array[] = 'paa.action LIKE "' . real_escape_string($_GET['action_cat']) . '%"';
114  } else {
115  $search_array[] = 'paa.action="' . real_escape_string($_GET['action_cat']) . '"';
116  }
117  }
118  if (!empty($_GET['action_cat']) && $_GET['action_cat'] == 'PHONE') {
119  $title = $GLOBALS['STR_ADMIN_ADMIN_ACTIONS_CALLS_LIST'];
120  } else {
121  $title = $GLOBALS['STR_ADMIN_ADMIN_ACTIONS_ALL_LIST'];
122  }
123 
124  $tpl = $GLOBALS['tplEngine']->createTemplate('admin_list_admin_action.tpl');
125  $GLOBALS['js_ready_content_array'][] = '
126  display_input2_element("date");
127 ';
128  $tpl->assign('action', get_current_url(false));
129  $tpl->assign('title', $title);
130  $q = query('SELECT id_utilisateur, pseudo, email
131  FROM peel_utilisateurs
132  WHERE priv LIKE "admin%" AND ' . get_filter_site_cond('utilisateurs', null, true) . '');
133  if (!empty($q)) {
134  $tpl_options = array();
135  while ($user_admin = fetch_assoc($q)) {
136  $tpl_options[] = array('value' => $user_admin['id_utilisateur'],
137  'issel' => !empty($frm['admin_id']) && $frm['admin_id'] == $user_admin['id_utilisateur'],
138  'name' => (!a_priv('demo')?(!empty($user_admin['pseudo'])?$user_admin['pseudo']:$user_admin['email']):'private [demo]')
139  );
140  }
141  $tpl->assign('options_ids', $tpl_options);
142  }
143  $tpl_options = array();
144  $q = query('SELECT action
145  FROM peel_admins_actions
146  WHERE ' . get_filter_site_cond('admins_actions', null, true) . '
147  GROUP BY action');
148  while ($action = fetch_assoc($q)) {
149  $tpl_options[] = array('value' => $action['action'],
150  'issel' => !empty($frm['action_cat']) && $frm['action_cat'] == $action['action'],
151  'name' => $action['action']
152  );
153  }
154  $tpl->assign('options_actions', $tpl_options);
155  $tpl->assign('account', $frm['account']);
156  $tpl->assign('date', $frm['date']);
157  $tpl->assign('date_input1', get_formatted_date(vb($frm['date_input1'])));
158  $tpl->assign('date_input2', get_formatted_date(vb($frm['date_input2'])));
159  $tpl->assign('search', vb($frm['search']));
160  $tpl->assign('type', vb($frm['type']));
161  $tpl->assign('STR_CHOOSE', $GLOBALS['STR_CHOOSE']);
162  $tpl->assign('STR_ADMIN_ADMIN_ACTIONS_CALLS_EXPLAIN', $GLOBALS['STR_ADMIN_ADMIN_ACTIONS_CALLS_EXPLAIN']);
163  $tpl->assign('STR_ADMIN_ADMIN_ACTIONS_MODERATOR', $GLOBALS['STR_ADMIN_ADMIN_ACTIONS_MODERATOR']);
164  $tpl->assign('STR_ADMIN_ADMIN_ACTIONS_NO_MODERATOR_WITH_ACTIONS_FOUND', $GLOBALS['STR_ADMIN_ADMIN_ACTIONS_NO_MODERATOR_WITH_ACTIONS_FOUND']);
165  $tpl->assign('STR_BEFORE_TWO_POINTS', $GLOBALS['STR_BEFORE_TWO_POINTS']);
166  $tpl->assign('STR_ADMIN_ADMIN_ACTIONS_ACTIONS', $GLOBALS['STR_ADMIN_ADMIN_ACTIONS_ACTIONS']);
167  $tpl->assign('STR_ADMIN_ADMIN_ACTIONS_CONCERNED_ACCOUNT', $GLOBALS['STR_ADMIN_ADMIN_ACTIONS_CONCERNED_ACCOUNT']);
168  $tpl->assign('STR_ADMIN_DATE', $GLOBALS['STR_ADMIN_DATE']);
169  $tpl->assign('STR_ADMIN_INPUT_SEARCH', $GLOBALS['STR_ADMIN_INPUT_SEARCH']);
170  $tpl->assign('STR_ADMIN_DATE_ON', $GLOBALS['STR_ADMIN_DATE_ON']);
171  $tpl->assign('STR_ADMIN_DATE_STARTING', $GLOBALS['STR_ADMIN_DATE_STARTING']);
172  $tpl->assign('STR_ADMIN_DATE_BETWEEN_START', $GLOBALS['STR_ADMIN_DATE_BETWEEN_START']);
173  $tpl->assign('STR_ADMIN_DATE_BETWEEN_AND', $GLOBALS['STR_ADMIN_DATE_BETWEEN_AND']);
174  $tpl->assign('STR_SEARCH_ALL_WORDS', $GLOBALS['STR_SEARCH_ALL_WORDS']);
175  $tpl->assign('STR_SEARCH_ANY_WORDS', $GLOBALS['STR_SEARCH_ANY_WORDS']);
176  $tpl->assign('STR_SEARCH_EXACT_SENTENCE', $GLOBALS['STR_SEARCH_EXACT_SENTENCE']);
177  $tpl->assign('STR_ADMIN_DATE_BETWEEN_AND', $GLOBALS['STR_ADMIN_DATE_BETWEEN_AND']);
178  $tpl->assign('STR_ADMIN_CHECK_ALL', $GLOBALS['STR_ADMIN_CHECK_ALL']);
179  $tpl->assign('STR_ADMIN_UNCHECK_ALL', $GLOBALS['STR_ADMIN_UNCHECK_ALL']);
180  $tpl->assign('STR_ADMIN_ADMIN_ACTIONS_DATA', $GLOBALS['STR_ADMIN_ADMIN_ACTIONS_DATA']);
181  $tpl->assign('STR_ADMIN_ADMIN_ACTIONS_DELETE_ACTION', $GLOBALS['STR_ADMIN_ADMIN_ACTIONS_DELETE_ACTION']);
182  $tpl->assign('STR_SEARCH', $GLOBALS['STR_SEARCH']);
183  $tpl->assign('STR_ADMIN_ADMIN_ACTIONS_NO_ACTION_FOUND', $GLOBALS['STR_ADMIN_ADMIN_ACTIONS_NO_ACTION_FOUND']);
184  $tpl->assign('STR_ADMIN_ADMIN_ACTIONS_TEMPLATE', $GLOBALS['STR_ADMIN_ADMIN_ACTIONS_TEMPLATE']);
185  $tpl->assign('STR_ADMIN_REMARK', $GLOBALS['STR_ADMIN_REMARK']);
186 
187  $sql = 'SELECT paa.id AS id, paa.action AS action, paa.data AS data, paa.raison AS raison, paa.remarque AS remarque, paa.date as date, pu1.pseudo AS pseudo_admin, pu2.pseudo AS pseudo_membre, pu1.id_utilisateur AS id_admin, pu1.email AS email_admin, pu2.id_utilisateur AS id_membre, pu2.email AS email_membre
188  FROM peel_admins_actions paa
189  LEFT JOIN peel_utilisateurs pu1 ON pu1.id_utilisateur = paa.id_user AND ' . get_filter_site_cond('utilisateurs', 'pu1') . '
190  LEFT JOIN peel_utilisateurs pu2 ON pu2.id_utilisateur = paa.id_membre AND ' . get_filter_site_cond('utilisateurs', 'pu2') . '
191  ' . (!empty($search_array)?'WHERE ' . implode(' AND ', $search_array) . ' AND ' . get_filter_site_cond('admins_actions', 'paa', true):'');
192  $Links = new Multipage($sql, 'affiche_liste_action_moderation', 50);
193  $HeaderTitlesArray = array('', 'date' => $GLOBALS['STR_DATE'], 'id_user' => $GLOBALS['STR_BY'], 'action' => $GLOBALS['STR_ADMIN_ADMIN_ACTIONS_DATE_ACTION_TYPE'], 'id_membre' => $GLOBALS['STR_ADMIN_ADMIN_ACTIONS_CONCERNED_ACCOUNT'], $GLOBALS['STR_ADMIN_ADMIN_ACTIONS_DATA']);
194  $Links->HeaderTitlesArray = $HeaderTitlesArray;
195  $Links->OrderDefault = 'paa.date';
196  $Links->SortDefault = 'DESC';
197  $results_array = $Links->Query();
198  if (!empty($results_array)) {
199  $tpl->assign('links_multipage', $Links->GetMultipage());
200  $tpl->assign('links_header_row', $Links->getHeaderRow());
201 
202  $tpl_results = array();
203  $i = 0;
204  foreach ($results_array as $actions) {
205  $tpl_technical_code = null;
206  $tpl_lang = null;
207  if (!empty($actions['data'])) {
208  if ($actions['action'] == 'SEND_EMAIL') {
209  $template_infos = getTextAndTitleFromEmailTemplateLang(null, null, $actions['data']);
210  $tpl_technical_code = $template_infos['technical_code'];
211  $tpl_lang = $template_infos['lang'];
212  }
213  }
214 
215  $tpl_results[] = array('tr_rollover' => tr_rollover($i, true),
216  'id' => $actions['id'],
217  'date' => get_formatted_date(vb($actions['date']), 'short', true),
218  'action' => $actions['action'],
219  'modif_admin_href' => $GLOBALS['administrer_url'] . '/utilisateurs.php?mode=modif&id_utilisateur=' . $actions['id_admin'],
220  'admin' => (!a_priv('demo')?(!empty($actions['pseudo_admin']) ? $actions['pseudo_admin'] : $actions['email_admin']):'private [demo]'),
221  'is_membre' => !empty($actions['id_membre']),
222  'modif_membre_href' => $GLOBALS['administrer_url'] . '/utilisateurs.php?mode=modif&id_utilisateur=' . $actions['id_membre'],
223  'membre' => (!a_priv('demo')?(!empty($actions['pseudo_membre']) ? $actions['pseudo_membre'] : $actions['email_membre']):'private [demo]'),
224  'raison' => $actions['raison'],
225  'remarque' => $actions['remarque'],
226  'data' => $actions['data'],
227  'tpl_technical_code' => $tpl_technical_code,
228  'tpl_lang' => $tpl_lang
229  );
230  $i++;
231  }
232  $tpl->assign('results', $tpl_results);
233  }
234  $output .= $tpl->fetch();
235 
236  if ($return_mode) {
237  return $output;
238  } elseif (!empty($output)) {
239  echo $output;
240  } else {
241  return false;
242  }
243 }
244 
251 function delete_admin_action($action_id)
252 {
253  if (!empty($action_id)) {
254  query('DELETE
255  FROM peel_admins_actions
256  WHERE id="' . intval(vn($action_id)) . '" AND ' . get_filter_site_cond('admins_actions', null, true) . '');
257  echo $GLOBALS['tplEngine']->createTemplate('global_success.tpl', array('message' => $GLOBALS['STR_ADMIN_ADMIN_ACTIONS_MSG_DELETED_OK']))->fetch();
258  }
259 }
260 
$frm
if(!empty($GLOBALS['site_parameters']['order_specific_field_titles'])) if(check_if_module_active('socolissimo')&&!empty($_REQUEST)&&!empty($_REQUEST['PUDOFOID'])&&!empty($_REQUEST['CEEMAIL'])&&!empty($_REQUEST['SIGNATURE'])&&!empty($_REQUEST['ORDERID'])) elseif(!empty($_POST)) elseif(check_if_module_active('socolissimo')&&!empty($_SESSION['session_commande']['is_socolissimo_order'])) foreach(array('bill'=> 1, 'ship'=> 2) as $address_type=> $session_commande_address_id) $frm['societe1']
Definition: achat_maintenant.php:180
build_terms_clause
build_terms_clause($terms, $fields, $match_method)
builds the sql statement's where clause this will build the sql based on the given information Valeur...
Definition: fonctions.php:3714
get_current_url
get_current_url($with_get=true, $get_short_url=false, $take_away_get_args_array=null)
get_current_url()
Definition: fonctions.php:1743
$GLOBALS
$GLOBALS['DOC_TITLE']
Definition: list_admin_actions.php:19
build_search_terms
build_search_terms($search, $match_method)
Découpe la chaine recherchée en éléments distincts suivant le mode $match_method Valeurs de $match_me...
Definition: fonctions.php:3675
delete_admin_action
delete_admin_action($action_id)
Fonction permettant de supprimer une action en fonction de son id.
Definition: list_admin_actions.php:251
word_real_escape_string
word_real_escape_string($value)
Applique real_escape_string dans le cas où on n'insère qu'un seul mot, de moins de 30 caractères...
Definition: database.php:424
nohtml_real_escape_string
nohtml_real_escape_string($value, $allowed_tags=null)
Protège les données pour insertion dans MySQL ET supprime les tags HTML pour protéger de toute sorte ...
Definition: database.php:400
$results_array
$results_array
Definition: email-templates.php:288
$tpl
if(!empty($_GET['id'])) if(isset($_POST['form_name'], $_POST['form_subject'], $_POST['form_text'], $_POST['form_lang'])&&empty($_GET['id'])) if(empty($_GET['id'])) $tpl
Definition: email-templates.php:220
real_escape_string
real_escape_string($value)
real_escape_string()
Definition: database.php:374
$output
$output
Definition: achat_maintenant.php:16
$form_error_object
if(isset($_POST['pays_zone'])) elseif(empty($_SESSION['session_caddie']->zoneId)&&!empty($GLOBALS['site_parameters']['default_delivery_zone_id'])) if(isset($_POST['type'])) elseif(empty($_SESSION['session_caddie']->typeId)&&!empty($GLOBALS['site_parameters']['default_delivery_type_id'])) if(!empty($_POST['code_promo'])) if(!empty($_GET['code_promo'])&&$_GET['code_promo']== 'delete') $form_error_object
Definition: caddie_affichage.php:51
$tpl_options
$tpl_options
Definition: email-templates.php:222
necessite_priv
necessite_priv($priv, $demo_allowed=true, $configuration_modification=false)
Cette fonction vérifie si l'utilisateur a les privilèges de $priv.
Definition: fonctions.php:1575
get_filter_site_cond
get_filter_site_cond($table_technical_code, $table_alias=null, $use_strict_rights_if_in_admin=false, $specific_site_id=null, $exclude_public_items=false, $admin_force_multisite_if_allowed=false)
Retourne la condition SQL permettant de filtrer les données pour une table.
Definition: fonctions.php:4643
affiche_list_admin_action
affiche_list_admin_action($frm=null, $return_mode=false)
Affiche la liste des actions de moderation.
Definition: list_admin_actions.php:56
query
query($query, $die_if_error=false, $database_object=null, $silent_if_error=false, $security_sql_filter=true)
The query() function is meant to be called anywhere you want to make a query.
Definition: database.php:158
$terms
$terms
Definition: search.php:125
vb
vb(&$var, $default=null)
Variable blanche if $var n'est pas défini, retourne $default, sinon retourne $var.
Definition: format.php:97
elseif
if(strlen($date2)== '10') if($type== 'users-by-age'&&a_priv('admin_users', true)) elseif($type== 'forums-count'&&a_priv('admin_content', true)) elseif($type== 'forums-categories'&&a_priv('admin_content', true)) elseif($type== 'users-count'&&a_priv('admin_users', true)) elseif($type== 'product-categories'&&a_priv('admin_products', true)) elseif($type== 'users-by-sex'&&a_priv('admin_users', true)) elseif($type== 'users-by-country'&&a_priv('admin_users', true)) elseif($type== 'sales'&&a_priv('admin_sales', true))
Definition: chart-data.php:160
necessite_identification
necessite_identification()
Si l'utilisateur n'est pas connecté à un compte, on affiche une page d'identification et arrête le sc...
Definition: fonctions.php:1596
$i
$i
Definition: export_produits.php:70
fetch_assoc
fetch_assoc($query_result)
fetch_assoc()
Definition: database.php:283
get_formatted_date
get_formatted_date($datetime_or_timestamp=null, $mode= 'short', $hour_minute=false)
Afficher une date formatée, en évitant les problèmes liés aux noms de mois sur les serveurs qui ne so...
Definition: format.php:440
get_mysql_date_from_user_input
get_mysql_date_from_user_input($string, $use_current_hour_min_sec_if_missing=false)
Transforme une date formattée par get_formatted_date() en date MySQL Si la date est vide...
Definition: format.php:496
getTextAndTitleFromEmailTemplateLang
getTextAndTitleFromEmailTemplateLang($template_technical_code, $template_lang, $template_technical_id=null)
getTextAndTitleFromEmailTemplateLang()
Definition: emails.php:331
$action
$action
Definition: import_produits.php:24
vn
vn(&$var, $default=0)
Variable nulle if $var n'est pas défini, retourne $default, sinon retourne $var.
Definition: format.php:110
a_priv
a_priv($requested_priv, $demo_allowed=false, $site_configuration_modification=false, $user_id=null)
Renvoie true si l'utilisateur de la session a le privilège $requested_priv ou un droit supérieur Des ...
Definition: user.php:63
$id
$id
Definition: list_admin_actions.php:22
$q
$q
Definition: export_produits.php:62

This documentation for Open ecommerce PEEL Shopping and PEEL.fr has been generated by Doxygen on Thu Oct 15 2015 14:29:14 - Peel ecommerce is a product of Agence web Advisto SAS. All rights reserved.